Section 01
Introduction
Icebreakr (“we,” “our,” or “us”) is a professional networking productivity tool that helps students and new graduates connect with decision-makers through AI-personalized emails. This Privacy Policy describes how we collect, use, store, and protect your information when you use our service at Icebreakr.app.
Section 02
Information We Collect
From your sign-in provider
When you sign in with Google or Microsoft we receive your name and email address. Microsoft sending uses OAuth tokens. Gmail sending uses a Gmail app password that you provide before sending.
From you directly
- Resume text you upload, used to generate personalized and professional emails
- Campaign setup details — target companies, job roles, and your career goals
- The emails you review and approve before sending
Section 03
How We Use Your Data
Everything we collect is used to operate Icebreakr — nothing else. Specifically:
- Your name and email identify your profile and are used to send the emails you approve from your account.
- Your resume and campaign details are passed to our AI to generate personalized icebreaker copy.
- OAuth tokens and Gmail app passwords are used solely to send the emails you have reviewed and approved inside Icebreakr.
Section 04
Gmail Sending via SMTP App Password
When you sign in with Google, Icebreakr sends email through Gmail SMTP using a Gmail app password. Learn what a Gmail app password is and how Icebreakr uses it. We:
- Do not read, scan, or store your inbox or any existing emails
- Do not use Gmail data to train AI models or for any advertising purpose
- Do not transfer or sell your Gmail data to any third party
- Do not allow any person to read your Gmail data
Your Gmail app password is verified with Gmail, encrypted, and saved locally in your browser so you do not have to re-enter it for every send. When needed for a send, the encrypted value is attached to that campaign and used only for SMTP authentication. We do not store it as a reusable profile credential.
Section 05
Data Storage and Security
- OAuth tokens, campaign profile fields, lead data, and generated icebreaker text are encrypted at rest using AES-256-GCM encryption.
- Gmail app passwords are encrypted before they are saved locally in your browser or attached to a campaign for sending.
- All data is transmitted over HTTPS.
- We do not store the body of emails sent through our platform beyond confirming delivery status.
Section 06
Data Sharing
We do not sell or share your data, except with third-party service providers who help run the platform — specifically for database hosting, AI generation of email copy, and payment processing. Each provider receives only the minimum data needed to perform their function. No email inbox data is ever shared with any third party. We may also disclose data if required by law.
Section 07
Data Retention
Your account and campaign records are retained while your account is active so you can review past campaigns. Completed campaign leads and generated email details are deleted after you acknowledge completion, or automatically after 30 days. You can request deletion of your account and all associated data at any time in the Icebreakr app.
Section 08
Your Controls
- Request access to, correction of, or deletion of your personal data by contacting us.
- Revoke Google OAuth permissions at any time via Google Account Permissions. This will prevent Icebreakr from sending emails on your behalf until you re-authenticate.
- Revoke a Gmail app password at any time from your Google App Passwords page. Once revoked, Icebreakr cannot send through Gmail until you create and verify a new app password.
Section 09
Changes to This Policy
We will update the “Last updated” date at the top of this page when changes are made. Continued use of Icebreakr after changes constitutes acceptance of the updated policy.