This Privacy Policy explains how Dotjoiner Pty Ltd ("we", "us", "our") collects, uses, and protects information in connection with MailBraid, our desktop email forensics and thread reconstruction application ("the Software").
We have designed MailBraid with privacy as a core principle. The Software runs entirely on your local machine. Your email data never leaves your device.
Jurisdictional Compliance
We respect applicable privacy laws in all jurisdictions in which we operate. The following frameworks govern our handling of personal data depending on your location:
- European Economic Area and United Kingdom: our privacy policy and handling of personal information reflects the requirements of the General Data Protection Regulation (GDPR).
- Australia: our privacy policy reflects the requirements of the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
- New Zealand: New Zealand residents are covered by the Privacy Act 2020 (NZ), which contains equivalent protections.
- Singapore: our privacy policy reflects the requirements of the Personal Data Protection Act 2012 (PDPA).
- Canada: our collection and use of personal information reflects the requirements of the Personal Information Protection and Electronic Documents Act (PIPEDA).
- United States: the United States does not have a single federal privacy law. MailBraid does not currently meet the thresholds for state privacy laws such as the California Consumer Privacy Act (CCPA). We nonetheless apply the same data protection principles to all users regardless of location.
In all cases, you have the right to access, correct, or request deletion of your personal data by contacting us at support@mailbraid.com.
1. Who We Are
Dotjoiner Pty Ltd is an Australian company. We are the developer and publisher of MailBraid. For privacy-related enquiries, contact us at:
2. What Data MailBraid Collects
2.1 Data Processed Locally on Your Device
MailBraid connects to your local Microsoft Outlook installation and reads email metadata to reconstruct conversation threads. This processing happens entirely on your machine. Specifically, the Software reads:
- Email header metadata — sender, recipient, subject, date, and message identifiers
- Thread relationships — which emails belong to the same conversation
- Up to the first 500 characters of email body content, to present conversational context to the user within the MailBraid application only
- Attachment metadata — file names and types (not file contents)
This data is indexed and stored in an encrypted local database file on your device. It is never transmitted to our servers, third parties, or any external service.
2.2 Licence Activation Data
When you activate a trial or licence, we collect and store the following on our servers:
- Your email address (used to identify your activation and prevent duplicate trial use)
- A one-way cryptographic hash of your device identifier (used to prevent trial abuse — the raw device identifier is never stored)
- The date and time of activation
- Your licence type, tier, and term
This data is stored securely in Netlify's infrastructure (Netlify Inc., USA) and is used solely for licence management purposes of the MailBraid application only.
2.3 Version Check Data
If you have enabled update checking (on by default, can be disabled in Settings), the Software makes a request to our update server at startup to check whether a newer version of the MailBraid application is available. This request transmits only your current version number. We do not log IP addresses or device identifiers from version check requests.
2.4 Data We Do Not Collect
We do not collect:
- The full content of your emails (only the first 500 characters of body text are read, processed locally, and stored in the encrypted local index)
- Your contacts or address book
- Usage analytics or telemetry
- Crash reports (unless you choose to submit a bug report)
- Payment information (payment processing is handled entirely by Paddle — see Section 5)
3. How We Use Your Data
We use the data we collect only for the following purposes of the MailBraid application:
- Licence management — verifying that activations are legitimate and within the terms of your licence
- Preventing trial abuse — the device hash allows us to enforce the one-trial-per-device policy
- Customer support — your email address allows us to respond to support requests and send renewal notifications
- Product updates — notifying you when a new version is available (if update checking is enabled)
We do not use your data for advertising, profiling, or any purpose beyond the above.
4. Legal Basis for Processing
We process personal data only where we have a legitimate legal basis to do so. The following legal bases apply across all jurisdictions in which we operate:
- Contract performance — processing your email address and device hash is necessary to deliver the licence you have purchased or requested. This basis applies under GDPR, the Australian Privacy Act, the PDPA, and PIPEDA.
- Legitimate interests — version check requests are necessary for the security and integrity of the Software. We have assessed that this interest is not overridden by your privacy rights.
- Consent — where required by applicable law (including Singapore's PDPA), we rely on your consent to collect and use personal data. You may withdraw consent at any time by contacting us, though this may affect your ability to use the Software.
You have the right to access, correct, or delete your personal data at any time. Contact us at support@mailbraid.com to exercise these rights. We will respond within 30 days.
5. Third-Party Services
5.1 Paddle (Payment Processing)
Paid licences are processed by Paddle.com Market Limited ("Paddle"), who act as the Merchant of Record for all transactions. When you purchase a licence, you provide your payment details directly to Paddle. We do not receive or store your payment card information. Paddle's privacy policy is available at https://paddle.com/legal/privacy.
5.2 Netlify (Infrastructure)
Our licence activation server and website are hosted by Netlify Inc. (USA). Licence activation data is stored in Netlify Blobs. Netlify's privacy policy is available at https://netlify.com/privacy.
5.3 ImprovMX (Email Forwarding)
Support emails sent to support@mailbraid.com are forwarded via ImprovMX. ImprovMX's privacy policy is available at https://improvmx.com/privacy.
6. Data Retention
We retain licence activation records for the duration of your licence plus three years, to support renewal, transfer, and dispute resolution. After this period, records are deleted.
If you request deletion of your data before this period, we will delete your activation record. Note that this will deactivate your licence — you will need to contact us to obtain a replacement key if you wish to continue using the Software.
7. Data Security
Local Data Protection
- The email index and thread data created by MailBraid is stored in an encrypted file on your device, protected using AES-256-GCM encryption with a machine-bound key derived via HKDF. The encryption key is unique to your device and is never stored or transmitted.
- Tamper detection is built into the encrypted index — any modification of the file outside of MailBraid is detected and the index is invalidated, requiring a re-index.
- The licence block within your configuration file is separately encrypted at rest.
- MailBraid reads up to 500 characters of email body content for thread context display. This content is stored only in the encrypted local index and is never transmitted externally.
API and Network Security
- Both local API servers (which power the MailBraid interface) require a locally produced cryptographic session token for every request. This prevents any other application or web page from accessing your email data while MailBraid is running.
- CORS (Cross-Origin Resource Sharing) is restricted to MailBraid's own local ports. No external website can interact with the application.
- All communication between MailBraid and our servers (licence activation, version checks) uses HTTPS/TLS encryption.
Licence and Activation Security
- Trial activation is enforced server-side and cannot be bypassed by local file or registry deletion.
- Device identifiers used for activation are stored as one-way HMAC-SHA256 hashes — we cannot recover the original identifier from the stored value.
- Licence keys use a proprietary encoding with checksum validation to detect tampering.
Operational Security
- Update checks are opt-in (enabled by default, can be disabled by the user in the Settings menu of the application). When enabled, only the current version number is transmitted — no email data, no device identifier, no user information is transmitted.
- Access to licence activation data on our servers is restricted to authorised personnel only.
No method of electronic storage or transmission is 100% secure. We will notify you promptly in the event of a data breach that affects your personal data.
8. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Right of access — you can request a copy of the data we hold about you
- Right to rectification — you can ask us to correct inaccurate data
- Right to erasure — you can ask us to delete your data (subject to Section 6)
- Right to restrict processing — you can ask us to pause processing your data
- Right to data portability — you can request your data in a machine-readable format
- Right to object — you can object to processing based on legitimate interests
We will honour these rights. To exercise any of them, contact us at support@mailbraid.com. We will respond within 30 days.
9. Children's Privacy
MailBraid is a professional tool intended for use by adults. We do not knowingly collect personal data from anyone under the age of 16. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by email. The effective date at the top of this document will be updated accordingly.
Continued use of the Software after the effective date of a revised policy constitutes your acceptance of the changes.
11. Contact Us
For any questions, concerns, or requests relating to this Privacy Policy or your personal data:
This policy was drafted for MailBraid v1.4.2. It will be reviewed and updated as the product and its data practices evolve.