Legal

Privacy & Data Policy

Last updated: June 11, 2026 · Applies to www.chimelab.co and the Mailbox Ring App Store application

1. Purposes for Which Customer Data Is Processed

Mailbox processes data for the following purposes only:

Mail delivery detection — Ring vehicle motion events trigger on-server analysis of camera frames to detect when a vehicle stops at your Mailbox Zone.
Delivery history dashboard — confirmed deliveries are stored as records with timestamps, confidence scores, and up to nine snapshot thumbnails for your personal history.
Ring account linking — your masked email address and Ring account ID are used to connect your Ring devices to your Mailbox account.
Service operation — account IDs, device IDs, and per-device settings (timezone, sensitivity, cooldown) route events to the correct user and tune detection.
Security and fraud prevention — webhook signatures are verified to ensure motion events originate from Ring.

We do not process data for advertising, profiling, or any purpose not listed above. Mailbox does not send SMS, push, or email delivery alerts — delivery history is available in your dashboard only.

2. Use of Customer Data for AI Model Training

Mailbox does not use customer data to train, fine-tune, or improve any AI model.

Vehicle detection is performed by a local on-server model (YOLO11n ONNX) plus color heuristics. Camera frames are processed on our servers for inference only and are never sent to a third-party AI API.

The detection model weights are downloaded at application build time from a public open-source release — not from user data.

No snapshot images, video clips, or personally identifiable information are used as training data by Mailbox or any sub-processor.

3. Data Retention Periods

Data Type	Retention Period
Delivery snapshot images (object storage)	Up to 9 most recent deliveries keep JPEG snapshots; older delivery rows (10–100) retain metadata only with snapshots automatically deleted
Delivery metadata (timestamps, confidence, detection stats)	Maximum 100 records per user; oldest records deleted on overflow
Recent motion debug records	Maximum 20 rows per user; older rows deleted automatically
Calibration preview image	Single image overwritten on each processing run (used for Mailbox Zone setup in Settings)
Ring OAuth tokens	Deleted immediately upon Ring account disconnect or user account deletion; encrypted at rest while active
Webhook deduplication cache	In-memory only, 24-hour rolling window (not durably stored)
Auth session cookie	30 days maximum
User account data	Deleted immediately upon verified in-app account deletion (Settings → Delete Account)
Structured application logs	Written to hosting provider logs; app does not intentionally log PII, magic links, or OAuth tokens

4. Data Sharing with Third Parties & Sub-Processors

We share data only with the sub-processors required to operate the service:

Sub-Processor	Purpose	Data Shared
Ring / Amazon	OAuth, device list, media download, motion webhooks	Outbound: OAuth tokens, device IDs, timestamps, masked email + nonce for account link. Inbound: motion event JSON from Ring to Mailbox
Resend	Magic-link sign-in email	Recipient email address and one-time sign-in URL
Render Postgres	Primary database	All structured application data (US)
S3-compatible storage (AWS S3, Cloudflare R2, or GCS)	Delivery snapshot images	JPEG blobs keyed per user and delivery
Hosting provider (e.g. Render, GCP Cloud Run)	Application runtime	Processes all of the above; infrastructure may log IP addresses and request metadata

We do not sell, rent, or share customer data with advertisers, data brokers, or any other third party. We do not use analytics trackers, SMS providers, or third-party AI inference APIs.

5. How to Exercise Your Privacy Rights (DSAR / Deletion)

You have the right to access, correct, export, or delete your personal data at any time. To submit a request:

In-app deletion — go to Settings → Delete Account. Your account, Ring connection, delivery history, device settings, and stored snapshots are deleted immediately.
Data export (DSAR) — email contactchimelab@gmail.com with the subject line “Data Access Request” from the email address on your account. We will respond within 30 days with a machine-readable export of all data associated with your account.
Correction — update your timezone, Mailbox Zone, and detection sensitivity directly in Settings. For other corrections, email the address above.

We do not charge a fee for privacy requests. We will verify your identity before fulfilling any request.

6. Available Opt-Out Mechanisms

Disconnect Ring — uninstall or disconnect Mailbox from the Ring App Store. This immediately revokes Mailbox's access to your Ring account and stops all motion event processing. Existing delivery records are retained until you delete your account.
Disable a device — turn off detection for a specific camera in Settings without disconnecting your full Ring account.
Delivery watch hours — motion outside 6 AM–8 PM in your configured timezone is not processed for delivery detection.
Delete account — permanently removes all data as described in Section 5.
AI processing opt-out — because automated vehicle detection is the core function of the service, it cannot be disabled independently. Disconnecting your Ring account or disabling the device stops all frame processing.
Ring privacy zones — you may configure privacy zones in the Ring app to mask areas of your camera view. Mailbox does not yet apply privacy-zone masks before inference; support is planned.

7. How Opting Out of Data Usage for Training Affects Your Service

Mailbox does not use customer data for AI training (see Section 2). There is therefore no opt-out required for training, and no service impact from such an opt-out.

The detection model is a general-purpose open-source object detector. Its accuracy is not affected by any individual user's data.

8. Instances Where Humans May View Customer Data

Human access to customer data is strictly limited:

Support requests — if you contact support, a Mailbox operator may view your delivery records (timestamps, confidence scores, detection metadata) to diagnose issues. Raw snapshot images are not viewed unless you explicitly share them or request help that requires it.
Security incidents — in the event of a suspected security breach, authorized personnel may review structured logs to assess scope and remediate.
Legal obligations — we may disclose data to law enforcement if required by a valid legal order.
Calibration preview — the most recent motion frame used for Mailbox Zone setup is viewable by you in Settings; it is not routinely reviewed by operators.

No Mailbox operator routinely views customer snapshot images or camera footage.

9. How Users Can Control and Review Their Data

Delivery history — view logged deliveries, including snapshot thumbnails (up to nine most recent), timestamps, and confidence scores on the Dashboard.
Device settings — configure Mailbox Zone, detection sensitivity, and timezone in Settings.
Ring disconnect — immediately stops all future data collection from your Ring account.
Account deletion — permanently deletes all stored data immediately (see Section 5).
Data export — request a full machine-readable export of your data at any time via email (see Section 5).

10. How We Inform Customers About Changes in AI Capabilities

We communicate detection capability changes through the following channels:

This privacy page — the “Last updated” date at the top of this page is updated whenever AI processing practices change. Users are encouraged to review this page periodically.
Email — for significant changes affecting data processing, we will send an email to the address on file at least 14 days before the change takes effect.
Ring App Store listing — the app description and version release notes on the Ring App Store are updated to reflect new detection features.