Last updated: June 20, 2026
mesSage is a desktop email client developed by DuWayne Caviness. This policy explains how the app handles your data.
All data — including email credentials, OAuth tokens, email content, and settings — is stored locally on your device. mesSage does not operate any servers and does not transmit your data to the developer or any third party, except as described below.
mesSage connects to your Gmail account using Google's OAuth 2.0 authorization. The app requests the gmail.modify scope, which allows it to read, compose, send, archive, label, and trash emails on your behalf.
No Gmail data leaves your device except when explicitly sent via Gmail's own API (e.g., sending an email you composed). mesSage does not store, share, sell, or transmit your Gmail data to any external service operated by the developer. Gmail data is used solely to display and manage your email within the app.
mesSage's use of Gmail data complies with the Google API Services User Data Policy, including the Limited Use requirements.
mesSage connects to Outlook and Hotmail accounts via Microsoft's OAuth 2.0 authorization and the Microsoft Graph API. Email data is fetched directly from Microsoft's servers to your device and is not stored or transmitted elsewhere by the developer.
For accounts connected via IMAP/SMTP (Yahoo Mail, Fastmail, and others), your email address and app password are stored locally in your device's secure credential storage. Email content is fetched directly from the provider's servers to your device.
mesSage includes an optional AI assistant. If you configure it to use Claude (Anthropic), your email content may be sent to Anthropic's API to generate responses. If you use Ollama (local model), all AI processing happens entirely on your device with no data leaving it. AI features are opt-in and require you to provide your own API key.
Please review Anthropic's Privacy Policy if you use the Claude integration.
mesSage may cache email metadata and content in a local SQLite database on your device to enable offline access and faster loading. This cache is stored in your device's app data directory and is not accessible to the developer.
mesSage does not collect analytics, telemetry, crash reports, or any usage data. It contains no advertising. The developer has no visibility into how you use the app.
mesSage checks GitHub Releases for software updates. This request includes your IP address as part of the standard HTTPS connection, but no personal data is sent. Update packages are cryptographically signed and verified before installation.
mesSage is not directed at children under 13. We do not knowingly collect data from children.
If this policy changes materially, the updated version will be posted at this URL with a new "Last updated" date.
Questions? Contact: admin@cavinessproducts.com