Privacy Policy

Last updated: March 2026

This privacy policy describes how Midnight Inventions ("we," "us," or "our"), a product label of Horizon Refined Designs LLC, handles information in connection with our products and services, including VaultMail, digital guides, and this website.

1. Overview

All Midnight Inventions products are designed with privacy as a core principle. We do not operate servers that process or store your personal data. We do not run analytics or telemetry on any of our products or this website.

2. Data We Do Not Collect

  • Usage analytics or telemetry
  • Crash reports
  • Personal information (beyond what you voluntarily provide through our contact form or a purchase)
  • Email content or metadata
  • Browsing behavior or cookies

3. This Website (midnight-inventions.com)

This website is a static site. It does not use cookies, analytics, or tracking of any kind. The contact form is processed by Web3Forms, which receives only the name, email, and message you submit. We do not store this data beyond what is needed to respond to your inquiry.

4. Digital Products (Guides and Script Bundles)

Purchases of digital products are processed by Gumroad. When you make a purchase, Gumroad collects your name, email address, and payment information. We receive your name and email for order fulfillment purposes. We do not store or have access to your payment card details.

For details on how Gumroad handles your data, see the Gumroad Privacy Policy.

5. VaultMail

VaultMail is a desktop email client for macOS. Your data stays on your device and is transmitted only to your email provider. We do not operate servers that process or store your email data.

5.1 Data Stored Locally on Your Device

  • Email credentials — stored securely in the macOS Keychain
  • Email messages — cached locally for offline access
  • Attachments — downloaded to your local cache directory
  • App preferences — stored in local app storage
  • Spotlight index — managed by macOS, stored locally

5.2 Data Transmission

VaultMail connects directly to your email provider using secure, encrypted protocols. For Gmail, iCloud, Yahoo, and other IMAP providers, we use IMAP/SMTP over TLS/SSL. For Microsoft Outlook/Hotmail accounts, we use the Microsoft Graph API over HTTPS. No email data passes through any Midnight Inventions servers or intermediaries.

5.3 Google OAuth and API Services

When you connect a Google account to VaultMail, we use Google OAuth 2.0 to authenticate your identity and access your email. Here is exactly what happens:

  • What we access: VaultMail requests access to your Gmail messages via the IMAP and SMTP protocols using your OAuth token. We access your email address for account identification and display purposes only.
  • How we use it: Your email data is used solely to display your messages within the VaultMail application on your device. We do not copy, store, analyze, or transmit your email data to any external server.
  • What we do not do: We do not read, scan, or index your email content for advertising, analytics, profiling, or any purpose other than displaying it to you. We do not share, sell, or transfer your Google user data to any third party.
  • Token storage: Your OAuth tokens are stored securely in the macOS Keychain and are never transmitted to Midnight Inventions servers.
  • Revocation: You can revoke VaultMail's access to your Google account at any time through your Google Account permissions.

VaultMail's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

5.4 Microsoft OAuth and Graph API

When you connect a Microsoft account (Outlook, Hotmail, or Microsoft 365) to VaultMail, we use Microsoft OAuth 2.0 and the Microsoft Graph API:

  • What we access: VaultMail requests access to read and send your email via the Microsoft Graph API using your OAuth token.
  • How we use it: Your email data is used solely to display your messages within the VaultMail application on your device. We do not copy, store, analyze, or transmit your email data to any external server.
  • What we do not do: We do not read, scan, or index your email content for advertising, analytics, or profiling. We do not share, sell, or transfer your Microsoft user data to any third party.
  • Token storage: Your OAuth tokens are stored securely in the macOS Keychain and are never transmitted to Midnight Inventions servers.
  • Revocation: You can revoke VaultMail's access at any time through your Microsoft Account privacy settings.

5.5 Contacts Access

If you grant permission, VaultMail can access your macOS Contacts to provide email address autocomplete. This data is only used locally and is never transmitted.

5.6 VaultMail Data Deletion

To delete all VaultMail data from your device:

  1. Remove your accounts in VaultMail Settings
  2. Delete the app
  3. Optionally, remove Keychain entries (Keychain Access > search "VaultMail")

6. Midnight Writer

Midnight Writer is a distraction-free writing app for macOS that stores your documents locally using Apple's SwiftData framework.

6.1 Data Stored Locally

  • Your documents (title, content, word count, timestamps) are stored on your Mac using SwiftData.
  • App preferences (appearance mode, font size, focus mode, spell check) are stored in macOS UserDefaults.
  • No data is stored on Midnight Inventions servers.

6.2 iCloud Sync

  • If iCloud is enabled on your Mac, Midnight Writer uses Apple's CloudKit to sync documents across your devices.
  • This sync is handled entirely by Apple's infrastructure. No document data passes through Midnight Inventions servers.
  • You can disable iCloud sync in your Mac's System Settings. If iCloud is unavailable, documents are stored locally only.

6.3 File Access

  • Midnight Writer can open text and Markdown files you select from Finder. It only accesses files you explicitly choose.
  • Exported files (text, Markdown, PDF) are saved to locations you select.

6.4 Data Deletion

  • Delete individual documents from within the app.
  • Uninstall the app to remove all local data.
  • If iCloud sync was enabled, remove Midnight Writer data from iCloud via System Settings > Apple ID > iCloud > Manage Storage.

7. Third-Party Services

Our products do not integrate with any third-party analytics, advertising, or tracking services. External connections are limited to: your email provider(s) (VaultMail), Google/Microsoft/Yahoo OAuth servers (VaultMail), Web3Forms (contact form), and Gumroad (digital product purchases).

8. Security

  • All credentials are stored in the macOS Keychain (VaultMail)
  • All network connections use TLS/SSL encryption
  • No plain-text passwords are stored on disk
  • OAuth tokens are stored in the system keychain, not in app files

9. Children's Privacy

Our products are not directed at children under 13. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this privacy policy from time to time. Changes will be reflected in the "Last updated" date above. Continued use of our products after changes constitutes acceptance of the revised policy.

11. Contact

For privacy questions or concerns, please use our contact form.