Privacy

Privacy Policy

Postmesh is a local-first email sync and query tool. This Privacy Policy explains how Postmesh handles information when you use the Postmesh website, command-line tool, local application, and related services.

Effective date: June 5, 2026

Questions or requests: [email protected]

Summary

Postmesh is designed to run locally.

Postmesh connects to your email account, syncs mail data to local storage on your machine, and lets you query that local data through a CLI and structured JSON interface.

Postmesh is not a hosted email client. Postmesh does not sell your email data. Postmesh does not use your email data for advertising.

Information Postmesh accesses

When you connect an email account, Postmesh may access email account data needed to sync and query your mail, including:

  • messages
  • message headers
  • subject lines
  • sender and recipient information
  • body previews or message bodies, depending on the features and scopes enabled
  • threads or conversation metadata
  • labels, folders, categories, or similar mailbox organization data
  • read/unread state
  • message timestamps
  • provider message IDs and sync metadata

Postmesh may also store account connection metadata, such as provider name, account identifier, OAuth tokens, refresh tokens, granted scopes, sync checkpoints, and sync status.

The exact data Postmesh can access depends on the provider you connect, the permissions you approve, and the Postmesh features you use.

How Postmesh uses email data

Postmesh uses email data to provide the product’s core functionality, including:

  • connecting to your email provider
  • syncing mail to local storage
  • normalizing provider-specific mail data into a local schema
  • keeping local mail data up to date
  • listing and retrieving messages
  • filtering and querying messages
  • returning structured JSON output to local tools, scripts, and agents

Postmesh does not use your email data for advertising.

Postmesh does not sell your email data.

Postmesh does not use your email data to train shared AI models.

Local storage

Postmesh stores synced mail data locally on your machine.

This local data may include message metadata, message previews, message content if enabled, labels, folders, account metadata, sync checkpoints, and query indexes.

Postmesh currently stores application data under local paths such as ~/.local/share/postmesh, ~/.config/postmesh, and mailbox database files under ~/.mailr/accounts.

You are responsible for securing the device, server, or environment where Postmesh is installed.

OAuth tokens and account credentials

Postmesh uses OAuth to connect to supported email providers.

Postmesh may store OAuth access tokens and refresh tokens locally so it can continue syncing your account after initial authorization.

In the current implementation, account token data is stored locally in the Postmesh configuration directory and is encrypted at rest using a local AES-GCM key stored on the same machine, or a key supplied through POSTMESH_ENCRYPTION_KEY.

Postmesh does not ask for or store your email account password.

You can revoke Postmesh’s access at any time through your email provider’s account security or connected apps settings.

Website and installation data

When you visit the Postmesh website, your browser and hosting provider may process standard technical information such as IP address, browser type, device information, referring page, and request logs.

The Postmesh website does not use analytics cookies.

Authentication relay and hosted components

Postmesh uses a lightweight hosted authentication relay on Cloudflare Pages Functions to help complete OAuth flows for Gmail and Outlook without shipping provider client secrets inside the CLI.

This hosted component is not intended to store, index, or host your mailbox.

In the current implementation, the hosted component may process:

  • OAuth authorization codes returned by Google or Microsoft
  • provider access tokens and refresh tokens returned during token exchange
  • refresh tokens and signed refresh grants when Postmesh uses hosted token refresh
  • short-lived session identifiers and signed session grants used to resume login

Short-lived session records are stored in Cloudflare KV and contain the provider, the session state, a hash of the poll token, a hash of the signed session grant, and timing metadata. Pending authorization sessions currently expire after about 5 minutes. After a successful or failed callback, the token handoff record is retained only briefly, with a current TTL of about 2 minutes, and is deleted when the CLI completes polling.

The hosted component does not persist mailbox contents, message bodies, local query indexes, or a long-term hosted copy of your inbox.

The relay may briefly handle OAuth tokens during authorization or refresh, but Postmesh is designed so synced mailbox data stays local to your installation.

Sharing of information

Postmesh does not sell your personal information or email data.

Postmesh does not share your email data with advertisers.

Postmesh may share limited information only in the following cases:

  • with your email provider, as necessary to authenticate and sync your account
  • with service providers used to operate the website, authentication flow, hosting, logs, or support systems
  • when you direct Postmesh or a local agent or tool to use your data
  • when required by law, legal process, or to protect rights, safety, and security

Postmesh does not transfer your email data to third parties for advertising purposes.

Use of Google user data

If you connect a Google account, Postmesh uses Google user data only to provide user-facing Postmesh features, including local mail sync, message retrieval, query, and related account functionality.

Postmesh does not sell Google user data.

Postmesh does not use Google user data for advertising.

Postmesh does not use Google user data to train shared AI models.

Postmesh only transfers Google user data when necessary to provide user-facing functionality, complete authentication or refresh flows you initiate, comply with applicable law, protect against security threats or abuse, or as otherwise directed by you.

Use of Microsoft user data

If you connect a Microsoft account, Postmesh uses Microsoft account and mail data only to provide user-facing Postmesh features, including local mail sync, message retrieval, query, and related account functionality.

Postmesh does not sell Microsoft user data.

Postmesh does not use Microsoft user data for advertising.

Postmesh does not use Microsoft user data to train shared AI models.

Local agents, scripts, and tools

Postmesh is designed to be used by local scripts, developer tools, and agents. When you connect Postmesh to another local tool or agent, that tool may be able to access the mail data exposed by Postmesh.

You are responsible for deciding which tools, agents, scripts, or users can access your local Postmesh installation, database, configuration files, and command-line environment.

Data retention

Synced mail data remains on your machine until you delete it, remove an account, uninstall Postmesh, or change sync settings that cause older data to be pruned.

Postmesh may store sync checkpoints and account metadata so future syncs can continue efficiently.

Hosted relay session records are short-lived and expire automatically after minutes, not months.

Deleting your data

You can remove a configured account with postmesh accounts remove <account-email>.

In the current implementation, removing an account from configuration does not necessarily delete every local mailbox database file, session file, backup, or copied export on your machine.

To fully remove local Postmesh data, you may also need to delete local directories such as ~/.config/postmesh, ~/.local/share/postmesh, and ~/.mailr/accounts, subject to your backups, file system behavior, and any manual copies you have made.

You can also revoke provider access through your Google or Microsoft account settings.

Security

Postmesh is designed to keep synced mail data local to your machine.

You should protect your local environment, including your device, SSH access, filesystem permissions, shell history, database files, configuration files, logs, and backups.

Postmesh may store sensitive data such as email metadata, message content, OAuth tokens, and local indexes. Treat the Postmesh data directory and configuration directory as sensitive.

Children

Postmesh is not intended for use by children under 13, or the minimum age required in your jurisdiction.

International use

Postmesh may be used from different countries and environments. If hosted components are used, information processed by those components may be handled in the country or region where the hosting provider operates.

Changes to this policy

We may update this Privacy Policy from time to time.

When we make changes, we will update the effective date above. Material changes may be announced through the website, release notes, or other appropriate channels.

Contact

Postmesh

Privacy questions or requests: [email protected]

Website: postmesh.dev