Trust & security

We handle your inbox. Here is exactly how.

Handing over your business inbox is a real decision, so we will not hide behind a badge wall. This page is the honest version: how we connect, what we can and cannot touch, where a human always steps in, and how you switch us off in seconds. No jargon, no fine print designed to be skimmed past.

01 · How we connect

An app password over IMAP and SMTP. Not OAuth.

We connect to your inbox the boring, well-understood way: a scoped app password you create inside your own email account, used over standard IMAP and SMTP. There is no Google OAuth grant, no sweeping permission screen, and no shared account password. It takes about ten minutes, and you can revoke it in seconds whenever you want.

  1. You create the app password yourself

    Inside your own email settings you generate an app-specific password and hand us that string. Your real account password is never shared, never seen, and never stored by us.

  2. We use it over IMAP and SMTP only

    That password lets us read and send email over the standard mail protocols, and nothing more. It is not a login to your Google or Microsoft account, so it cannot reach your files, contacts settings, or anything outside the mailbox.

  3. You can revoke it in seconds, anytime

    The app password appears as its own line in your account security settings. Delete that one line and our access ends immediately, without touching your password or the rest of your account.

What an app password is

A narrow key to the mailbox

It does one job: read and send email. It cannot browse your drive, change account settings, or act as you anywhere else. And you hold the switch to turn it off.

Why not OAuth

We skip the big permission screen

A full OAuth connection asks you to grant broad, account-level access through a re-consent flow. For simply running your inbox, that is more reach than the job needs, so we do not ask for it.

02 · How your account is kept

One client per setup. US-based.

Isolation

Single-client isolation

Your inbox, your rate sheet, your approved answers, and your records are handled as their own separate setup. Your data is never blended into a shared pool with other clients or used to run someone else's account.

Location

US-based, run by the founder

Agenvanta is US-based and run by its founder, Shivam Patel, who brings operational discipline from working in regulated industries. You are dealing with a named, accountable person, not an anonymous offshore queue.

Scope

Inbox and light tools only

We work inside your inbox and light tools like a shared tracker or calendar. We do not build custom software or plug into systems we have not been set up with, and we never reach for a login you did not give us.

Control

You stay in control

You set the guardrails, you approve what matters in week one, and you can pull any task back to manual or switch access off entirely at any moment. Nothing about this is a lock-in.

03 · The human-approval gate

Nothing sensitive goes out on its own.

Automation handles the quiet, repetitive follow-up. It never handles the moments where judgment matters. Anything sensitive is drafted and waits for your one-tap approval before it can be sent.

  • Quotes and price changes. Any number that reaches a client is drafted for you first, never sent unreviewed.
  • Refunds, late fees, and disputes. Anything about money owed or a disagreement over terms routes to a person.
  • Complaints and unhappy replies. If a thread turns into a problem, the cadence stops and it becomes yours.
  • Review replies and public-facing offers. Anything posted under your name is held for approval before it goes out.
  • First outbound to a new list. The first message to people we have not contacted before always waits for your go-ahead.
  • Anything over your dollar cap. You set a number. Above it, nothing is ever automated.

Week one, you approve every draft. You see each message, correct the tone, and teach the operator how you actually talk to your customers. Once the voice and judgment are right, the routine follow-up runs on its own inside the guardrails you set, while everything sensitive keeps routing to you.

The cap is yours to set and change whenever you want. Over it, or on anything sensitive, the work comes to you with the full context attached, so you can pick it up without digging through the thread. The point is simple: the operator should quietly clear your busywork and never put you in a spot you would not have chosen yourself.

04 · What we will not do

The hard lines that make handing this over safe.

A short, plain list of things Agenvanta will not do. They are the reason you can let this run in the background without worrying about what goes out under your name.

No licensed advice

No legal, medical, tax, or financial advice. We handle the follow-ups and admin around your work, never the licensed judgment inside it.

No sensitive health records

No handling of protected health information or other sensitive regulated records.

Nothing sensitive sends itself

Nothing sensitive goes out on its own. Quotes, price changes, refunds, late fees, review replies, offers, and any first outbound to a new list are drafted for your one-tap approval first.

Inbox and light tools only

We work inside your inbox and light tools like a shared tracker or calendar. We do not build custom software or plug into systems we have not been set up with.

No logins we were not given

We will not touch anything behind a login or integration you have not given us. If a task needs an account we do not have, we tell you instead of guessing.

We never invent facts

We never invent facts. Prices come from your rate sheet, answers come from your approved FAQ, and account details come from your records, nothing made up.

We honor every stop immediately

We honor every stop, unsubscribe, and not-interested reply immediately, so follow-up never turns into pestering.

The one-line version

If it is repetitive, lands in your inbox, and does not need a professional license or a login we do not have, we can probably run it, with anything sensitive drafted for your approval first.

05 · Leaving, and what we do not claim

Switch us off in seconds.

Deletion & offboarding

Revoke the password, and we are gone.

The moment you delete the app password in your account settings, our access to your inbox ends. There is no drawn-out cancellation and no hostage-taking of your data.

Ask us to offboard and we delete the working copies of your rate sheet, approved answers, and contact records that we held to run your account. It is month-to-month, cancel anytime, and your inbox stays entirely yours.

What we do not claim

No badges we have not earned.

Agenvanta is pre-launch. We are not going to display a SOC 2 seal, a HIPAA badge, or any certification we do not actually hold, because that would be the opposite of the honesty this page is about.

What we offer instead is plainly stated practice: a revocable app password, single-client isolation, a human on the line for anything sensitive, and a founder whose name is on all of it.

Book a call

Ask us anything
before you connect.

App password over IMAP & SMTP · Revoke anytime · A human on the line for anything sensitive