Privacy Policy

1. Introduction

This Privacy Policy describes how TwoChi LLC (“TwoChi,” “we,” “us,” or “our”) collects, uses, discloses, and protects information in connection with the Mailtrix desktop application (“App”), the website located at mailtrix.pro (“Website”), and all related services (collectively, the “Services”).

By accessing or using our Services, you agree to this Privacy Policy. If you do not agree, please do not use our Services. We may update this policy from time to time; material changes will be communicated via the Website or App.

2. Company Information

Mailtrix is developed and operated by TwoChi LLC, a limited liability company organized under the laws of the United States.

For privacy-related inquiries, contact us at: hello@twochi.com

3. Our Privacy-First Architecture

Mailtrix is designed with a local-first, privacy-first architecture. Your email data is processed entirely on your local machine and is never transmitted to our servers. Key architectural principles:

• Local email processing: Mailtrix connects to Microsoft Outlook Desktop on your computer via local COM automation. Your email content, attachments, contacts, calendar data, and other Outlook data remain on your device and are never sent to TwoChi servers.
• No cloud email storage: We do not store, copy, index, or cache your email content on any server we operate.
• Local credential storage: API keys and credentials you provide are stored in the Windows Credential Manager on your device, encrypted by Windows Data Protection API (DPAPI). We never have access to your stored credentials.
• Minimal data collection: We only collect information strictly necessary to operate the licensing, billing, and AI-assistance features of the service.

4. Information We Collect

4.1 Account Information

When you create an account, we collect:

• Email address
• Name (if provided)
• Password (hashed; we never store or have access to your plaintext password)

4.2 License and Subscription Information

• License key and associated tier (Free or Pro)
• Machine identifier (a locally generated unique ID used to bind your license to a device)
• License status and expiration dates
• Subscription status and billing period

4.3 Payment Information

Payment processing is handled entirely by Stripe, Inc. We do not receive, process, or store your full credit card number, bank account details, or other sensitive payment instrument data. We receive from Stripe only:

• Stripe customer ID
• Subscription status and plan details
• Payment event data (success, failure, cancellation)

Stripe's privacy policy governs their handling of your payment data: stripe.com/privacy.

4.4 Usage Information

When you use the AI-assisted features of Mailtrix, we collect:

• Number of AI requests made per billing period
• AI provider and model used per request (e.g., “Anthropic / Claude”)
• Approximate token counts per request
• Timestamps of requests

This data is collected for rate limiting, billing enforcement, and service improvement. We do not log, store, or have access to the content of your AI prompts or responses when you use your own API key (BYOK mode).

4.5 Managed Proxy Requests (Free Tier)

If you use the free tier (without providing your own API key), your AI prompts are routed through our managed proxy server to reach the AI provider. In this mode:

• Your prompts pass through our server transiently to be forwarded to the AI provider.
• We do not log, persist, or store the content of these prompts or AI responses on our servers.
• Prompts are forwarded in real-time and are not retained after the request completes.

4.6 Automatically Collected Technical Information

When you visit our Website or use our Services, we may automatically collect:

• IP address
• Browser type and version
• Operating system
• Referring URLs
• Pages visited and time spent
• Device identifiers

4.7 Information We Do NOT Collect

To be clear, Mailtrix does not collect:

• The content of your emails, attachments, or calendar events
• Your Outlook contacts or address book
• Your Microsoft account credentials
• Your plaintext API keys or passwords
• Screenshots or screen recordings
• Keystroke data or mouse movements
• Files on your computer outside of Mailtrix's own data directory

5. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Services
• Authenticate your identity and manage your account
• Validate your license and enforce usage limits
• Process payments and manage subscriptions via Stripe
• Route AI requests to third-party providers on your behalf
• Monitor and prevent abuse, fraud, and unauthorized access
• Comply with legal obligations
• Communicate with you about your account, subscription, or service changes
• Analyze aggregate usage trends to improve the product (no individual email content is used)

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

6. Third-Party Service Providers

We use the following third-party services to operate Mailtrix. Each processes data only as necessary to provide their respective service:

6.1 AI / Large Language Model Providers

When you use AI features, your prompts (which may include email content you choose to share with the AI) are sent to one of the following providers based on your selected model:

• Anthropic (Claude models) — anthropic.com/privacy
• OpenAI (GPT models) — openai.com/privacy
• Google (Gemini models) — policies.google.com/privacy

Important:When you use BYOK (Bring Your Own Key) mode, prompts are sent directly from your device to the AI provider using your own API key. TwoChi does not intermediate or have visibility into these requests. You are subject to the AI provider's terms and privacy policy for those requests.

When using the managed proxy (free tier), prompts pass through our server transiently but are not logged or stored by us. The AI provider's data handling policies apply to the content of the prompts once received by them.

6.2 Infrastructure and Hosting

• Vercel — Website and API hosting — vercel.com/privacy
• Supabase — Database and authentication — supabase.com/privacy
• GitHub — Code hosting and release distribution — github.com/privacy

6.3 Payments

• Stripe — Payment processing and subscription management — stripe.com/privacy

6.4 Code Signing

• Microsoft Azure Trusted Signing — Digital signature of our installer to verify authenticity — microsoft.com/privacy

7. Data Storage and Security

7.1 Where Data Is Stored

• On your device: Email data, API keys (Windows Credential Manager), local app settings, and local SQLite database
• On our servers: Account information, license data, subscription data, and aggregate usage metrics (hosted via Supabase and Vercel in the United States)

7.2 Security Measures

We implement industry-standard security measures including:

• All data in transit is encrypted using TLS 1.2 or higher
• Passwords are hashed using bcrypt via Supabase Auth
• API keys stored locally are encrypted by Windows DPAPI via the Credential Manager
• License tokens are signed using HMAC-SHA256 (HS256) with a 64-byte secret
• Database access is protected by Supabase Row Level Security (RLS) policies
• The desktop installer is digitally signed with Azure Trusted Signing
• Stripe webhook signatures are verified to prevent tampering
• Administrative access to infrastructure is restricted and audited

7.3 Data Retention

• Account data: Retained for the duration of your account. Upon account deletion, personal data is removed within 30 days, except where retention is required by law.
• Usage logs: Retained for up to 12 months for billing and abuse prevention, then deleted or anonymized.
• Payment records: Retained as required by tax and financial regulations (typically 7 years).
• Webhook events: Retained for 90 days for idempotency and debugging, then purged.
• Local data: Data stored on your device (settings, credentials) persists until you uninstall the App or delete it manually. We have no ability to remotely access or delete local data.

8. Data Sharing and Disclosure

We do not sell your personal information. We may share information only in the following circumstances:

• Service providers: With the third-party providers listed in Section 6, solely to provide the Services.
• Legal requirements: When required by law, subpoena, court order, or governmental regulation.
• Protection of rights: To protect the rights, property, or safety of TwoChi, our users, or the public.
• Business transfers: In connection with a merger, acquisition, bankruptcy, or sale of all or a portion of our assets, in which case you will be notified of any change in ownership or control of your personal information.
• With your consent: When you explicitly authorize us to share information.

9. Cookies and Tracking Technologies

Our Website may use:

• Essential cookies: Required for authentication and session management.
• Local storage: Used to store authentication tokens in your browser for the Website dashboard.

We do not use third-party advertising cookies or cross-site tracking technologies. We do not participate in ad networks or sell data to advertisers.

10. Your Rights and Choices

10.1 General Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal information we hold about you
• Correct inaccurate or incomplete information
• Delete your personal information (subject to legal retention requirements)
• Export your data in a portable format
• Restrict or object to certain processing activities
• Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at hello@twochi.com. We will respond within 30 days (or as required by applicable law).

10.2 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• The right to know what personal information is collected, used, shared, or sold
• The right to delete personal information held by us and by our service providers
• The right to opt out of the sale or sharing of personal information (we do not sell or share personal information)
• The right to non-discrimination for exercising your privacy rights
• The right to correct inaccurate personal information
• The right to limit use of sensitive personal information (we do not collect sensitive personal information as defined by CPRA)

Categories of personal information collected in the preceding 12 months: Identifiers (email, name), commercial information (subscription history), internet activity (usage logs), and inferences (license tier). We have not sold personal information in the preceding 12 months.

10.3 European Economic Area, UK, and Swiss Residents (GDPR)

If you are located in the EEA, UK, or Switzerland:

• Legal bases: We process personal data based on (a) contractual necessity (to provide the Services), (b) legitimate interests (security, fraud prevention, service improvement), and (c) consent (where applicable).
• International transfers: Your data may be transferred to and processed in the United States. We rely on Standard Contractual Clauses (SCCs) and our service providers' compliance frameworks (e.g., Supabase, Vercel, Stripe) to safeguard international transfers.
• Data Protection Officer: For GDPR-related inquiries, contact hello@twochi.com.
• Supervisory authority: You have the right to lodge a complaint with your local data protection authority.

10.4 Account Deletion

You may request deletion of your account and associated data by contacting hello@twochi.com. Upon receiving a verified request, we will:

• Delete your account and profile information
• Revoke your license key
• Cancel any active subscription
• Delete or anonymize usage logs
• Retain only data required by law (e.g., financial records)

Note: We cannot delete data stored locally on your device. Uninstalling the App will remove local data.

11. Children's Privacy

Our Services are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly. If you believe a child has provided us with personal information, please contact us at hello@twochi.com.

12. Do Not Track Signals

Our Website does not currently respond to “Do Not Track” (DNT) browser signals. However, as described in Section 9, we do not engage in cross-site tracking or targeted advertising.

13. International Data Transfers

TwoChi is based in the United States. If you access our Services from outside the United States, your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using our Services, you consent to the transfer of your information to the United States.

We use service providers that maintain appropriate safeguards for international data transfers, including Standard Contractual Clauses where applicable.

14. Limitation of Liability for AI-Generated Content

Mailtrix facilitates interaction with third-party AI models. TwoChi is not responsible for the accuracy, completeness, or appropriateness of AI-generated content. You acknowledge that:

• AI responses may contain errors, inaccuracies, or hallucinations
• You are responsible for reviewing AI-generated emails before sending them
• TwoChi does not control and is not liable for how third-party AI providers process your prompts
• Use of AI features is subject to the respective AI provider's terms of service and acceptable use policies

15. Third-Party Software

Mailtrix incorporates open-source and third-party software components. These components are governed by their respective licenses. The use of these components does not imply any endorsement by their authors. A list of third-party components and their licenses is available within the App.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

• Update the “Last updated” date at the top of this page
• Notify registered users via email for significant changes
• Display a notice on our Website

Your continued use of the Services after the effective date of any changes constitutes your acceptance of the revised Privacy Policy. We encourage you to review this page periodically.

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us: