Privacy Policy

1. Introduction

Welcome to Mindmesh. This Privacy Policy explains how we collect, use, and protect your information when you use our desktop application and related services.

2. Information We Collect

We collect information necessary to provide our services:

  • Account Information: Email address, username, and password (securely hashed)
  • OAuth Credentials: Encrypted tokens for third-party services (Google, Microsoft)
  • Email and Calendar Data: Content from your connected accounts to provide our services
  • Usage Data: How you interact with the application to improve our services
  • Device Information: Operating system and application version

We use AI services (OpenAI) to analyze and enrich your content, extracting insights, action items, and enabling semantic search.

3. How We Store Your Information

Mindmesh follows a local-first architecture. Most of your data is stored locally on your device, including emails, calendar events, and vector embeddings for search. This data stays on your device and is not transmitted to our servers.

We maintain minimal cloud storage for account authentication, OAuth tokens, and session data. We do not permanently store the full content of your emails or calendar events in our cloud infrastructure.

4. How We Use Your Information

We use your information to:

  • Process and organize your emails and calendar events
  • Generate insights and extract actionable items
  • Provide semantic search capabilities
  • Maintain your account and sync data across devices
  • Improve our services and fix bugs

5. Third-Party Services

When you connect third-party services (Google Gmail, Google Calendar, Microsoft Outlook), you grant us permission to access these services. We comply with their respective API terms and privacy policies.

We use OpenAI's API to process your content. Your data is sent to OpenAI according to their privacy policy. You can review OpenAI's privacy practices at openai.com/privacy.

6. Data Security

We implement security measures including encryption of data in transit, secure password hashing, and access controls. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

You can access, update, or delete your account information at any time through the Service settings. You can disconnect third-party services at any time, which will revoke our access to those services.

To delete all local data, uninstall the Mindmesh application from your device. This will remove all locally stored content.

8. Data Retention

We retain your account information for as long as your account is active. OAuth tokens are retained while you maintain the connection and deleted when you disconnect. Local data persists on your device until you uninstall the application.

9. Children's Privacy

The Service is not intended for users under the age of 13. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of the Service constitutes acceptance of the changes.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at:

Email: team@mindmesh.global