Last updated: July 3, 2026
Gridline is a desktop email application that consolidates your Gmail and Microsoft Outlook accounts into one inbox. This policy explains what data Gridline accesses, how it is used, and where it lives. The summary: Gridline runs on your computer, your data stays on your computer, and we operate no servers that receive it.
When you connect an account, you grant Gridline permission through Google's or Microsoft's official sign-in (OAuth). Depending on the permissions you approve, Gridline accesses:
~/Library/Application Support/Gridline; on Windows under %APPDATA%\Gridline).Gridline's AI features (message summaries, the inbox assistant) are off until you add an API key for an AI provider of your choice (e.g., Anthropic, OpenAI, or OpenRouter). When you actively use an AI feature, the relevant message content is sent from your device directly to that provider under your account and their privacy terms. Your key is stored locally on your device. Gridline never routes AI requests through servers of ours.
Gridline's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically: Google user data is used only to provide the email and calendar features you see in the app; it is not used for advertising; it is not sold; it is not transferred to third parties except as necessary to provide features you initiate (such as an AI request you configure and trigger yourself) or as required by law; and humans do not read it.
Nothing automatically. Gridline currently includes no analytics, telemetry, or tracking. If you email support, we receive whatever you choose to send us.
We do not sell, rent, or share your personal data or mailbox contents with third parties. Period.
Because your data is stored only on your device, you control it entirely. Disconnecting an account inside Gridline deletes its stored tokens. Uninstalling Gridline and deleting its application-data folder (paths above) removes everything. You can also revoke Gridline's access at any time from your Google Account permissions or Microsoft account permissions pages.
All communication with Google and Microsoft uses HTTPS. Sign-in uses each provider's official OAuth flow in your own browser — Gridline never sees or stores your password. Remote images in email are blocked by default to prevent tracking pixels.
Gridline is not directed at children under 13 and does not knowingly collect information from them.
If this policy changes materially, we will update this page and the date above.
Questions or requests: support@gridline.lol