Privacy Policy

Your data stays on your device

iPosta is designed with a local-first philosophy. All your email data — messages, attachments, and account information — is stored locally on your Mac. We do not operate any servers that store or process your emails. Your data never leaves your device unless you explicitly send an email.

Authentication

For Gmail and Microsoft 365 accounts, iPosta uses industry-standard OAuth 2.0 for authentication. This means your email provider passwords are never stored in iPosta. OAuth tokens are stored securely in the macOS Keychain and are only used to communicate directly with your email provider's servers.

No analytics or tracking

iPosta does not include any analytics frameworks, crash reporters, or tracking pixels. We do not collect usage data, telemetry, or behavioural analytics of any kind. We believe your email habits are your business, not ours.

No third-party data sharing

We do not share, sell, or transfer any of your data to third parties. iPosta communicates directly with Google APIs and Microsoft Graph — there are no intermediary servers, proxies, or third-party services involved in handling your emails.

Network communications

iPosta only makes network connections to your configured email providers (via Google APIs and Microsoft Graph). No other network connections are made. We have no servers — your emails never leave your device.

App Sandbox

iPosta runs with macOS App Sandbox enabled, meaning it can only access the resources it needs. This provides an additional layer of security, isolating the app from the rest of your system.

Contact us

If you have any questions about our privacy practices, please reach out via our support page.