Privacy Policy

Summary

Mylo is a native macOS app made by PIQ LLC, a Delaware limited liability company. This policy explains what happens to your data when you use Mylo and when you visit mylomessaging.com.

The short version:

• Mylo reads your messages, calendar, and contacts from your own Mac. That data never leaves your device.
• The only things the app sends over the network are a license check and an update check. Neither transmits message content.
• On the business side, we retain only what we need to run your subscription: your name and email (via Paddle), your license key, and your subscription status.
• The Mylo app itself runs no analytics, telemetry, or tracking of any kind. On the mylomessaging.com website we use Plausible for cookieless aggregate analytics (no cookies, no PII, no cross-site tracking). We don't sell or share your data.

What Mylo reads

Mylo reads the following data sources entirely locally on your Mac. None of the content listed below ever reaches PIQ LLC's servers or any third party we control.

• iMessage: read from ~/Library/Messages/chat.db, macOS's local Messages database.
• WhatsApp: Mylo connects to WhatsApp's web protocol locally on your Mac. Messages are fetched and parsed on-device.
• Signal: read from Signal's local message stores on your Mac.
• Telegram: read via Telegram's official client library, which maintains its own local database on your Mac.
• Gmail (optional, only if you connect your Google account): fetched via Google's Gmail API directly from Google to your Mac using an OAuth access token stored on your device.
• Google Calendar (optional, only if you connect your Google account): fetched via Google's Calendar API, same mechanism as Gmail.
• macOS Contacts: accessed via macOS's AddressBook framework.

All parsing, scoring, deduplication, and reminder logic runs inside the app on your Mac. There is no code path in the app that sends message or contact content to our servers.

What is transmitted

The complete list of things Mylo sends over the network. If it's not on this list, Mylo doesn't send it.

1. License validation. When you launch Mylo, and periodically thereafter, the app sends your account email and your license key to mylomessaging.com/api/license-verify. Our server returns a yes/no indicating whether your subscription is active. The app can operate offline for up to 14 days without a successful check-in. No message, contact, or calendar content is ever sent as part of this check.
2. Update checks. The app pings a Cloudflare Worker to check whether a newer version of Mylo is available. Only version-metadata is returned. No user data is sent with the update-check request.
3. Optional: Anthropic AI features. If you enable AI-generated contact profiles or outreach suggestions and provide your own Anthropic API key, the specific contact data you choose to process is sent directly from your Mac to Anthropic's API under your account. PIQ LLC is not in the middle of this request. Your use of Anthropic is governed by Anthropic's terms and privacy policy. You can turn AI features off at any time.
4. Optional: Google APIs. If you connect your Google account, the OAuth access and refresh tokens are stored on your Mac using macOS's safeStorage (hardware-backed encryption). The app uses those tokens to fetch Gmail or Calendar data directly from Google to your Mac. PIQ LLC's servers never see your OAuth tokens, your email content, or your calendar events.

What PIQ LLC retains

We retain a small, bounded set of information necessary to run the business:

• Customer identity (via Paddle): your name, email, billing country, and whatever payment information you give Paddle at checkout. Paddle is the merchant of record for Mylo sales. PIQ LLC receives your name and email from Paddle, and a pointer to your subscription, but does not receive your full payment details (card number, etc.).
• License and subscription state: your generated license key, the Paddle subscription ID, subscription status (active, past due, canceled), and the date of last online license check. Stored in Cloudflare KV.
• Transactional email logs (via Resend): when we email you about billing, license, or support, Resend stores the subject, timestamp, and recipient address for delivery diagnostics.
• Server request logs (via Cloudflare): standard web-server access logs for mylomessaging.com and our Cloudflare Workers, containing IP address, User-Agent, timestamp, and the requested URL. Cloudflare retains these for roughly 30 days for security and diagnostic purposes.
• Aggregate website analytics (via Plausible): anonymous, aggregate counts of pageviews, referrers, country, browser, screen size, and outbound link clicks. No cookies, no individual user identifiers, no fingerprints, no cross-site tracking. Plausible cannot identify you and we cannot identify you from Plausible's data.
• Email signups: if you submit your email through the capture form on mylomessaging.com, that email is forwarded to our internal inbox and stored for the purpose of notifying you about Mylo updates. You can ask us to delete it any time.

We do not collect:

• Any product analytics or usage metrics inside the Mylo app. No Mixpanel, no PostHog, no Amplitude, no heatmaps, no session recording.
• Any message content, contact data, calendar events, or AI-generated profile content.
• Any cookies, browser fingerprints, or cross-site tracking identifiers on mylomessaging.com. The cookieless Plausible analytics described above are aggregate-only and cannot be tied back to an individual.
• Any data from minors. Mylo is not directed at children under 16, and we do not knowingly collect their information.

Third parties

Running Mylo requires a handful of third parties. Here is exactly what each of them sees:

• Paddle (merchant of record): your name, email, billing address, tax information, and payment method. Paddle handles checkout, subscription billing, sales tax, VAT, fraud prevention, and refunds. Governed by Paddle's Privacy Policy.
• Resend (transactional email): recipient email addresses, email subject lines, email bodies, delivery timestamps. Used to send billing, license, and support messages. Governed by Resend's Privacy Policy.
• Cloudflare (hosting + license storage): HTTP request metadata (IP, User-Agent, URL) and the contents of license records stored in Cloudflare KV. Governed by Cloudflare's Privacy Policy.
• Plausible (cookieless website analytics): aggregate, anonymized counts of pageviews and clicks on mylomessaging.com. No cookies, no cross-session identifiers, no personal data. Governed by Plausible's Data Policy.
• GitHub (update distribution via a Cloudflare Worker proxy): request metadata from update checks. Governed by GitHub's Privacy Statement.
• Anthropic (only if you opt into AI features using your own API key): the specific contact data you choose to process. Governed by Anthropic's Privacy Policy.
• Google (only if you connect Gmail or Google Calendar): OAuth authentication and the Gmail or Calendar data you authorize Mylo to access. Governed by Google's Privacy Policy.

We do not sell, rent, or trade personal information with anyone. We do not share personal information for cross-context behavioral advertising.

Your rights

Depending on where you live, you have the following rights over your personal information. We honor these rights for all users, regardless of jurisdiction.

• Right to know and access. You can ask for a copy of the personal information we hold about you.
• Right to correction. If something is wrong, you can ask us to fix it.
• Right to deletion. You can ask us to delete your personal information. If you're an active subscriber, deletion will cancel your subscription. Some information (e.g. billing records) may be retained by Paddle where required by law (tax, anti-fraud).
• Right to data portability. You can ask for a copy of your information in a commonly used, machine-readable format.
• Right to opt out of "sale" or "sharing" of personal information. We don't sell or share your personal information for cross-context behavioral advertising. There is nothing to opt out of.
• Right to non-discrimination. We will not treat you differently for exercising any of these rights.
• Right to appeal. If you live in a jurisdiction granting an appeal right (e.g. Virginia, Colorado, Connecticut) and we decline a privacy request, you can appeal by replying to our response. We will respond within the statutory timeframe.
• Right to unsubscribe from marketing email. You can unsubscribe at any time by clicking the unsubscribe link in any email we send, or by emailing vdpbot@gmail.com with the address you'd like removed. We'll handle it within a day. Unsubscribing only affects marketing email; transactional email (receipts, license keys, security notices) will still be delivered as long as your account is active.

For EU and UK users (GDPR, UK GDPR): you additionally have the right to restrict processing, the right to object to processing based on legitimate interests, and the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, email vdpbot@gmail.com with the subject line "Privacy request" and tell us what you'd like us to do. We'll verify your identity (usually by confirming you control the email address on your subscription) and respond within 30 days, or sooner where the law requires.

Updates

We may update this policy as the product evolves, as the law changes, or as we add or remove third-party services. When we make material changes, we will:

1. Update the "Effective" date at the top of this page.
2. Post a note on mylomessaging.com at least 14 days before the change takes effect, where practical.
3. Email active subscribers if the change meaningfully affects how their data is processed.

The current version is always available at mylomessaging.com/privacy. If you don't like a change, you can cancel your subscription through Paddle's customer portal and request deletion of your data.

Contact

PIQ LLC is the data controller for the data described in this policy. For privacy questions or to exercise any of your rights, email vdpbot@gmail.com.