Does Ellie read my emails?

Yes — that's how she drafts replies. With your permission, Ellie reads the threads in your connected Gmail or Outlook so she can categorise them and write replies in your voice. Drafts sit in your Drafts folder, and nothing sends until you say so. Ellie does not store your email content on our servers, share it with anyone, or use it to train AI models. Each thread is read at draft time and discarded once the draft is written. You can disconnect your account at any time from your Ellie dashboard.

What browsers are supported?

Ellie is available as a Chrome, Firefox or Edge Extension. Visit the downloads page for more information.

What email clients are supported?

Ellie fully supports Gmail and Outlook. Drafts appear natively inside your existing inbox — no new app, no new workflow.

Why is there a limit on the number of replies?

Training AI and generating content costs a fair amount of money. We're a small team without external funding so we have to charge for our work! You can sign up for one of our paid plans to get more replies.

Why did you make this?

Email is one of the most useful inventions ever, but the deal is rigged: anyone can put anything in front of you, and the only person who pays for that is you, in time. We built Ellie to flip that — by drafting your replies in the background, in your voice, so the inbox stops being the first hour of your day. You wake up to drafts; you skim, tweak, and send. Some people use Ellie to overcome reply anxiety, or as a tool to help with dyslexia, or just because writing in English (or any other language) doesn't come easily to them.

How does teaching Ellie new information work?

Three ways. Documents and websites: point Ellie at a file (PDF, DOCX, TXT, etc.) or a URL and she'll read or crawl it, summarise the policies and product details, and use that information when a reply needs it. Re-indexing happens automatically. Structured data uploads: upload a CSV, spreadsheet, or export from your CRM, helpdesk, or order system. Ellie keeps the per-record structure, so when a draft needs a specific fact (renewal date, plan tier, ticket status, order number) she can look it up cleanly rather than guessing. API integrations (coming soon): connect your CRM, helpdesk, billing, or e-commerce tools directly so Ellie pulls the live record at draft time. On top of all of that, Roles let teams who wear different hats give Ellie a different knowledge base and tone per role. Ellie won't make up facts that aren't in her source material — if she doesn't know, the draft says so.

I don't want you to read my private emails!

Your email content is never used to train AI models — not ours, not OpenAI's, not anyone else's. It's only used to generate the draft you're asking for, and never leaves our secure backend. We don't store your email content on our servers, and we promise never to share, sell, or do anything shady with your data. We're independent developers with no investors and no incentive to do otherwise — see our security page (/security) for the technical detail.

Privacy Policy

Your privacy is important to us. It is our policy to respect your privacy regarding any information we may collect from you across our website, tryellie.com, and any other sites we own and operate.

Cookies and similar technologies

We use cookies and similar tracking technologies to make Ellie work, understand how you use it, and — with your consent — measure the effectiveness of our marketing. You can manage your preferences at any time via the Manage cookie preferences link in the footer of any page.

We group cookies into three categories:

Necessary

These cookies are required for Ellie to function and cannot be turned off. They handle authentication, security, and remembering settings you've chosen.

Analytics

We use PostHog for analytics, hosted in the EU. We have configured PostHog in cookieless mode — it does not store any cookies or local browser data. Instead, PostHog generates an anonymous, daily-rotating server-side hash from your IP address and browser string; this hash cannot be reversed to identify you and is deleted after processing. Because no cookies are set, no consent is required for this analytics. PostHog's privacy policy is at posthog.com/privacy.

Marketing

We measure the effectiveness of our advertising on LinkedIn, Facebook, and Instagram, and we work with affiliate partners who get credited if you sign up via their referral. With your consent, we set cookies from:

Service	What it does	Cookie names	Privacy policy
LinkedIn Insight Tag	Measures conversions from LinkedIn ads and lets us show ads to people similar to existing Ellie users.	`bcookie`, `bscookie`, `lidc`, `li_fat_id`	LinkedIn
Meta Pixel (Facebook + Instagram)	Measures conversions from Facebook and Instagram ads and lets us show ads to similar people.	`_fbp`, `_fbc`	Meta
Tolt	If you arrived via an Ellie affiliate referral link, we record this so the affiliate gets credit if you sign up.	`tolt_*`	Tolt

You can opt out at any time via the cookie preferences link, and we'll stop setting these cookies and stop sharing data with these services going forward.

Server-side conversion measurement

Independently of the browser cookies above, we share a limited set of personal data with LinkedIn and Meta server-to-server when you complete certain actions on Ellie — specifically when you sign up for a free trial or upgrade to a paid plan. This is so we can measure the effectiveness of our ads.

We share only:

A SHA256 hash of your email address (irreversibly hashed before transmission)
A SHA256 hash of your first and last names (irreversibly hashed)
The country code we determined from your IP address
A click identifier from the ad you arrived on (fbclid from Meta or li_fat_id from LinkedIn), if applicable
The action you took ("signup" or "purchase") and the time it occurred

We do not share your raw email address, your message content, your contacts, or any other personal data with these services.

The lawful basis for this processing is legitimate interest under UK GDPR Art. 6(1)(f) — measuring the effectiveness of our paid acquisition is a necessary part of running a sustainable business. We have weighed this against your privacy interests and concluded that hashed identifier sharing for measurement is proportionate. You can object at any time by emailing hi@tryellie.com.

We have entered into Joint Controller agreements with both LinkedIn and Meta covering this data exchange. The relationship is governed by:

LinkedIn: Customer Insights Service Terms
Meta: Business Tools Terms

1. Personal information

We only ask for personal information when we truly need it to provide the service to you. We collect it by fair and lawful means, with your knowledge and consent. We also let you know why we're collecting it and how it will be used.

We only retain collected information for as long as necessary to provide you with your requested service. What data we store, we protect within commercially acceptable means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification.

You are free to refuse our request for your personal information, with the understanding that we may be unable to provide you with some or all of our service.

2. GDPR

i. Your data

You have the option to provide Ellie with various data to help to "train" the AI to write like you. Some of this data is stored on our systems, such as the information that you explicitly provide us from the "Knowledge Base" feature. This data is used to compliment future email replies.

When you ask Ellie to write an email on your behalf, this training data is sent alongside a section of the most recent email replies in the thread to OpenAI, who provide the machine learning models that make Ellie possible. The data is only ever shared with OpenAI for this purpose.

No other data is harvested from your email client.

The result of the reply generation is returned directly to you, and we do not store or share it.

We have requested that OpenAI do not use any data we send them to train future models, so there should be no concern about your information being regurgitated by the AI in future.

We are dedicated to upholding the privacy of your information and agree to never do anything with any data we create from any of your information, except provide you an excellent service.

For financial administration purposes, if you subscribe to a plan then we process your name, email and credit card details. We are not able to process your payment without this information. We will delete this information as soon as you delete your account. If desired, we can send you an invoice. We will then process your company name, address and VAT ID. According to a legal obligation of the Estonian Tax and Customs Administration, we are required to store invoice data for 7 years. After this period we will anonymize this data.

In the unlikely event that you have a complaint about our services, we will process your name, email and the content of and communication regarding this complaint in order to find the best possible solution for you.

We have a commercial interest in using some of your personal data for marketing purposes. We process your email for direct marketing. We process your email when you ask us a question in the chat box or when you indicate that you want to be kept informed about our latest blog articles. We will delete this information as soon as you unsubscribe or indicate that you no longer wish to be contacted by us.

ii. How do we obtain this information?

We have obtained the above information from you as a user of the Ellie extension, because you have provided us with this information. Furthermore, we can obtain your address, as known by the government, through our payment provider Stripe when we validate your VAT number.

iii. What rights do you have with regard to this data?

If you are an EU resident then you have the right at any time to request all the personal information we have for you as dictated by the General Data Protection Regulation (GDPR). Under the same regulation, we will also delete any or all of this information at your request.

In short, these are your full GDPR rights:

Access - You can request to view your data at any time.
Correct - If you want to have your data adjusted, corrected, supplemented, protected or erased, you can submit a request and we will be happy to make those changes for you.
Object - You can object to the processing of your data.
Data transfer - If you want to transfer your data to another provider, we will provide your data in a structured and commonly used form that can be accessed by common digital systems.
Automated processing - You may always inform us of your view on an automated decision and have this decision reconsidered by a third person.
Withdrawal - When we process data based on your explicit consent, you have the right to withdraw your consent. This may have consequences for the services we are able to provide to you.

If you are not an EU resident then we will still afford you these rights if you ask for it, because we believe you should possess them regardless of where in the world you live.

Deleting your data

If you delete your Ellie account (Settings → Account → Delete account, or by emailing hi@tryellie.com), we will:

Permanently delete your account, drafts, training data, and personal information from Ellie's systems within 30 days.
Delete your analytics data from PostHog within 30 days.
Send a deletion signal to LinkedIn and Meta via their Conversions APIs to remove your hashed identifier from their conversion records, where their APIs support this.
Provide written confirmation of deletion within 30 days of your request.

Note that LinkedIn and Meta may retain conversion records for their own retention periods (typically 90–180 days) before our deletion request fully propagates. We have no control over their internal retention; you can also exercise your rights with them directly via their privacy contact pages linked in the table above.

iv. Who receives your data?

We will not provide your data to third parties, unless this is necessary for business operations or is required by law. We try to use as few external services as possible. Your data can be passed on to processors and parties involved in the execution of the agreement. We conclude processing agreements with these third parties to optimally protect your privacy.

Your data will always remain yours. We will never sell your data to third parties.

These are our data-providers and how they use your data;

AI Modeling and generating email replies ( OpenAI and Microsoft Azure )
Page view analytics ( PostHog )

We use PostHog in cookieless mode (no browser cookies or local storage). PostHog uses EU-based hosting and generates a daily-rotating anonymous hash for counting page views; your analytics data is not transferred outside the EEA.
Payment processing ( Stripe )
AI Monitoring & Analysis ( Helicone )
Knowledge Base data retrieval ( Pinecone )
Advertising measurement & conversion tracking ( LinkedIn, Meta / Facebook & Instagram ) — with your consent for front-end pixels; server-side hashed data sharing under legitimate interest (see above).
Affiliate referral tracking ( Tolt ) — with your consent.

Children's Privacy

Ellie is not intended for use by children under the age of 16. We do not knowingly collect personal information from children. If you believe that a child has provided us with personal information, please contact us and we will take steps to delete such information.

International Data Transfers

We use EU-based hosting for our analytics (Posthog) and payment processing (Stripe). As a result, your data is not transferred outside the European Economic Area (EEA).

3. External sources

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies.

It's also possible for Ellie to generate URLs that link to external websites. The same applies to these.

4. Transfers of ownership

In the event that we are involved in a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will ensure that any new entity to which we transfer your data will continue to honor the terms of this Privacy Policy, or will provide notice and obtain your consent if required by applicable laws.

5. Security

We take the security of your personal information seriously and implement a variety of measures to safeguard it, including:

Data Encryption: We use industry-standard encryption protocols to protect data during transmission and storage.
Access Controls: Access to personal information is restricted to authorized personnel only, based on the principle of least privilege.
Regular Audits: We conduct regular internal security audits and assessments to identify and mitigate potential vulnerabilities.
Secure Storage: Personal information is stored on secure servers with robust access controls and monitoring.
User Authentication: We employ multi-factor authentication (MFA) to secure our own user accounts and access to our services.
Third-Party Security: We ensure that any third-party service providers we use also adhere to stringent security standards and practices.

We are committed to protecting your information and will continue to improve our security practices to keep your data safe.

6. Final provisions

We believe that by following these rules we can keep your data as safe as possible, but if you have any suggestions on how we can improve then let us know!

Your continued use of our website will be regarded as acceptance of our practices around privacy and personal information. If you have any questions about how we handle any of our data, feel free to contact us.

This policy was last updated on the 7th May 2026.

Changelog

2026-05-07 — Added LinkedIn Insight Tag, Meta Pixel, and Tolt to the cookies and tracking section. Added a Conversions API server-side data sharing section. Added a "Deleting your data" subsection. Added LinkedIn and Meta to the third-party services list. Reflects the launch of paid advertising on LinkedIn, Meta, and Google.
2024-11-09 — (previous update)
2024-09-11 — View archived version
2022-12-15 — View archived version