Kerna LogoKerna.io
🔒
SecurityFeb 5, 20265 min read

Zero Retention: How Kerna Processes Your Email Without Storing It

Your emails are processed in real-time and immediately discarded. No logs, no training data, no stored drafts. Here's how Kerna's privacy architecture actually works.

Every AI tool that touches your email has a trust problem. You are handing over your most sensitive business communication — contracts, negotiations, financial data, personnel issues — to a third-party system. The natural question is: what happens to that data after the AI processes it?

With most tools, the honest answer is complicated. Data may be logged for debugging. It may be stored for "product improvement." It may be used to train future models. Terms of service are deliberately vague.

Kerna takes a fundamentally different approach.

The Zero Retention Architecture

When you click Summarize, Reply, or Translate in Kerna, here is exactly what happens:

  1. 1Encryption — Your email content is encrypted and sent to the AI inference engine (OpenAI).
  2. 2Processing — The model generates the requested output (summary, reply, translation).
  3. 3Delivery — The result is returned to your Gmail sidebar.
  4. 4Deletion — The source email content is immediately purged. It is not logged, cached, or written to any persistent storage.

There is no step 5. We do not retain your data. Period.

What We Store (and What We Don't)

Kerna stores exactly three categories of data:

We store: Your email address, subscription plan, token usage count, and display preferences (language, tone). This is the minimum required to operate the service.

We do not store: Email content, email subjects, recipient addresses, attachment content, summaries generated, replies drafted, or any text processed by the AI.

We never: Train models on your data, share data with third parties, or allow any human at Kerna to access your email content.

Google Verified

Kerna is published through the Google Workspace Marketplace and passes Google's security review process. The add-on operates within Google's OAuth framework, requesting only the minimum permissions required: read the current email thread and compose in the current window.

GDPR & EU Compliance

As a European company headquartered in Poland, Kerna operates under EU data protection regulations by default. Your data is processed under strict GDPR guidelines. We do not transfer personal data outside the EEA for storage.

Why This Matters for Enterprise

For CISOs and IT directors, the "Shadow AI" problem — employees pasting sensitive data into unsanctioned AI tools — is a growing threat. Kerna provides the productivity benefits of AI while keeping sensitive data within a controlled, auditable pipeline.

Zero Retention is not a feature. It is the foundation of everything we build.

Back to all articlesTry Kerna Free
Zero Retention: How Kerna Processes Your Email Without Storing It — Kerna Blog | Kerna