How Tosite processes your emails

This page explains exactly what happens when you connect a mailbox to Tosite and what we do — and don't do — with the messages we read.

What Tosite reads

When you connect a mailbox via Microsoft OAuth, Tosite reads the subject, sender, body and attachments of messages that look like receipts or invoices. We use a large language model to extract structured data (vendor, amount, date, VAT) — no per-vendor templates, no regular expressions to maintain.

What Tosite doesn't do

• We don't ingest emails that aren't plausibly receipts. A cheap pre-filter rejects obvious non-receipt mail before any LLM cost is spent.
• We don't train any model on your email content. Extraction runs against pre-trained models and the outputs are stored only on your account.
• We don't share your inbox content with third parties beyond the LLM provider Tosite is configured to use, listed on this page once it's deployed in production.

Credentials and tokens

Tosite never sees your mailbox password. The OAuth flow returns a refresh token, which we store encrypted at rest with AES-GCM (per-instance key). Disconnecting a mailbox clears the token; we keep the row only as a foreign-key target so historical receipts and audit entries continue to resolve.

Retention

Receipt rows, attachments, and audit events live for as long as your account does. Deleting your account from the danger-zone on the account page wipes every connected mailbox, every ingested receipt, every audit entry, and every export job. Email message bodies are stored alongside the receipt for re-extraction if a model upgrade lands later.

Your controls

• Disconnect any mailbox at any time from /dashboard/mailboxes. New emails stop syncing immediately.
• Edit or ignore individual receipts from the receipt detail page.
• Export everything as CSV from /dashboard/exports before deleting your account, if you want to keep a copy.

This page is informational and not the formal privacy policy. Tosite is currently a development tool; the legal-grade version will replace this once the product launches publicly.