Security & Trust
Last Updated: December 30, 2025
Protecting your data — and your clients' privacy — is the foundation of our platform.
This page explains, clearly and transparently, what we access, what we never access, how we secure it, and what protections exist even in a worst-case scenario.
We operate two services:
- Found Opportunity ("FO"): scans your spam/junk folder to surface misfiled business opportunities.
- OWL ("On-call Watch List"): checks newly received Inbox messages against your VIP rules and can send alerts when a message matches.
FO and OWL are referred to collectively as the "Services." Where a term applies to only one Service, we label it FO only or OWL only.
For IT & Security Teams
Security questionnaire PDFs:
- Found Opportunity (FO) Security Questionnaire (PDF) — spam/junk-only
- OWL Security Questionnaire (PDF) — Inbox-only (newly received only)
Need a completed vendor form, DPA, or additional documentation? Email support@foundopportunity.com.
1. What We Access (and Why)
Both Services use OAuth to connect to Gmail or Outlook/Microsoft 365. We use read-only permissions and do not store your email password.
FO only Found Opportunity — spam/junk opportunity detection
FO accesses spam/junk folders only so it can detect misfiled business opportunities.
We access:
- Emails in spam/junk folders only:
- Gmail: messages labeled
SPAM - Outlook/Microsoft 365: folders named "Junk Email" or "Junk"
- Gmail: messages labeled
- Sender name and email address
- Subject line
- A short body preview (approximately 300 characters) for opportunity detection
- Date/time received
- Technical identifiers (e.g., message ID) used for reliability, deduplication, and security
We do NOT access:
- Inbox
- Sent mail
- Drafts
- Trash/Deleted Items
- Contacts
- Calendar
- Attachments
- Your email password
OWL only OWL — VIP rules and alerts (Inbox-only, newly received only)
OWL checks newly received Inbox messages against the VIP rules you configure (e.g., sender, domain, keywords, threads) and generates alerts for matches.
We access:
- Inbox only:
- Gmail: messages labeled
INBOX - Outlook/Microsoft 365: messages in the "Inbox" folder
- Gmail: messages labeled
- Newly received messages only (no historical Inbox scanning)
- Sender name/email, recipients (To/Cc as needed for matching), subject line
- Date/time received
- Thread/conversation identifiers (for thread-based rules and deduplication)
- The portion of the message body needed to evaluate your rules and provide Alert Details for matching messages (up to 10,000 characters)
- Technical identifiers (e.g., message ID) used for reliability, deduplication, and security
- Device push tokens (to deliver alerts to your phone)
We do NOT access:
- Spam/Junk folders
- Sent mail
- Drafts
- Trash/Deleted Items
- Contacts
- Calendar
- Attachments
- Your email password
2. Why You Can Trust Folder Scope Is Enforced
Email providers do not offer a "spam-only" or "inbox-only" permission scope. OAuth read-only scopes can technically allow reading mail. So we enforce folder scope by design and controls:
FO only Spam/Junk-only enforcement
- FO is designed to query only spam/junk sources (Gmail
SPAM; Microsoft "Junk Email"/"Junk"). - FO includes safeguards intended to detect and halt anomalous mailbox access.
OWL only Inbox-only + newly received-only enforcement
- OWL is designed to query only Inbox sources (Gmail
INBOX; Microsoft "Inbox"). - OWL is designed to process newly received messages as they arrive and does not scan historical Inbox to generate alerts.
- OWL includes safeguards intended to detect and halt anomalous mailbox access.
External accountability
Our OAuth integration is subject to provider verification and ongoing compliance requirements. Deviations from declared behavior can risk OAuth access revocation.
3. Read-Only Permissions = We Cannot Send or Modify Email
We request read-only OAuth scopes (e.g., gmail.readonly / Mail.Read). This means we cannot:
- send email
- delete email
- move email
- modify labels/folders
- mark messages read/unread
- access drafts with write actions
4. What Happens If You Disconnect
You can disconnect anytime:
- From your dashboard, or
- From Google/Microsoft security settings
Once disconnected:
- Our stored OAuth tokens are deleted/invalidated without undue delay
- All scanning stops immediately; we can no longer access your email
- Records already created follow the retention rules below unless you delete your account (which deletes active records without undue delay)
5. Data Handling & Auto-Deletion
FO only FO retention (7 days)
FO stores opportunity records for up to 7 days, then automatically deletes them. FO also stores limited technical identifiers (e.g., hashed message IDs) while your account is active to prevent duplicates and support security; these are deleted when you delete your account.
OWL only OWL retention (7 days)
OWL stores alert records (and Alert Details content for matching messages, up to 10,000 characters) for up to 7 days, then automatically deletes them. OWL also stores limited technical identifiers (e.g., hashed message IDs) while your account is active to prevent duplicates and support security; these are deleted when you delete your account.
Both What we never store
- Email attachments
- Full mailbox history exports
- Your email password
6. Encryption & Infrastructure
Both We maintain safeguards designed to protect data, including:
- Encryption in transit (TLS)
- Encryption at rest for stored records
- Secure OAuth token handling (no password storage via OAuth)
- Access controls and least-privilege practices
- Encrypted backups that rotate in the ordinary course
7. Security Monitoring & Controls
Both We use operational controls to protect the Services, such as:
- Monitoring and alerting for service reliability and anomalies
- Vulnerability scanning and security assessments
- Secure administrative access controls
8. Worst-Case Scenario: What If We Were Hacked?
Even in the unlikely event of a server breach:
Both What an attacker still could NOT do
- Send emails
- Delete emails
- Move emails
- Modify your mailbox
What they could potentially access
- Limited Service records stored within the retention window (FO opportunities; OWL alerts), plus related technical identifiers.
- They would not gain your email password (we do not store it via OAuth).
9. Third-Party Providers
We only share data with vendors essential to providing the Services. Service usage is labeled below.
- Google Both: OAuth, Gmail API access, Play Store distribution, Firebase Cloud Messaging
- Microsoft Both: OAuth and Outlook/Microsoft 365 API access
- Apple Both: App Store distribution and Apple Push Notification Service (APNs)
- DigitalOcean Both: hosting, managed database, encrypted backups
- SendGrid Both: transactional emails (magic links, service notices)
- Stripe Both: billing (we do not store full card numbers)
- Anthropic (Claude AI) FO only: email content analysis for opportunity detection
- UptimeRobot Both: uptime monitoring
- Intruder.io Both: vulnerability scanning
- Namecheap Both: domain/DNS hosting (website/DNS logs such as IP addresses and user agents)
We do not sell user or email data.
10. You Stay in Control
Both
- Export your data anytime
- Disconnect anytime
- Delete your account anytime
Need to Talk Security?
We're always available to answer technical questions — including from IT teams, CTOs, and security officers.