What we read, what we store, how we protect it.
Enrola processes your inbox to run the product. We're specific about what that means — because "we take your data seriously" isn't a security posture, it's a press release. Here's the actual detail.
Security controls
All email content transmitted to Enrola's processing pipeline is encrypted via TLS 1.3. Thread data stored for draft generation is AES-256 encrypted.
Enrola processes your email threads to generate follow-up drafts. That content is never used to train shared models or shared across customer accounts.
Customer data is processed and stored in AWS ap-southeast-2 (Sydney). Australian customers: your data doesn't leave AU.
We design our infrastructure and access controls with SOC 2 Type II principles in mind. Formal audit is on our compliance roadmap.
Enrola never stores your email credentials. Inbox access is granted via Google OAuth / Microsoft OAuth and can be revoked at any time from your account.
Cancel your account and your data is deleted within 30 days. Individual thread data can be deleted on request at any time.
Enrola is incorporated in New South Wales, Australia and handles personal information in accordance with the Australian Privacy Act 1988.
Security or data handling questions? Contact our team directly — we respond within 1 business day (Sydney AEST).
[email protected]