← Back to Mailotte

Cookie Policy

Last updated: 9 June 2026

This Cookie Policy explains how MAILOTTE LTD ("Mailotte," "we," "us") uses cookies and similar local-storage technologies when you use mailotte.com and the Mailotte web application. It should be read alongside our Privacy Policy. Mailotte is built privacy-first: we use only the storage strictly necessary to run the service. We do not use advertising cookies, cross-site tracking, or browser fingerprinting, and we do not sell your data.

1. What Are Cookies and Local Storage?

Cookies are small text files a website stores in your browser. "Local storage" and "session storage" are related browser technologies that let a web application remember small amounts of information on your device. We use "cookies" loosely to refer to all of these.

2. The Cookies We Use

Every technology listed below is strictly necessary for the service to function. Under the UK Privacy and Electronic Communications Regulations (PECR) and the EU ePrivacy Directive, strictly necessary cookies do not require consent, so Mailotte does not display a cookie-consent banner.

Essential cookies

• Authentication: keeps you securely signed in during a session.
• Security: protects against cross-site request forgery (CSRF) and other attacks.

Local storage (preferences & app state)

• Theme & appearance: remembers your light/dark mode and accent colour.
• Inbox setup state: remembers whether you have completed first-run setup.
• Sign-out signal: coordinates logging you out across multiple open tabs.

Session storage (temporary)

• Update detection: after we deploy a new version, helps your browser reload fresh code instead of showing a broken page. Cleared when you close the tab.
• Prompt dismissal: if you dismiss the optional product-analytics prompt without choosing, we remember that for the current tab so we don't ask again until next time. No analytics are enabled by this. Cleared when you close the tab.

3. What We Do NOT Use

• No advertising or marketing cookies
• No third-party advertising or social-media trackers
• No cross-site or cross-device tracking
• No browser fingerprinting
• No third-party web fonts — Mailotte uses your operating system's built-in fonts, so no requests are made to Google Fonts or any external font provider

4. Diagnostics, Error Tracking & Analytics

To keep Mailotte reliable we use first-party diagnostics — error and performance monitoring that runs on our own self-hosted Grafana stack (Tempo and Loki) in the EU (which replaced our former provider, Sentry, decommissioned June 2026) — together with a privacy-first product-analytics event stream that records only the in-app actions you take while signed in (for example, "opened message" or "added trusted sender"). The browser-side diagnostics capture redacted error reports and performance signals (such as Core Web Vitals) and send them to our own servers, but they set no advertising or analytics cookies and do not store or read any information on your device beyond the strictly necessary cookies described above — in particular, no session identifier is written to your browser. That is why no consent banner is required for them. Email content, message bodies, recipient addresses, and IP addresses are never sent to or retained by any of these pipelines. Personal identifiers in event payloads are one-way SHA-256 hashed in your browser before transmission. The product-analytics stream is opt-in: off by default and never collected unless you turn it on. We ask once at first login, and you can enable or disable it at any time under Settings → Privacy & data.

If we ever introduce analytics or error tools that do store or read information on your device and are not strictly necessary, we will ask for your consent first, in line with the UK PECR and the EU ePrivacy rules.

5. Push Notifications

If — and only if — you opt in to browser push notifications, your browser stores a push subscription so your device can receive new-mail alerts. Notification payloads are encrypted end-to-end under the Web Push standard (RFC 8291) before they leave our servers. You can disable push at any time in Settings → Notifications.

6. Managing Cookies

Because the cookies we set are strictly necessary, blocking them will prevent you from signing in or using core features. You can still control or clear cookies and local storage through your browser settings. Clearing Mailotte's storage will sign you out and reset your local preferences.

7. Changes to This Policy

We may update this Cookie Policy to reflect changes to our service or to legal requirements. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you within the service.

8. Contact Us

Questions about this Cookie Policy can be sent to privacy@mailotte.com.

• MAILOTTE LTD
• Registered in England and Wales, company number 17119010
• Registered office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom