Guides
The Shortwave MethodCustomize your ShortwaveThe Shortwave AI AssistantCollaborate with your teamBillingSecurity & PrivacyMigrations
Migrating from GmailMigrating from SparkMigrating from SuperhumanReferences
SearchKeyboard shortcuts & commandsSupported browsersHow-tos
Use Outlook & other providersUnified inbox via Gmail settingsManage multiple accountsDownload Shortwave for desktopDefault email appEnable push notificationsTroubleshoot push notificationsManage auto-apply labelsIntegrate Shortwave with your CRMUsing MCP with ShortwaveTroubleshoot missing threadsDownload EML fileGoogle Advanced ProtectionImport full historyDowngrade accountDelete accountSecurity & Privacy
We take your data security extremely seriously. Shortwave is designed from the ground up to securely handle your most sensitive business data including important emails, attachments, and more.
Before Shortwave, our engineering team built high security, high reliability data systems at Google Cloud. We have a lot of experience building and operating cloud products that handle mission-critical data.
CASA Tier 2 compliance & annual audit
Shortwave has been reviewed by third-party security auditors to ensure it complies with strict security requirements. To maintain this verification, Shortwave undergoes an annual security audit. You can read more about CASA (Cloud Application Security Assessment) here.
Google verification
Shortwave has been approved by Google and is compliant with Google's API Services User Data Policy, including its guidelines for sensitive data and its Additional Requirements for Specific Scopes. Shortwave’s app is also approved for listing in the Google Workspace Marketplace.
Google Advanced Protection
Shortwave works with Google’s Advanced Protection program. You can authorize Shortwave for your organization by following the instructions here.
All data securely stored in Google Cloud
All Shortwave data is stored in Google Cloud’s highly secure & compliant data centers. Stored data is encrypted at rest using AES256 and encrypted in transit using TLS 1.2+. We employ a “defense in depth” philosophy where every system is protected by multiple layers of security, including at the network, service, and application levels.
Sub-processors
No customer data is ever shared with other parties except as necessary to provide our service, and we keep both the sub-processors we use and the data we send to them to an absolute minimum. Currently, besides Google Cloud, we only use OpenAI, Anthropic, and Pinecone.
The vast majority of our AI workloads use open source models that run on hardware we control.
No third-party LLM training
Your data will never be used to train third-party LLMs.
Audit logging
Access to customer data is very tightly controlled internally and all access is audit logged to ensure compliance. No customer data is ever accessed by an employee without explicit customer permission. All employee data access requires multi-factor authentication using hardware security keys.
SOC 2 Type II & GDPR compliance
If your organization requires SOC 2 Type II or GDPR compliance, please contact our sales team at sales@shortwave.com.
Deleting your account & data
If at any time you wish to delete your account and all associated data, you can do so by following the instructions here.
Privacy Policy & Terms of Service
For additional information about our privacy practices and terms of use read our Privacy Policy and Terms of Service.
Guides
The Shortwave Method
Customize your Shortwave
The Shortwave AI Assistant
Collaborate with your team
Billing
Security & Privacy
How-tos
Use Outlook & other providers
Unified inbox via Gmail settings
Manage multiple accounts
Download Shortwave for desktop
Default email app
Enable push notifications
Troubleshoot push notifications
Manage auto-apply labels
Integrate Shortwave with your CRM
Using MCP with Shortwave
Troubleshoot missing threads
Download EML file
Google Advanced Protection
Import full history
Downgrade account
Delete account