GRIDLINE

Privacy Policy

Last updated: July 3, 2026

Gridline is a desktop email application that consolidates your Gmail and Microsoft Outlook accounts into one inbox. This policy explains what data Gridline accesses, how it is used, and where it lives. The summary: Gridline runs on your computer, your data stays on your computer, and we operate no servers that receive it.

What Gridline accesses

When you connect an account, you grant Gridline permission through Google's or Microsoft's official sign-in (OAuth). Depending on the permissions you approve, Gridline accesses:

Where your data lives

Optional AI features (bring your own key)

Gridline's AI features (message summaries, the inbox assistant) are off until you add an API key for an AI provider of your choice (e.g., Anthropic, OpenAI, or OpenRouter). When you actively use an AI feature, the relevant message content is sent from your device directly to that provider under your account and their privacy terms. Your key is stored locally on your device. Gridline never routes AI requests through servers of ours.

Google API Services — Limited Use disclosure

Gridline's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically: Google user data is used only to provide the email and calendar features you see in the app; it is not used for advertising; it is not sold; it is not transferred to third parties except as necessary to provide features you initiate (such as an AI request you configure and trigger yourself) or as required by law; and humans do not read it.

What we collect about you

Nothing automatically. Gridline currently includes no analytics, telemetry, or tracking. If you email support, we receive whatever you choose to send us.

Data sharing and selling

We do not sell, rent, or share your personal data or mailbox contents with third parties. Period.

Data retention and deletion

Because your data is stored only on your device, you control it entirely. Disconnecting an account inside Gridline deletes its stored tokens. Uninstalling Gridline and deleting its application-data folder (paths above) removes everything. You can also revoke Gridline's access at any time from your Google Account permissions or Microsoft account permissions pages.

Security

All communication with Google and Microsoft uses HTTPS. Sign-in uses each provider's official OAuth flow in your own browser — Gridline never sees or stores your password. Remote images in email are blocked by default to prevent tracking pixels.

Children

Gridline is not directed at children under 13 and does not knowingly collect information from them.

Changes to this policy

If this policy changes materially, we will update this page and the date above.

Contact

Questions or requests: support@gridline.lol