← Back to Link Mail

Privacy Policy

Last updated: February 20, 2026

Your privacy is important to us. This Privacy Policy explains how Lit eMail collects, uses, and protects your information when you use our webmail client.

1. Information We Collect

To provide you with our services, Lit eMail accesses information from your Google account using the Google APIs:

  • Profile Data: We collect your name, email address, and profile picture provided by your Google Account during sign-in.
  • Access Tokens: We securely store OAuth access and refresh tokens in our database to facilitate ongoing interaction with Gmail and Calendar APIs on your behalf. These tokens are protected by AES-256 application-level encryption, meaning they are unreadable even if the database itself is accessed.
  • Email and Calendar Data: Lit eMail fetches your emails and calendar events directly from Google. They are processed and cached only within your browser session on your local computer. No emails or calendar event details are stored in our remote database or on our servers.

2. How We Use Information

We use the data we collect solely to provide you with the core functionality of the Lit eMail application, including:

  • Facilitating the reading, search, and categorization of your emails in your local browser environment.
  • Sending emails on your behalf and managing drafts.
  • Managing and displaying your calendar events.
  • Maintaining and optimizing the performance of the webmail client.

3. Data Storage and Privacy

Strict Privacy Commitment: Lit eMail does not persist your email content, subject lines, attachments, or calendar events in its backend database. Your sensitive communication data remains between you and Google; our application merely acts as a client-side interface for this data.

Data Sharing and Sale: Lit eMail does not sell, rent, or share any of your personal data with third-party advertisers or data brokers under any circumstances.

4. Data Security

We implement robust security measures using Google Cloud's infrastructure (Firebase and Firestore) to ensure your data is protected from unauthorized access, loss, or theft. All stored account credentials (OAuth tokens) are encrypted twice: once at the application level via AES-256 encryption, and again at the storage level by Google Cloud's infrastructure.

5. Your Control and Revocation

You have full control over your data. You may revoke Link Mail's access to your Google account at any time through the Google Account Security Dashboard. Revoking access will immediately stop all data synchronization and session access for that account.

6. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

© 2026 Link Mail. All rights reserved.