Privacy Architecture

Data Flow

Box operates entirely on your machine. It connects directly to your mail servers using the standard protocols your email provider already supports. There is no intermediary.

Your email travels between Box and your mail server. Nothing else sits in the middle. The local database is stored at ~/.config/Box/ and never leaves your machine.

Zero Telemetry Guarantee

Box does not collect:

• Usage analytics
• Behavior tracking
• Email metadata
• Performance telemetry
• Crash reports

This is not a policy decision; it is an architectural one. There is no telemetry code in Box because none was ever written. There is no endpoint to receive it, no database to store it, and no code path that transmits it. The absence is structural, not a toggle you have to trust us to leave off.

If you want to go deeper, you can inspect network activity yourself:

You will see connections only to your configured mail servers and, during activation, to the Locksmith licensing service. Nothing else.

Network Communication

Box communicates with exactly two types of external services:

• Your mail servers: IMAP for retrieving mail, SMTP for sending mail. These are the servers you configure when you add an account.
• Locksmith licensing service: contacted only during license activation and periodic validation. This verifies your license key and nothing more.

Box never transmits:

• Email content or message bodies
• Credentials or authentication tokens
• Your IP address, geolocation, or any identifying metadata beyond what is inherently required for direct communication with your mail servers
• Hardware identifiers or fingerprints
• Usage data or behavioral information

Connection Log

Box includes a built-in Connection Log, a real-time, per-session network monitor that shows every outbound connection the application makes. It is not hidden in a debug menu. It is a first-class feature because we believe you should never have to wonder what your email client is doing on the network.

The Connection Log displays protocol badges for every connection type (IMAP, SMTP, HTTPS, DNS), sparkline activity graphs for each server, pulse indicators for active connections, and relative timestamps. It's session-scoped and holds up to 5,000 entries in memory, all discarded when you close the panel or quit Box.

Credential Storage

Your email account credentials are stored in your operating system's native keyring (GNOME Keyring via libsecret). This means your passwords are encrypted by your OS using your login session, not by Box.

Credentials are never written to plaintext files, never stored in the SQLite database, and never logged. The keyring files on disk are protected with 0600 permissions, readable only by your user account.

Local Data Storage

All email data is stored in a local SQLite database at ~/.config/Box/box.db. This file is not encrypted by default. Deliberately. We want you to be able to query your own data:

The database is never uploaded, never synced to a cloud service, and never accessed by anything other than the Box application running on your machine. It is entirely under your control. Back it up, inspect it, delete it.

Configuration Export

Box can export your settings, accounts, contacts, and trust center data to a compressed .boxconfig file for backup or migration. Passwords and OAuth tokens are deliberately excluded from the export. When you import a configuration on a new machine, you'll re-authenticate each account, ensuring credentials never travel in a portable file.

Security Audit

Box has not yet undergone a formal third-party security audit. A formal audit is something we plan to pursue as the project matures.

For details on how the licensing system respects your privacy, see Licensing Transparency.