Trust and operational safety

Draftline is designed around draft-only workflow, explicit privacy levels, and environment-gated email access.

Email access rules

• live Gmail drafting is disabled unless the environment explicitly enables it
• allowed Gmail user IDs can be restricted per environment
• the product writes drafts, not sends
• request-level observability is active for operator diagnostics

What still needs hardening

• formal auth on the operator app surface
• production-grade mailbox connection management
• full policy-backed deletion and retention UI

Questions: support@draftline.app