Privacy Policy

Your mail stays yours.

Jaymail is an email client built on the open JMAP standard. The short version:your mail stays between your device and your mail server. We built Jaymail so that we, the developers, are not in that path.

Effective July 7, 2026 · v1.0

What stays on your device

  • Your email address, server address, and password (stored in the iOS Keychain, protected by your device's security).
  • A local cache of your mail, including the search index that makes instant search work — protected with iOS Data Protection.
  • Your settings, snoozed messages, offline actions, and privacy statistics (the tracker-block counter never leaves your device).

Deleting the app deletes all of this.

What touches our servers

Push relay (push.wedare.net). Apple requires push notifications to be sent through the developer's infrastructure. To deliver them, our relay stores, per registered device: the Apple push token, your mail server's address, and the access secret your app registers for the JMAP push subscription. The relay uses these only to maintain the connection to your server and forward "new mail" events to Apple. Notification payloads pass through and are not stored. Unregistering a device (removing the account, or disabling notifications) removes its record. The relay runs on our own hardware in the Netherlands, and the relay software is open for self-hosting — point the app at your own instance and we are out of the loop entirely.

Crash reports (optional). If enabled — it is on by default and can be turned off in Settings → Privacy — the app sends anonymous crash reports via Sentry: stack traces, iOS version, app version, and a short tag identifying the failure site. Never email content, account identifiers, mailbox names, or addresses. Reports are not linked to you and are used only to fix bugs.

That is the complete list. Jaymail contains no advertising, no analytics SDKs, and we do not sell or share data with anyone.

What the app fetches from third parties

  • Brand logos (BIMI). To show sender logos, the app queries DNS (via Cloudflare DNS-over-HTTPS) and may fetch a brand's published logo from that brand's server — once per domain, never per message, with no identifying parameters. Google's favicon service is used as a fallback. You can turn all of this off: Settings → Privacy → Show brand logos.
  • Remote images in mail are blocked by default.Nothing loads until you tap "Load images" (or trust the sender). Tracking pixels are counted and shown in the privacy dashboard.
  • Unsubscribe. One-tap unsubscribe sends the RFC 8058 request to the sender's unsubscribe endpoint — only when you tap it.

Your rights (GDPR)

Jaymail is developed by JD Studio (Jordy Dost), Netherlands — the data controller for the push relay and crash reporting described above. You have the right to access, correct, or erase data we hold, to object to or restrict processing, and to lodge a complaint with a supervisory authority (in the Netherlands: Autoriteit Persoonsgegevens). Since we hold almost nothing, the fastest route for any request is email:jd@jdstudio.app.

Legal basis: performance of the service you request (push delivery), and legitimate interest in app stability (crash reports, opt-out).

Changes

We will update this page when the policy changes and note the date at the top. Material changes will be called out in release notes.

Support ·hello@jdstudio.app