Drag is super-secure

We do not store your data. Here’s why it’s super-safe.

We sit on top of Gmail

Emails are sent via Gmail’s API, we sit on top as a visual layer and do not store your data

Email permissions

Though our browser extension requires certain permissions to open tabs, run scripts and may request access to other websites, we do not monitor your web browsing activities. Our extension does not access or modify your data on any other websites, beyond those needed by to make Drag work. 

SSL encryption

We use the same encryption as Gmail to ensure data is transmitted securely. 

Incident response

We monitor our systems 24/7/365 with a variety of performance measurement and error-checking tools. When problems are detected, our ops team is notified immediately, and the issues are investigated.

We use Google OAuth

We use OAuth so we don’t have access to your password. You can revoke access at any time. 

Data we collect

We do not store any copies of the bodies of your email messages. To enable Drag, we collect and store information about the inbound and outbound activity of our users. We store a permanent copy of metadata (including header information and subject line) in to re-order and change subject lines. 

Hosted on AWS

We host our systems with industry leading cloud IaaS provider, Amazon Web Services. 

Our promise

We promise to uphold the highest possible standards to ensure you not only experience the best product from Drag, but the most secure service also. 

More questions?

We’re here on Live Chat, email or get answers on our Public Roadmap 👇