Privacy Policy
Effective date: May 28, 2026
Contact: founder@withmarlowe.app
Overview
Marlowe is a desktop application that helps you manage tasks inferred from your email. This policy explains what data Marlowe accesses, how it is used, and what is stored.
Gmail Access
Marlowe connects to Gmail using Google OAuth. The only permission requested is gmail.readonly, which allows Marlowe to read your messages. Marlowe cannot send, modify, delete, or otherwise alter your email or account in any way.
Marlowe uses your Gmail data solely to identify actionable tasks in your inbox. It does not use Gmail data for advertising, profiling, or any purpose unrelated to task management.
How Email Content Is Handled
When Marlowe reads an email, the content — sender, subject, and body — is loaded temporarily into memory on your device. It is passed to the Anthropic API (the AI service that powers Marlowe) for classification. Once that classification is complete, the email content is discarded. It is never written to disk by Marlowe and is never stored on any Marlowe server.The only information that persists after an email is processed is:
1. The Gmail message ID, retained to prevent the same email from being processed twice
2. Any tasks Marlowe inferred from the email, stored as short task descriptions
3. Brief summary notes used to give Marlowe context in future sessions
No email subject lines, sender names, or message bodies are stored on your device or on any Marlowe server.
Anthropic API
Email content is transmitted to Anthropic's API for AI processing. Anthropic is a third-party service provider. Their privacy policy is available at anthropic.com. Marlowe sends only the minimum email content necessary to determine whether a task should be created.
Marlowe Server
Marlowe operates a server at api.withmarlowe.app, hosted on Railway. This server serves several functions: it proxies AI and voice API requests, manages license activation, and stores a copy of your task data to enable future multi-device access.The following information is stored on the Marlowe server:
1. License key — your Freemius-issued license identifier
2. Email address — collected at purchase time, used only to generate authenticated links to your billing portal
3. Freemius install credentials (install_id, install_api_token) — used to identify your device activation with our billing provider. These are Freemius-scoped credentials and are not Google credentials.
4. Task data (tasks.json) — your task list, preferences, and inferred context, synced from your device. This is the same data stored locally on your device.
The following is never stored on the Marlowe server:
-Raw email content (subjects, bodies, sender names)
-Google OAuth tokens (access tokens or refresh tokens)
-Email attachments
-Your contacts or address book
Google OAuth Tokens
Google OAuth tokens (the credentials that allow Marlowe to read your Gmail) are stored exclusively on your local device in your system's application support folder. They are never transmitted to or stored on any Marlowe server. If you disconnect your Gmail account within Marlowe, your OAuth credentials are deleted from your device immediately.
Local Storage
Task data — including your task list, preferences, and inferred context — is stored locally on your device in your system's application support folder at ~/Library/Application Support/Marlowe/. This data is also synced to the Marlowe server as described above.
Data Protection
- In transit: All communications between Marlowe and its server, between the server and the Anthropic API, and between the server and Google's APIs travel over encrypted HTTPS (TLS 1.2/1.3).
- At rest (server): Data stored in the Marlowe server database is encrypted at rest using AES-256, managed at the infrastructure level by Railway.
- At rest (device): Task data and OAuth tokens stored locally on your device are protected by macOS file system permissions and are accessible only to your user account.
- API credentials: The Anthropic API key and other server-side credentials are stored as environment variables on the server and are never transmitted to or accessible by the client application.
Data Retention and Deletion
Marlowe retains only what is necessary for the app to function:
1. Gmail message IDs are retained to prevent duplicate processing. They contain no message content.
2. Task data and context notes are stored on your device and on the Marlowe server for as long as you use the app. You can delete individual tasks within the app at any time.
3. Email content (sender, subject, body) is never written to disk and never stored on any server. It exists only in memory during processing and is discarded immediately after classification.
4. Your email address and license information are stored on the Marlowe server for as long as your account is active. This information is used solely for billing and account management.
To delete all Marlowe data from your device, quit the app and delete the folder at ~/Library/Application Support/Marlowe/. This permanently removes all tasks, context, and stored message IDs from your device.
To request deletion of your data from the Marlowe server, contact founder@withmarlowe.app. We will delete your server-side task data, email address, and account record within 30 days of your request.
Data Marlowe Does Not Collect
Marlowe does not collect or transmit:
1. Email content beyond what is needed for task classification
2. Attachments
3. Your contacts or address book
4. Browsing history or device information
5. Google OAuth tokens to any server
6. Any data for advertising purposes
Third-Party Services
Marlowe uses the following third-party services:
Anthropic — AI processing of email content. Privacy policy at anthropic.com.
ElevenLabs — Voice synthesis for spoken reminders. Privacy policy at elevenlabs.io.
Freemius — License management and billing. Privacy policy at freemius.com.
Railway — Server hosting and database infrastructure. Privacy policy at railway.app.
Children's Privacy
Marlowe is not intended for use by children under 13. Marlowe does not knowingly collect data from children.
Changes to This Policy
If this policy changes materially, connected users will be notified. The effective date at the top of this page will be updated.
Contact
For privacy questions, contact: founder@withmarlowe.app