Privacy Policy

Last Updated: April 2026

1. Introduction

MailLayer ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how our Chrome Extension collects, uses, and safeguards your information.

2. Data We Collect

MailLayer operates primarily locally on your device. We do not collect, store, or transmit any of your emails, passwords, or personal communications to our servers. The extension interacts with the following data solely to provide its core functionality:

• Authentication Tokens: We request OAuth tokens from Google and Microsoft (Outlook) to allow you to send emails directly from the extension. These tokens are stored securely in your browser's local storage and are never sent to MailLayer servers.
• Drafts and Templates: Any email templates or drafts you create are saved locally using Chrome's `chrome.storage.local` API.
• Signatures: Your rich-text signature is stored locally on your device.

3. Third-Party Services

To function, MailLayer interacts with third-party APIs (Google Gmail API and Microsoft Graph API). Your use of these integrations is governed by the respective privacy policies of Google and Microsoft. We only use these APIs to send emails on your behalf when explicitly triggered by you.

4. Data Sharing and Disclosure

Because we do not collect your personal data or email content on our servers, we do not share, sell, or disclose your information to any third parties.

5. Security

We rely on Google Chrome's built-in extension security architecture and standard OAuth 2.0 protocols to ensure your credentials remain secure. We do not have access to your passwords.

6. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by updating the "Last Updated" date at the top of this page.

7. Contact Us

If you have any questions about this Privacy Policy, please contact us via our GitHub repository issues page.