Privacy Policy
Last updated: February 2026
Introduction
Roodee AI Lab ("we", "us", "our") operates MailHelm, a desktop email management application. This Privacy Policy explains how we handle your information when you use our software and visit our website (mailhelm.app).
We are committed to protecting your privacy. MailHelm is designed as a privacy-first, local-only application. Your email data stays on your computer.
Data Storage — Local First
MailHelm is a desktop application. All of the following data is stored exclusively on your local computer:
- Email account credentials (encrypted with AES-256-GCM)
- Fetched email content and metadata
- Classification results and rules
- Application settings and preferences
- Notification configurations
We do not operate any cloud storage or synchronization service. We cannot access your email data.
Encryption
All sensitive data is encrypted at rest using:
- AES-256-GCM authenticated encryption
- PBKDF2 key derivation with 100,000 iterations
- Unique salt and IV per encryption operation
Your master password is never stored. If lost, encrypted data cannot be recovered.
Data We Collect
While the application itself is local-only, we do collect limited data for the following purposes:
License Validation
When you activate a Pro or Business license, the application communicates with our licensing provider (Lemonsqueezy) to validate your license key. This involves:
- License key
- Machine identifier (hardware hash, not personal info)
- Application version
Crash Reports (Optional)
If you opt in, anonymous crash reports may be sent to help us improve the application. These contain:
- Error stack traces (no personal data)
- Operating system and app version
- No email content, credentials, or personal information
Website Analytics
Our website (mailhelm.app) may use privacy-respecting analytics to understand traffic patterns. No personal data is collected from website visitors beyond standard server logs.
Third-Party Services
MailHelm interacts with the following third-party services based on your configuration:
AI Providers
When you use AI classification, email content is sent to your chosen AI provider:
- Google Gemini — Google AI Terms
- Anthropic Claude — Anthropic Privacy Policy
- OpenAI GPT — OpenAI Privacy Policy
You use your own API key for these services. We do not proxy or store your API communications.
Payment Processor
Payments are processed by Lemonsqueezy. We do not store credit card information. Payment data is handled according to Lemonsqueezy's privacy policy.
Email Servers
MailHelm connects directly to your email provider's IMAP/SMTP servers. We do not relay or proxy these connections.
Data Sharing
We do not sell, trade, or share your personal information with third parties. The only data transmissions are:
- License validation with Lemonsqueezy
- Email content to your chosen AI provider (at your discretion)
- Notifications to your configured messaging platforms
Your Rights
Since your data is stored locally:
- Access: Your data is on your computer. You have full access.
- Deletion: Uninstall the app and delete the data directory to remove all data.
- Portability: Your emails remain in your email accounts. MailHelm doesn't move them off-server.
Children's Privacy
MailHelm is not intended for use by children under 13. We do not knowingly collect information from children.
Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.
Contact
If you have questions about this Privacy Policy, please contact us at hello@mailhelm.app.
Roodee AI Lab, Melbourne, Victoria, Australia