Keeping your data safe and sound

We’re asking you to trust us with your most valuable company data, and you deserve to know—in plain English—how we’ll handle it.

We never see your password

You authorize Carom through Google or Microsoft directly. They hand us a token you can revoke at any time, from their site, without asking us.

Minimization, always

We ask for the smallest amount of access we can to fulfill our promises to you, and we never import data we don’t need.

Your inbox stays the source of truth

Carom reveals what’s in your inbox—we don’t try to replace it. We never modify or delete your data, so you maintain the canonical records.

Private means private

You decide what your team sees, contact by contact or thread by thread. Threads you keep private are visible to you and no one else.

Encrypted, in transit and at rest

Every connection uses bank-level cryptography to transmit information, and stored content is encrypted.

No lock-in—leave on your terms

Cancel anytime. We delete all your data within thirty days of cancellation, and your inbox (as always) remains your own.

What we ask for

When you connect a mailbox, you authorize access just to the minimal set of data possible through your email provider (Google or Microsoft). Your provider gives us a random token that we can use to access data Carom uses, so we never see your password. You can revoke that token from your provider’s security settings at any time.

What we store

We never store data that isn’t directly shown in Carom (email subjects, contacts, etc.) or used to power the screens we display (internal IDs that allow us to identify emails sent to multiple mailboxes, for example). In practical terms, that data includes:

  • People: the names and email addresses of people you’ve corresponded with
  • Conversations: subjects, short snippets, dates, recipients, and the like
  • Files: file names, sizes, senders, recipients, and dates

We fetch and store full message text and attachments when we need them—to display a thread, preview or download a file, or let an agent summarize a conversation. We do not and will not sell or share your content with anyone, for any reason.

Who can see what

We’re always balancing privacy and transparency: our goal is to enable collaboration, after all. But we follow the principle that anything you share with colleagues is done explicitly. You (or your account administrator) can create shared mailboxes, like sales@yourorganization.example, which you can choose to show to people in your organization. Your own emails, files, and events are never shared within your account unless you explicitly choose to share them, and you can limit that sharing to certain individuals or groups and revoke access at any time.

What about the AI?

Carom’s agents—the ones that summarize threads, tag conversations, and turn emails into tasks—need access to your information to work. If you don’t want them to see this data, you can turn them off. Your data is not used to train any AI models.

Where your data lives

Carom runs on infrastructure hosted with Ubicloud and Amazon Web Services, with stored content encrypted and access to our servers tightly restricted. The complete, current list of vendors we partner with to deliver our services is always in our Privacy Policy.

When you leave

Cancel whenever you like. We’ll terminate billing as soon as you cancel, and you can choose to end your access then or at the end of your current billing period. Within thirty days of closing your account, we delete the data you provided and everything we imported from your mailboxes.

This page is the deal in plain English; the Privacy Policy is the same deal in full detail. If anything here is unclear—or you have a question we didn’t answer—email us at partner@carom.io and we’ll walk you through it.

Want to see Carom without connecting anything?
The live demo runs on sample data—no signup, no email access, nothing to revoke.