Privacy Notice

Last updated: May 28, 2026 · Mail Bender v1.2

The one-sentence version: Mail Bender runs on your own Windows PC, talks only to Microsoft, and sends nothing back to us — there is no server, no analytics, no telemetry.

1. What we collect

From the Mail Bender software: nothing. The plugin has no analytics, no telemetry, no tracking, and no backend to phone home to. We operate no server that receives your data.

If you email us or use a form on this website, we receive what you send (your email address and your message) and use it only to reply to you.

2. What runs on your machine

Mail Bender runs inside the Stream Deck app on your Windows PC. Its files live locally:

The Mail Bender plugin folder under %APPDATA%\Elgato\StreamDeck\Plugins\ — plugin files
%APPDATA%\com.qols.mailbender\tokens.bin — your encrypted Microsoft sign-in tokens
%APPDATA%\com.qols.mailbender\first_run.json — your dismissed first-run hints

3. Your Microsoft sign-in

To act on your mailbox, Mail Bender stores the OAuth tokens Microsoft issues when you sign in. They are encrypted at rest with Windows DPAPI — the same protection Windows uses for saved browser passwords, tied to your Windows user account. Tokens are sent only to Microsoft's official endpoints. They are never transmitted to us or any third party.

4. Microsoft permissions we request

On first sign-in, Microsoft shows you a consent screen listing exactly what Mail Bender can access:

Mail.ReadWrite — read and modify messages (archive, flag, mark read…)
Mail.Send — send replies and forwards you trigger
Calendars.ReadWrite — accept/decline meetings, create events
Tasks.ReadWrite — add and complete To-Do items
Contacts.ReadWrite — the "Add Sender to Contacts" action
MailboxSettings.ReadWrite — the Auto-Reply (out-of-office) toggle
offline_access — stay signed in (refresh tokens)
User.Read — show your account name on the deck

You can revoke these anytime at myaccount.microsoft.com → Privacy → Apps and services.

5. What Mail Bender reads, writes, and never touches

Reads: message metadata (subjects, senders, dates, flags, folders, read state), calendar event details, task titles — pulled live as needed, never cached off your machine.

Writes: only the action you press. Archive moves one message; Reply opens a draft; Review Later defers one message. No background or scheduled writes.

Never accessed: message bodies in bulk, OneDrive files, Teams chats, SharePoint, or anything outside the permissions above.

6. Network destinations

Mail Bender only ever connects to Microsoft: login.microsoftonline.com, graph.microsoft.com, and login.live.com (consumer accounts). No calls to us. No analytics SDK. No update pings — updates come through the Stream Deck app.

7. Removing your data

Uninstall the plugin from the Stream Deck app to remove its files. To also clear your sign-in tokens, delete %APPDATA%\com.qols.mailbender\. Revoking the app in your Microsoft account (section 4) invalidates any remaining tokens server-side.

8. Your rights

Under GDPR, CCPA, and similar laws you may request access to or deletion of personal data held about you. Because Mail Bender collects no personal data and we run no server, in practice there is nothing for us to hold — your data stays on your machine and in your own Microsoft account, both under your control. For questions, contact support@mailbender.net.

9. Children

Mail Bender is a professional productivity tool, not directed at children under 13.

10. Changes

We may update this notice; the date above reflects the latest version. Material changes will be noted at the top of this page for at least 30 days.

11. Operator & contact

Mail Bender is published and operated by Mail Bender, which acts as the data controller for the limited purposes described above. Privacy questions: support@mailbender.net.