1. Privacy by Architecture
Most AI email tools — and many email clients in general — operate by sending your email content to remote cloud servers for processing. This is how they add AI features: by routing your mail through OpenAI, Anthropic, Google, or their own managed infrastructure.
Oasis is different at the architecture level. The default AI pipeline runs entirely on your Mac, using local models served by Ollama. Your email content is never transmitted to Oasis's servers, to cloud AI providers, or to any third party as part of normal operation.
The core guarantee: Unless you explicitly enable BYOK (Bring Your Own Key) mode with an external API key you provide, Oasis does not send your email content outside your device. The AI that reads your mail lives on your Mac.
2. What We Collect
Oasis collects a small amount of anonymized telemetry to help improve AI classification accuracy. This data is stripped of all personally identifiable information before it ever leaves your device.
| Data Point | What it is | Collected? |
|---|---|---|
| Sender domain | The part after @ (e.g. "github.com") — not the full address | Yes |
| AI category | How Oasis classified the email (correspondence, newsletter, etc.) | Yes |
| AI confidence score | How confident the model was in its classification (0–1 float) | Yes |
| Correction signal | Whether you corrected the classification, and what you changed it to | Yes |
| has_unsubscribe_header | Boolean — does the email have a List-Unsubscribe header? | Yes |
| Body word count | Approximate length of the email body — not the content | Yes |
| AI model name | Which model produced the classification (e.g. "llama3.2") | Yes |
| App version | The Oasis version number in use | Yes |
Telemetry events are queued locally in a SQLite table and flushed in batches to our analytics backend (Supabase). Events are anonymous — they carry no user identifiers, no device fingerprints, and cannot be linked back to you.
3. What We Never Collect
This list is explicit and exhaustive. Oasis never collects, transmits, or stores the following on our servers:
- Email subject lines
- Email body content
- Full sender or recipient email addresses
- Display names of senders or recipients
- Dollar amounts, financial figures
- One-time passwords (OTPs), verification codes
- Attachment contents or file names
- AI-generated summaries of your emails
- Your IMAP password, account credentials, or tokens
- Device identifiers, IP addresses, or location data
- Any information that could re-identify you or any email sender
4. IMAP Credentials
Oasis accesses your email via the standard IMAP protocol, which requires your email account password or an app-specific password.
Storage
Your IMAP credentials are stored exclusively in the macOS Keychain — the same secure enclave used by Apple's own apps, 1Password, and every other well-behaved Mac app. The Keychain is encrypted by your Mac's hardware and protected by your login password or biometrics.
Transmission
Your credentials are used only to authenticate IMAP and SMTP connections directly from your Mac to your email provider. They are never transmitted to Oasis servers, never logged, and never stored in plaintext on disk.
Revocation
You can revoke Oasis's access at any time by removing the account from Settings → Connected Inboxes, which deletes the Keychain entry. If you used an app-specific password, you can also revoke it from your email provider's security settings independently.
5. Local Edge AI
By default, Oasis routes all AI processing through Ollama, an open-source local model server that runs on your Mac. No email content, summary, or classification request leaves your device during this process.
Models Used
- Classification & Summarization: Llama 3.2 (8B) — runs entirely on your Mac via Ollama
- Semantic Embeddings: nomic-embed-text — used for semantic search, runs locally
BYOK Mode (Optional)
Power users can configure Oasis to use their own API keys from Anthropic (Claude) or OpenAI. In BYOK mode, email content is sent to those providers according to their own privacy policies. Oasis does not intermediate or store this data. You're connecting directly from your device to their API.
Important: In BYOK mode, you are the data controller for API calls. Please review Anthropic's or OpenAI's privacy policies before enabling cloud AI. Oasis defaults to local AI precisely to avoid this.
Mock AI Mode
Oasis ships with a heuristic "mock" AI mode for evaluation without installing Ollama. This runs entirely on-device using simple rules — no network calls, no cloud services.
6. Telemetry & Analytics
Anonymous telemetry is enabled by default to help us improve the AI classification model. Every event is stripped of personal information before leaving your device.
Opting Out
You can disable telemetry at any time in Settings → Data & Privacy → Share Anonymous Usage Data. When disabled, no events are queued or transmitted. The toggle takes effect immediately — there is no delay.
Data Destination
Telemetry is sent to Supabase (supabase.co), a PostgreSQL-based cloud database. Events are stored in a table called classification_events with no user identifiers. Supabase is SOC2 Type II compliant and stores data in US-East data centers by default.
Retention
We retain anonymized telemetry events for up to 12 months, after which they are automatically purged. There is nothing in the telemetry data that could be used to re-identify you.
7. Local Data Storage
Oasis stores all email data, AI metadata, attachments, and settings in a SQLite database on your Mac, located at:
~/Library/Application Support/com.oasis.app/oasis.db
Attachments are stored in the same Application Support directory under attachments/{email_id}/.
You Control Your Data
- You can inspect the database directly using any SQLite viewer
- Deleting the app and its Application Support folder removes all data permanently
- Removing an account from Settings deletes all locally synced mail for that account
- You can back up the database manually at any time
No Cloud Sync
Oasis does not back up your email database to iCloud, our servers, or any third-party cloud service. Your data is strictly local. If you change Macs, you'll need to re-sync from your email provider via IMAP.
8. Third-Party Services
| Service | Purpose | Data Shared |
|---|---|---|
| Supabase | Anonymous telemetry storage | Anonymized classification events (no personal data) |
| Your Email Provider (IMAP/SMTP) | Email sync and send | Authentication credentials via your device only |
| Ollama (local) | Local AI inference | Email content — processed on-device only, never leaves Mac |
| Anthropic / OpenAI (BYOK only) | Cloud AI if you opt in with your own API key | Email content — per their own privacy policies |
We do not use advertising networks, analytics platforms (Google Analytics, Mixpanel, etc.), or any tracking services. The only external data transmission is the anonymous telemetry described above.
9. Your Rights
Because Oasis stores your email data locally and our telemetry is anonymous, the traditional GDPR "right to access" or "right to erasure" for telemetry data is impractical to fulfill — we have no way to identify which telemetry events came from you.
For your local data, you exercise full rights by controlling the files on your Mac:
- Right to access: Open the SQLite database directly with any SQLite browser
- Right to erasure: Delete the Application Support folder or remove individual accounts from Settings
- Right to portability: The SQLite file is a standard, open format readable by any SQLite tool
- Right to opt out of telemetry: Settings → Data & Privacy → toggle off
10. Contact
If you have questions about this privacy policy or Oasis's data practices, please contact us at:
We aim to respond to all privacy inquiries within 5 business days.
If you're a beta user and encounter unexpected network activity or data behavior, please report it to beta@oasis.app immediately. We take security reports seriously.