Signet

Privacy Policy

Last updated: 2026-04-18

Signet is a desktop email client currently in private development. It is operated by Taylor Insurance Services ("we", "us"). This policy explains what data Signet handles and what we do with it.

1. Summary

Signet is local-first. Your mail is fetched from your email provider to your computer and stored on disk there. We do not operate a server that stores your mail, your credentials, or the content of your messages. The only personal data we collect on our own infrastructure is the email address you give us when you request early access.

2. Data stored on your device

When you connect an email account, Signet stores the following on your local computer:

• Your email messages, threads, attachments, and labels, in a local SQLite database.
• OAuth access and refresh tokens for accounts you connect, stored in your operating system's secure credential store (macOS Keychain).
• Your preferences, identity configuration, and draft messages.

This data never leaves your device through Signet. It is not transmitted to Taylor Insurance Services, and it is not accessible to us.

3. Google account data (Limited Use)

If you connect a Google account, Signet requests Gmail scopes necessary to read, compose, send, and manage your email on your behalf. Signet's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• Data obtained from Google APIs is used only to provide user-facing features of Signet running on your device.
• We do not transfer this data to third parties except as necessary to provide those features or as required by law.
• We do not use this data to serve advertisements.
• We do not allow humans to read this data except with your explicit consent, for security purposes (for example, to investigate abuse), or to comply with applicable law.

You can revoke Signet's access to your Google account at any time from your Google account permissions page.

4. Email addresses submitted to the waitlist

When you submit your email address on our website to request early access, we store that address so we can contact you when a beta slot is available. We do not share this address with third parties. We do not send marketing email to it. You can ask us to delete it at any time by emailing [email protected].

5. Analytics and telemetry

Signet does not currently include analytics, crash reporting, or telemetry. The desktop app does not send usage data to us. The website does not use cookies for analytics or advertising.

6. Payment

Signet does not currently accept payment and does not collect payment information.

7. Security

OAuth tokens are stored in your operating system's secure credential store (macOS Keychain) rather than in plain files. Local databases live inside your user directory and inherit its filesystem permissions. Because your data is stored on your device, its security depends on the security of that device — full-disk encryption and a strong account password are recommended.

8. Children

Signet is not directed to children under 13, and we do not knowingly collect personal information from them.

9. Changes to this policy

We will update this page and the "Last updated" date above when this policy changes in any material way. During the private development period, changes are expected as features land.

10. Contact

Questions about this policy, or requests to delete data we hold (limited to your waitlist email), can be sent to [email protected].