Your emails stay yours.
A read receipt shouldn't mean handing over your inbox. MailViewed is built so that it physically can't read your mail — here's exactly how, in plain English.
The extension has no permission to read, search, or download your emails. It only adds an invisible pixel to messages you send and shows your read receipts. It does not use the Gmail API and literally cannot open your inbox.
When you send a tracked email, we receive only the subject line and the recipient's address — the minimum needed to show you which email was opened. The body is never sent to us and never stored. Ever.
Sign-in uses Google's official OAuth. We receive only your name and email address — never your Google password, and never access to your mailbox. You can revoke access from your Google account at any time.
Every connection to MailViewed runs over HTTPS/TLS. Data moving between your browser, the extension, and our servers is encrypted end to end of the wire.
Export everything you've tracked as JSON, or delete your account in one click — which permanently wipes your data within 7 days. No retention games.
Least-privilege permissions, per-account isolation, rate limiting, hardened HTTP security headers, parameterized database queries, and no secrets in any code that ships to your browser.
What MailViewed can — and can't — see
- The subject line of emails you choose to track
- The recipient's email address
- When a tracked email is opened (and a rough location/that it was a real human vs a scanner)
- The body or content of any email
- Anything in your inbox or other emails
- Your Google password or account credentials
- Emails you didn't choose to track
Still not sure? Revoke us in two clicks.
You stay in control. Remove MailViewed from your Google account at myaccount.google.com/permissions anytime, or uninstall the extension — and we keep nothing we shouldn't. For the legal details, see our Privacy Policy.