Privacy Policy

TrailMail (Chrome extension) · Last updated: 16 June 2026

TrailMail ("the extension") helps you predict likely work-email addresses from public company email patterns and, optionally, send emails from your own Gmail account. This policy explains exactly what the extension does and does not do with data.

Summary

The extension has no backend server of its own. It runs entirely in your browser.
We do not sell, rent, or share your data, and we do not run analytics or advertising trackers.
Data is sent only to services you configure or authorize: Hunter.io and Google (Gmail).

What the extension accesses

Public LinkedIn profile data (names, companies, occupations) visible on the pages you open. This is read in your browser to generate predicted emails. It is not transmitted to us or stored off your device.
Company names are sent to Hunter.io (using your own API key) to look up a company's email domain and pattern. See Hunter.io's privacy policy for how they process that request.
Gmail (optional, only if you connect it): with your explicit authorization the extension uses the gmail.send scope to send emails you compose from your own account. It sends one message per recipient on your action. The extension cannot read, search, delete, or modify your mailbox, because gmail.send grants send only access. Your email address is read once (via Google's userinfo endpoint) only to display which account is connected.

What is stored, and where

All of the following is stored locally in your browser via chrome.storage.local and never leaves your device except as described above:

Your Hunter.io API key.
Predicted email results, cached for 14 days to avoid re-spending API credits.
Email templates you create (subject, body, optional attachment).
Records of emails you send (recipient, subject, time) used to show send status.

The Gmail access token is managed by Chrome's identity system, not stored by us. You can disconnect Gmail at any time from the extension, which revokes the token.

Optional email open/click tracking

If you enable tracking, the extension adds an invisible pixel and/or rewrites links so that opens and clicks are recorded. You may use the built-in endpoint or your own self-hosted endpoint. When tracking is enabled, open/click events (an opaque token and timestamp) are recorded at that endpoint so you can see whether your emails were opened. You are responsible for disclosing tracking to recipients where the law requires it (e.g., GDPR). Tracking is off unless you turn it on.

Your responsibilities

Predicted emails are not verified and may be inaccurate. You are responsible for complying with all applicable laws when contacting people (including consent, sender identity, and unsubscribe requirements such as GDPR and CAN-SPAM).

Data deletion

Removing the extension, or clearing its storage, deletes all locally stored data. Disconnecting Gmail revokes the access token.

Contact

Questions about this policy: manan.hiren.shah@gmail.com.

← Back to TrailMail