Legal
Privacy Policy
Last updated: May 2026
1. Introduction
Salience is operated by Snowgum Digital Pty Ltd (“we”, “us”, “our”). Salience is an AI-powered email classification platform that helps professionals sort, categorise, and act on their email automatically.
This policy explains what information we collect, how we use it, and your rights regarding your data. It applies to all users of the Salience platform at salience.so.
2. Information We Collect
Account information: When you create an account, we collect your name, email address, and timezone. If you sign in via Google or Microsoft OAuth, we receive your name and email from the provider.
Email data: When you connect a Gmail or Outlook account, Salience accesses your email via OAuth to classify incoming messages. We process email content (sender, subject, body, attachments) for classification. We do not store the full content of your emails. We store classification results, category assignments, and extracted metadata from attachments.
Payment information: Payments are processed by Stripe. We do not store your credit card details. Stripe provides us with a customer ID and subscription status.
Usage data: We collect information about how you use Salience, including workflow configurations, classification feedback, and feature usage, to improve the service.
2.5. Where your data goes
Salience runs entirely on local hardware that we operate. Email classification, OCR, speech-to-text, text-to-speech, and embedding generation all happen on a single self-hosted server at a fixed physical location. The list below is exhaustive: every external service we contact, what we send, why, and how long we hold it.
| Service | Data sent | Purpose | Retention |
|---|---|---|---|
| XeroAccountingOptional | Refresh token; contact lookups; bill/invoice drafts you create | xero_expense action plus 23 Xero AI tools (see the Xero card in Settings, Integrations for the full scope list) | Tokens stored until you disconnect; revoked at Xero on disconnect |
| QuickBooks OnlineAccountingOptional | Refresh token; contact lookups; expense bill drafts | quickbooks_expense action plus QBO AI tools | Tokens stored until you disconnect |
| Gmail (Google)Email (one of) | OAuth token; one-way pull of message metadata plus body | Read inbox messages for classification plus send draft replies via your own account | Tokens stored until you disconnect |
| Outlook (Microsoft Graph)Email (one of) | OAuth token; one-way pull of message metadata plus body | Read inbox messages for classification plus send draft replies via your own account | Tokens stored until you disconnect |
| SlackOutput channelOptional | Bot token; message text plus classification snippets you route there | The slack action type | Until you disconnect |
| Microsoft TeamsOutput channelOptional | Bot token; message text plus classification snippets you route there | The microsoft_teams action type | Until you disconnect |
| Google Calendar / Microsoft CalendarCalendarOptional | OAuth token; event titles plus descriptions you create | The calendar_event action and Smart Schedule | Until you disconnect |
| JiraIssue trackerOptional | OAuth token; issue titles plus descriptions you create | Jira AI tools and jira_create_issue action | Until you disconnect |
| StripeBilling | Customer email; subscription metadata; tax jurisdiction | Process subscription payments | Per Stripe's data policy |
| AWS SES (ap-southeast-2)Transactional email | Outbound: digests, billing, support replies. Inbound: support emails sent to support@help.salience.so | Email round-trip for support tickets and notifications | Inbound emails stored in S3 for thread reconstruction; auto-purged per support retention policy |
| CloudflareEdge / DDoS | Standard CDN headers (CF-IPCountry for currency detection) | Currency localisation; edge protection | Not stored by Salience |
What never leaves Salience infrastructure: every prompt sent to the language model, every page of OCR, every word of speech transcription, every TTS audio generation, every embedding vector. All AI processing happens on a single self-hosted server at a fixed physical location. There is no cloud LLM fallback, no anonymous telemetry, no analytics third party watching your data.
What runs locally
- Language model: Qwen 35B (Email classification, AI Module, summaries, draft replies)
- OCR: docTR (CPU) (Extract text from scanned PDF attachments)
- Speech-to-text: Moonshine v2 streaming + Whisper fallback (Ask Salience voice mode transcription)
- Text-to-speech: Kokoro (Ask Salience voice replies)
- Embeddings: all-MiniLM-L6-v2 (Semantic context retrieval for the AI agent)
3. How We Use Your Information
- To classify your incoming email into your configured workflow categories
- To execute automated actions (labels, notifications, webhooks) based on classification results
- To extract structured data from email attachments (PDFs, images) for your workflows
- To process payments and manage your subscription
- To improve classification accuracy through your feedback
- To send you service-related communications (trial expiry, billing, security notices)
4. AI and Data Processing
Salience uses a local-first AI model for email classification. This means:
- Your email content is processed by an AI model running on our infrastructure
- Email content is never sent to external AI providers such as OpenAI, Google, or Anthropic
- Classification happens in-memory. Only the resulting category, confidence score, and extracted metadata are stored
- Your email content is not used to train AI models
Email Attachments
Attachments on classified emails (PDFs, images, Word documents, spreadsheets) are processed in memory for text extraction. The extracted text is classified by our AI. Original attachments are not stored on disk or in object storage. If a matched action requires the original file (such as attaching a receipt to a Xero expense), the file is held in memory for the duration of that synchronous operation and then discarded.
5. Third-Party Services
We use the following third-party services:
- Stripe for payment processing
- Google for OAuth authentication and Gmail API access
- Microsoft for OAuth authentication and Outlook/Graph API access
When you configure action connectors in your workflows, data is shared with those services as needed to execute the action. For example, if you set up a Slack notification action, the classification result and relevant email metadata are sent to Slack. You control which connectors are active. Supported connectors include Slack, Microsoft Teams, Google Sheets, Google Calendar, Microsoft Calendar, Xero, QuickBooks, Jira, Zapier, and webhooks. No data is shared with these services unless you explicitly configure an action.
6. Data Retention and Deletion
Active accounts: Your data is retained while your account is active. Classification history and workflow configurations are stored to provide the service and improve accuracy.
Account deletion: When you delete your account, all personal data is permanently removed. This includes your name, email address, classification history, workflow configurations, and connected account credentials.
Tombstone records: After account deletion, we retain a non-identifiable hashed record (a SHA-256 hash of your email address combined with a server-side salt). This record cannot be reversed to identify you. It exists solely to prevent trial abuse. It contains no personal information.
7. Your Rights
Under the Australian Privacy Act 1988 and the EU General Data Protection Regulation (GDPR), you have the right to:
- Access the personal data we hold about you
- Correct inaccurate personal data
- Delete your personal data (right to erasure)
- Export your data in a portable format (data portability)
- Withdraw consent for third-party connector integrations at any time
- Lodge a complaint with a supervisory authority (the Office of the Australian Information Commissioner, or your local EU data protection authority)
To exercise any of these rights, contact us at privacy@salience.so.
8. Data Security
We protect your data with:
- Encryption in transit (TLS) for all connections
- Encrypted database storage for credentials and sensitive data
- Local AI processing that keeps email content off third-party servers
- OAuth-based email access (we never ask for or store your email password)
9. International Transfers
Salience is operated from Australia. If you are accessing the service from outside Australia, your data may be transferred to and processed in Australia. By using Salience, you consent to this transfer. We ensure that any international data transfers comply with applicable data protection laws.
10. Changes to This Policy
We may update this policy from time to time. If we make significant changes, we will notify you via email or through the Salience dashboard. Continued use of the service after changes constitutes acceptance of the updated policy.
11. Contact
For privacy-related enquiries, contact us at privacy@salience.so.
Snowgum Digital Pty Ltd
Australia