Privacy Policy

Introduction

Roodee AI Lab ("we", "us", "our") operates MailHelm, a desktop email management application. This Privacy Policy explains how we handle your information when you use our software and visit our website (mailhelm.app).

We are committed to protecting your privacy. MailHelm is designed as a privacy-first, local-only application. Your email data stays on your computer.

Data Storage — Local First

MailHelm is a desktop application. All of the following data is stored exclusively on your local computer:

• Email account credentials (encrypted with AES-256-GCM)
• Fetched email content and metadata
• Classification results and rules
• Application settings and preferences
• Notification configurations

We do not operate any cloud storage or synchronization service. We cannot access your email data.

Encryption

All sensitive data is encrypted at rest using:

• AES-256-GCM authenticated encryption
• PBKDF2 key derivation with 100,000 iterations
• Unique salt and IV per encryption operation

Your master password is never stored. If lost, encrypted data cannot be recovered.

Data We Collect

While the application itself is local-only, we do collect limited data for the following purposes:

License Validation

When you activate a Pro or Business license, the application communicates with our licensing provider (Lemonsqueezy) to validate your license key. This involves:

• License key
• Machine identifier (hardware hash, not personal info)
• Application version

Crash Reports (Optional)

If you opt in, anonymous crash reports may be sent to help us improve the application. These contain:

• Error stack traces (no personal data)
• Operating system and app version
• No email content, credentials, or personal information

Website Analytics

Our website (mailhelm.app) may use privacy-respecting analytics to understand traffic patterns. No personal data is collected from website visitors beyond standard server logs.

Third-Party Services

MailHelm interacts with the following third-party services based on your configuration:

AI Providers

When you use AI classification, email content is sent to your chosen AI provider:

• Google Gemini — Google AI Terms
• Anthropic Claude — Anthropic Privacy Policy
• OpenAI GPT — OpenAI Privacy Policy

You use your own API key for these services. We do not proxy or store your API communications.

Payment Processor

Payments are processed by Lemonsqueezy. We do not store credit card information. Payment data is handled according to Lemonsqueezy's privacy policy.

Email Servers

MailHelm connects directly to your email provider's IMAP/SMTP servers. We do not relay or proxy these connections.

Data Sharing

We do not sell, trade, or share your personal information with third parties. The only data transmissions are:

• License validation with Lemonsqueezy
• Email content to your chosen AI provider (at your discretion)
• Notifications to your configured messaging platforms

Your Rights

Since your data is stored locally:

• Access: Your data is on your computer. You have full access.
• Deletion: Uninstall the app and delete the data directory to remove all data.
• Portability: Your emails remain in your email accounts. MailHelm doesn't move them off-server.

Children's Privacy

MailHelm is not intended for use by children under 13. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.

Contact

If you have questions about this Privacy Policy, please contact us at hello@mailhelm.app.

Roodee AI Lab, Melbourne, Victoria, Australia