MailMerge Pro ("the Extension") is a Chrome browser extension that lets you send personalised bulk emails via your Gmail account using data from Google Sheets or CSV files. This policy explains what data is collected, how it is used, and your rights.
1. Data We Collect
The Extension collects the following data solely to provide its core functionality:
- Recipient data — email addresses and merge-tag fields (e.g. first name, company) that you provide via Google Sheets or CSV. This data is processed locally in your browser and is never stored on our servers.
- Email content — the subject and body of emails you compose. This data is processed locally and sent directly to Gmail via the Gmail API on your behalf. It is never stored by the Extension developer.
- Usage counters — a daily email send count stored locally in your browser (chrome.storage.local) to enforce the free-tier limit. This data never leaves your device.
- Anonymous usage data — anonymous events (such as "popup opened" or "send button clicked") are sent to a developer-owned analytics endpoint to help understand how the Extension is used. No personal data, email addresses, email content, or recipient information is included. Each event is linked only to a random session ID that is generated fresh every time the popup opens and is never stored on your device.
2. How We Use Your Data
- Recipient data and email content are used only to send the emails you request. They are processed in your browser and transmitted directly to Google's Gmail API. We never see or store this data.
- Usage counters are used to enforce the free-tier limit. They are stored locally and never transmitted.
- Anonymous usage data is used solely to understand which features are used and to improve the Extension. It contains no personal information and cannot be used to identify you.
3. Third-Party Services
The Extension integrates with the following Google services under your Google account credentials:
- Gmail API — to send emails and save drafts on your behalf.
- Google Sheets API — to read your recipient data from Google Sheets (read-only).
- Google OAuth 2.0 — to authenticate you and obtain the permissions above. No passwords are stored by the Extension.
- Google Apps Script — anonymous usage events are sent to a developer-owned Apps Script endpoint (not under your credentials). No personal data is transmitted. This endpoint writes only to the developer's private analytics sheet.
Use of these services is subject to Google's Privacy Policy.
4. Data Storage and Retention
- Registration information is retained in the developer's private Google Sheet until you request deletion.
- Local extension data (approval state, usage counters, scheduled job payloads, audit log) is stored in chrome.storage.local on your device and is deleted when you uninstall the Extension.
- No personal data is stored on external servers owned or operated by the developer beyond the registration Google Sheet.
5. Data Sharing
We do not sell, rent, or share your personal data with any third parties, advertisers, or analytics services. The only data transmitted off your device is:
- Your emails — sent to Gmail recipients via the Gmail API, exactly as you request.
- Anonymous usage events — sent to a developer-owned Google Apps Script endpoint. These events contain no personal data, no email addresses, no email content, and no recipient information. See §1 for the full list of fields.
6. Sender Responsibilities
Section added May 23, 2026 to comply with Google's Workspace API User Data and Developer Policy.
MailMerge Pro is designed exclusively for communicating with recipients who have explicitly consented to receive emails from you. By using the Extension you agree to the following:
- Consent required. You must only send emails to recipients who have explicitly opted in to receive commercial or marketing communications from you. Importing a list of contacts does not itself constitute consent.
- Prohibited uses. Using MailMerge Pro to send spam, cold outreach, or any unsolicited commercial email to contacts who have not opted in is strictly prohibited and constitutes a violation of these terms of use.
- Consequences of violations. Violations of this policy may result in removal of MailMerge Pro from the Chrome Web Store and revocation of its Google OAuth verification status. Google and other affected parties may also take independent action under their own policies.
The Extension enforces an in-product acknowledgment gate: before any send, draft-save, or schedule action can proceed, you must actively confirm that all recipients have opted in. This gate resets on every popup open and cannot be pre-confirmed on your behalf.
7. Permissions Used
- gmail.send / gmail.compose — to send emails and save drafts on your behalf.
- spreadsheets.readonly — to read your recipient data from Google Sheets (read-only; no data is written to your sheets).
- userinfo.email — to identify your Google account for authentication.
- identity — Chrome's built-in OAuth API, used to obtain the above tokens.
- storage — to save local state (usage counters, scheduled job payloads, audit log) on your device.
- alarms — to fire scheduled email sends at the time you specify.
- script.google.com — to send anonymous usage events to the developer's analytics endpoint (no OAuth; no user data transmitted).
8. Your Rights
Local extension data (usage counters, scheduled jobs, audit log) can be cleared at any time by uninstalling the Extension or by running chrome.storage.local.clear() in the Extension's DevTools console. For any other privacy-related questions, contact the developer at the address below.
9. Children's Privacy
The Extension is not directed at children under 13. We do not knowingly collect personal data from children.
10. Changes to This Policy
We may update this policy from time to time. The "Last updated" date at the top of this page will reflect any changes. Continued use of the Extension after changes constitutes acceptance of the updated policy.
11. Contact
For privacy-related questions or data deletion requests, contact: