Privacy Policy

Last Updated: May 12, 2025

Welcome to LegacyMail (“we,” “us,” or “our”). This Privacy Policy explains how we handle information when you use our browser-based MBOX reader (the “Service”).

Our Service is designed for local processing. This means your MBOX files and the email data contained within them (“Local Data”) are processed and stored only on your computer.

1. Information We Do NOT Collect

• Local Data: We do not access, collect, store, or transmit your MBOX files or any email content, attachments, or metadata from those files. All processing happens locally within your browser.
• Usage Data (Local Operations): We do not track how you interact with your Local Data within the Service (e.g., which emails you view, searches you perform locally).

2. Information We MAY Collect (If You Create an Account)

Some features, like premium subscriptions or future cloud-based functionalities (if offered), may require you to create an account. If you choose to create an account (e.g., using email/password or through third-party providers like Google Sign-In via services like Clerk), we may collect:

• Account Information: Your name, email address, password (hashed), and potentially profile picture if provided through a third-party service. This information is used for account management, authentication, and communication regarding your account or subscription.
• Subscription Information: If you purchase a premium subscription, our payment processor (e.g., Stripe) will handle your payment details directly. We may receive information like subscription status, plan type, and transaction identifiers, but typically not your full credit card number.
• Third-Party Authentication: If you sign in using a third-party service like Google, we receive information based on your permissions granted to that service (e.g., name, email, profile picture). We rely on the security practices of these third-party providers. For details on how Clerk handles your data when used for authentication, please see Clerk’s Privacy Policy.

3. How We Use Collected Information (Account Holders Only)

If we collect Account or Subscription Information, we use it to:

• Provide, maintain, and improve account-related features of the Service.
• Process subscription payments and manage your subscription.
• Communicate with you about your account, updates, or support requests.
• Authenticate you and secure your account.
• Comply with legal obligations.

4. Data Sharing

• Local Data: We never share your Local Data because we never collect it.
• Account Information: We do not sell your Account Information. We may share it with:
  • Service Providers: Companies that help us operate (e.g., authentication providers like Clerk, payment processors like Stripe, cloud hosting providers if applicable for account data). These providers are bound by confidentiality agreements and only use the data to perform services for us.
  • Legal Requirements: If required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

5. Data Security

We implement reasonable technical and organizational measures to protect any Account Information we store. However, no internet transmission or electronic storage is 100% secure. You are responsible for the security of your Local Data on your own computer.

6. Data Retention (Account Holders Only)

We retain your Account Information for as long as your account is active or as needed to provide you with account-related services. We may retain some information after account closure if necessary to comply with legal obligations, resolve disputes, or enforce our agreements.

7. Your Choices and Rights (Account Holders Only)

Depending on your location, you may have rights regarding your Account Information, such as the right to access, correct, delete, or restrict its processing. You can usually manage your account details through your account settings. For other requests, please contact us.

8. Children’s Privacy

The Service is not intended for minors under 18 (or a different age threshold depending on the jurisdiction). We do not knowingly collect personal information from minors.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on our website or through the Service. Your continued use of the Service after changes constitutes your acceptance of the revised policy.

10. Contact Us

If you have questions about this Privacy Policy or our practices, please contact us at: cory@legacymail.ai