Chuck processes your email entirely on your device. No AI providers analyze your inbox, and no data centers store your messages or personal information. Your email stays on your phone, period. Here's how we keep it that way.
Authentication
OAuth2 wherever possible — no passwords shared. For Google, Microsoft (Outlook, Hotmail, Live, Office 365, Microsoft 365), and Yahoo (which also covers AOL and Verizon), Chuck uses the provider's OAuth2 sign-in. You authenticate directly with your email provider and Chuck receives a limited-access token — we never see your password. You can revoke Chuck's access at any time through your provider's security settings.
Apple iCloud uses an app-specific password. Apple does not offer OAuth for third-party mail clients, so iCloud, mac.com, and me.com accounts sign in with an app-specific password you generate at appleid.apple.com. Your main Apple ID password is never shared with Chuck, and you can revoke the app-specific password at any time.
Data Handling
Your messages stay on your device. Chuck does not store your email content or message metadata on our servers. All inbox processing — reading, sorting, filtering, batch actions — happens locally on your iPhone.
No data selling. Ever. Your email data is never sold, shared with advertisers, or used to build marketing profiles. Chuck's business model is simple: we sell Chuck Pro subscriptions. That's it.
Infrastructure
Hosted on IBM Cloud. Our backend infrastructure meets enterprise security standards. All data is encrypted in transit (TLS) and at rest.
Google-certified. Chuck has completed Google's security verification for applications that access Gmail, confirming compliance with their user data protection requirements.
Your Control
- Disconnect anytime. You can disconnect Chuck from your email accounts at any time through your email provider's security settings. This immediately invalidates Chuck's access tokens.
- Data deletion. Send a request to support@chuck.email and we'll confirm deletion within 48 hours.
Compliance
410 Labs, Inc. maintains Chuck in compliance with GDPR and applicable data protection regulations. For full details, see our Privacy Policy, Terms of Service, and GDPR information.
Vulnerability Disclosure Program
We partner with security researchers to keep Chuck safe. If you discover a vulnerability, please report it through our Vulnerability Disclosure Program.
Contact
Security questions? Reach us at support@chuck.email.