Home Sign in

OpenMail legal & support

Cookie Policy

How OpenMail uses essential cookies, local storage, session storage, security tokens, and preference storage.

These legal pages are currently provided in English. If translated versions are provided later, they are for convenience only unless clearly stated otherwise. The English version is the official version.
Last updated 18 June 2026
Provider OpenMail™ Exchange
Download PDF

Service provider details

Service provider / trading name
OpenMail™ Exchange
Trading as
OpenMail
Business address
41 Norman Avenue, London, N22 5ES, United Kingdom
Contact email
hello@openmail.email
Website
https://openmail.email
App
https://app.openmail.email
Company number
Not applicable
Registered office
Not applicable - OpenMail™ Exchange is currently listed with the business address above.
VAT number
Not applicable

1. What this policy covers

This policy covers cookies, local storage, session storage, security tokens, preference storage, browser cache, and similar technologies used by OpenMail websites and applications.

2. Essential cookies

Strictly necessary cookies may keep you logged in, maintain a secure session, protect forms, prevent cross-site request forgery, support authenticated pages, validate actions, and protect against misuse. Core account features may not work without them.

3. Sessions and CSRF protection

A session cookie may identify your authenticated session until logout or expiry. CSRF tokens protect actions such as login, logout, settings changes, profile updates, contact changes, and controlled sending from forged requests.

4. Preference storage

OpenMail may remember theme, dark or light mode, density, font, layout, sidebar state, and other interface choices in your account, cookies, local storage, or session storage. Clearing site data may reset these choices.

5. Draft and interface state

Browser storage or memory may support compose state, local draft notices, contact picker state, selected folders or messages, panel expansion, and notifications. Unless clearly stated otherwise, browser draft state is not a mailbox-server draft and may be lost.

6. Security and duplicate-action controls

Short-lived tokens, session state, and server-side records may support rate limits, duplicate-send protection, validation, authentication, and abuse prevention. These controls protect users, recipients, and mail systems.

7. Current expected storage

TypePurposeTypical duration
Session cookieAuthentication and secure app sessionSession or configured lifetime
CSRF tokenProtect forms and requestsSession or configured lifetime
Theme preferenceRemember light, dark, or system displayUntil changed or cleared
Density preferenceRemember comfortable or compact layoutUntil changed or cleared
Font preferenceRemember the selected safe font stackUntil changed or cleared
Draft/UI stateSupport local interface behaviourSession, local, or until cleared
Duplicate-action tokenPrevent repeated sends or unsafe actionsShort-lived

8. Analytics and advertising

OpenMail does not currently need third-party analytics or advertising cookies to provide the core service. Static placeholder adverts should not use ad networks, tracking pixels, remote scripts, or third-party cookies.

If non-essential analytics, advertising, personalisation, or third-party cookies are introduced, this policy and the Privacy Policy will be updated and consent controls will be provided where required.

9. Consent

Strictly necessary cookies may be used without consent when required to provide the service you requested. Non-essential cookies require a lawful basis and, where applicable, clear consent that is specific, informed, freely given, and easy to withdraw.

10. Browser controls

Most browsers let you view, delete, or block cookies; block third-party cookies; clear local and session storage; control tracking protection; and use private browsing. Blocking all cookies may prevent login, secure forms, preference saving, and controlled app actions from working.

11. Cache and public legal pages

Browsers may cache CSS, JavaScript, icons, logos, profile images, and interface fonts for performance. OpenMail loads selected web fonts from the Bunny Fonts CDN, so your browser may request and cache font CSS and font files from that provider.

Bunny Fonts is used for interface display, not to read mailbox content or create advertising profiles. If the font CDN is unavailable or blocked, OpenMail falls back to system fonts. Public legal pages use minimal storage and do not require advertising or analytics cookies unless those features are introduced later.

12. Changes and contact

Exact cookie names and durations may vary with application configuration and future updates. Questions or requests can be sent to hello@openmail.email.

Terms & Conditions Privacy Policy Disclaimer Help & Support Frequently Asked Questions Cookie Policy Advertisement & Sponsorship
© 2026 OpenMail™ Exchange. All rights reserved. hello@openmail.email
i
Essential cookies and local storage

OpenMail uses essential cookies and local storage for secure login, preferences, theme, and app behaviour. We do not use analytics or tracking cookies.

Cookie policy