Patriot Mail
Patriot Mail logoPatriot Mail
Features How it works Privacy FAQ Blog Connect your inbox

Policy

Privacy Policy

What Patriot Mail processes, where data lives, and how optional AI, local caching, and provider integrations are handled in the current product.

Effective date

August 18, 2025

This is the version currently published for the live service.

Plain-English summary

Thin client, not mailbox host

Patriot Mail connects to the inbox you already use and does not permanently store your messages on its servers.

Contact

privacy@patriotmail.ai

Use the privacy mailbox for access, correction, deletion, and general policy questions.

Effective Date: August 18, 2025

We collect only what we need to run Patriot Mail, and only with your consent. We do not sell or share your personal data, and we do not use your email data to train generalized AI or machine learning models.

Patriot Mail (Patriot Mail, we, our, or us) is a privacy-first email client. This Privacy Policy explains what information we process, how we use it, and how we keep it safe when you use our website https://patriotmail.ai/ and our applications (together, the Service).

1. What Patriot Mail Is (and Is Not)

Patriot Mail is a thin email client. We connect to your existing email accounts (for example, Gmail, Yahoo, Outlook, iCloud, and others) using standard protocols or official APIs. Your email messages stay with your email provider. We do not run our own email servers and we do not permanently store your inbox on our servers.

2. Information We Process

Most of the data involved in using Patriot Mail stays either on your device or with your email provider. We try to keep what we process to the practical minimum.

  • Account connection data. To connect your email account, we may process:
    • your email address,
    • authentication data such as OAuth tokens (for example, Google, Microsoft, Yahoo) or app-specific passwords for providers that do not support OAuth,
    • which provider you use and basic settings.

    Where possible we use OAuth so we never handle your main account password at all. When you choose a manual IMAP or SMTP setup, the credential you provide may be kept in protected session state so the Service can stay connected on your behalf. Session information is stored in secure, HTTP-only cookies. When server-side persistence is enabled, some account settings and session recovery state may also be kept in our internal storage worker so features like notifications, onboarding, and reconnect recovery keep working across restarts.

  • Email content and metadata. To provide the core functionality of the Service, we must process:
    • email messages and attachments,
    • headers and routing information,
    • folders, flags, labels and similar metadata.

    We fetch this data from your email provider when needed and send it to your device to be displayed. We do not permanently store your email content or attachment files on our servers. Email content may be temporarily held in memory or short-lived client-side caches only as needed to deliver the Service.

  • Local cache on your device. Patriot Mail may cache a limited portion of your inbox on your device (for example, recent messages, message bodies, or attachments metadata). This data:
    • is stored only on your device,
    • is not sent back to us as analytics,
    • can be disabled in settings (where available).
  • Technical and security logs. We keep limited technical logs to keep the Service secure and reliable. These may include:
    • IP address, browser type, device information, and basic request data,
    • error messages and performance metrics (without email content),
    • timestamps and basic usage patterns (for example, when you last connected).

    Logs are kept for a limited time and are designed to avoid storing email content or other highly sensitive data.

  • Support communications. If you contact us by email (for example, support@patriotmail.ai or privacy@patriotmail.ai), we will receive the information you choose to send and use it to respond to you and improve the Service.
  • AI-related data. If you use optional AI features (for example, emailing ai@patriotmail.ai or enabling AI tools in the app), the text or content you select for AI processing will be sent to our AI provider(s) solely to fulfill your request (such as generating a summary, draft reply, or scam explanation). We do not send your entire inbox for AI processing. Your data is not used for model training.

3. Cookies, Local Storage, and Similar Technologies

  • We use essential cookies and similar technologies to keep you signed in, maintain session security, and remember basic preferences. When server-side persistence is enabled, some account settings, push subscription records, and session recovery data are also stored on our backend.
  • We do not use cookies or other technologies for advertising or behavioral tracking.
  • We collect basic error and usage analytics through PostHog to diagnose problems and improve reliability. This data is collected in a privacy-preserving way: we do not track individual browsing behavior across sites, we do not build user profiles for advertising, and we minimize the personal data included in these events. Analytics data does not contain email content.
  • Some data (such as a local cache of recent emails) may be stored in your browser or app storage on your device to improve speed and reliability.

4. How We Use Your Information

We use the information described above to:

  • connect your email accounts and display your inbox,
  • send emails you choose to send,
  • provide optional AI-based features you explicitly enable,
  • maintain the security and reliability of the Service,
  • respond to your questions and support requests, and
  • comply with legal obligations and enforce our Terms of Service.

We do not sell, rent, or trade your personal data, and we do not use your inbox data for advertising.

5. AI Features and Third-Party AI Providers

AI features in Patriot Mail are optional and disabled by default.

  • When you use an AI feature, only the content you choose (for example, the text of a specific email) is sent to our AI provider(s) to process your request.
  • We configure AI services, where possible, to avoid retaining your data and to opt out of using it to train generalized models.
  • We do not use AI providers to profile you or to run targeted advertising.

Our AI providers act as our processors and are bound by contractual restrictions on the use of your data. We will list core AI providers, if any, in this policy or in an accompanying security or data processing notice.

6. Use of Google, Microsoft, and Yahoo Data

6.1 Google APIs and Gmail data

When you connect a Google account (for example, Gmail or Google Workspace), we may use Google APIs to access your email messages, labels, and basic account information in order to provide an email client experience.

Our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

In particular, we:

  • use Google data only to provide or improve user-facing features of Patriot Mail related to email,
  • do not use Google data for advertising, including retargeting or interest-based ads,
  • do not sell or share Google data with third parties except as necessary to provide the Service (for example, infrastructure and security providers),
  • do not use Google data to train generalized AI or machine learning models, and
  • do not allow humans to read your Google data except with your explicit consent, when required for security or legal reasons, or when data is aggregated and anonymized for internal operations.

6.2 Microsoft (Outlook, Microsoft 365) via Microsoft OAuth

When you connect a Microsoft account (for example, Outlook.com or Microsoft 365), we may use Microsoft's OAuth and identity services, and related APIs, to obtain authentication tokens, your email address, and access to your email account so that Patriot Mail can act as an email client.

We use this data only to provide and improve the email features you see in the application. We do not sell, rent, or use Microsoft data for advertising and do not share it with third parties except as necessary to operate the Service (for example, infrastructure and security providers).

6.3 Yahoo and other providers

When you connect a Yahoo account, or other providers that support OAuth or IMAP/SMTP access, we use the data we obtain (for example, authentication tokens, email address, and inbox access) only to provide the Patriot Mail email client functionality.

We follow the privacy and data protection requirements of each provider. We do not sell or share this data, and we do not use it for advertising or unrelated analytics.

7. Legal Bases (for Users in the EU/EEA and UK)

If you are located in the European Union, the European Economic Area, or the United Kingdom, we process your personal data under the following legal bases:

  • Contract: to provide the Service you request, including connecting your email account and sending messages on your behalf.
  • Consent: for optional features such as AI tools, certain cookies, or additional data processing where consent is required.
  • Legitimate interests: to maintain the security, stability, and performance of the Service, to prevent abuse, and to respond to your support requests, in a way that does not override your rights and freedoms.

8. Data Storage, Location, and Retention

  • On your device. Local caches and settings are stored on your device. You can clear them by using your device or browser settings or by adjusting options in the app (where available).
  • On our infrastructure. We keep only the minimal information needed to operate the Service (for example, session state, account configuration data, secure tokens or manual connection credentials when you choose that setup, push subscription records, reconnect recovery metadata, and short-lived logs). This data may be hosted by trusted providers such as Cloudflare and Vercel. We do not permanently store full mailbox content on our servers.
  • Retention. We retain personal data only for as long as necessary to provide the Service, to meet legal obligations, or to resolve disputes. Technical logs are kept for a limited period and then deleted or anonymized.

9. International Data Transfers

Our infrastructure and some of our service providers may be located in different countries. This means your data may be processed outside your country of residence.

Where required by law, we use appropriate safeguards (such as Standard Contractual Clauses) to protect personal data transferred outside the European Union/EEA or the United Kingdom.

10. Your Rights

We respect privacy rights and aim to honor reasonable requests wherever you live. Depending on your location, you may have the right to:

  • access the personal data we process about you,
  • request correction of inaccurate data,
  • request deletion of your personal data,
  • request restriction of processing,
  • object to certain types of processing, and
  • request a copy of your data in a portable, machine-readable format.

Because Patriot Mail does not permanently store full mailbox content on our servers, many requests can be handled directly with your email provider or by clearing data from your device. Requests about session data, settings, logs, or other data we control can still be sent to us.

To exercise your rights or ask questions, contact us at privacy@patriotmail.ai. If you are in the EU/EEA or UK, you may also have the right to lodge a complaint with your local data protection authority.

11. Children’s Privacy

Patriot Mail is designed for general use and is primarily intended for adults. We do not knowingly collect personal data from children under the age at which consent is required in their country (for example, 13 or 16 in many jurisdictions) without appropriate parental consent.

If you believe that a child has provided us with personal data without parental consent, please contact us and we will take appropriate steps to delete such data.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version on this page and update the Effective Date at the top. If the changes are significant, we may provide additional notice (for example, in the app or by email).

13. Subprocessors

The following third-party service providers (subprocessors) may process limited data on our behalf in order to operate the Service:

  • Vercel Inc. - application hosting and serverless compute.
  • Cloudflare, Inc. - CDN, DDoS protection, edge workers, and IMAP proxy infrastructure.
  • PostHog, Inc. - privacy-preserving error and usage analytics. No email content is sent to PostHog.
  • OpenAI, L.L.C. - optional AI email features (see section 5). Only content you explicitly select is sent. Your data is not used for model training.
  • Apple Inc. - push notification delivery via Apple Push Notification service (APNs) for iOS and macOS devices.

Each subprocessor is contractually bound to process data only as instructed and to maintain appropriate security measures. This list is updated when subprocessors are added or removed.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you can contact us at:

  • Email: privacy@patriotmail.ai
  • Address:
    Sanddev sp. z o.o.
    Ślężna 104/2A
    53-111 Wrocław
    Poland

At a glance

  • Patriot Mail connects to existing email accounts.
  • Messages stay with the connected provider.
  • No email content stored on our servers.
  • Optional AI is off by default.
  • Local cache stays on your device.
  • No ads, no data selling.

Your data choices

  • Clear local cache anytime in settings.
  • Disconnect accounts when you want.
  • AI features are opt-in only.
  • Request data deletion via email.

Contact

privacy@patriotmail.ai

Related pages

Terms of ServiceSecuritySupportIMAP Configuration Guide

© 2026 Patriot Mail. All rights reserved.

Privacy Terms Support Security IMAP Config Blog Store

Are you sure?