By installing, deploying, or using Spindle you agree to these terms. Spindle is self-hosted software — these terms govern your use of the application itself, not a cloud service operated by a third party.
Spindle is an open-source, self-hosted email client that allows you to read, send, and manage email from one or more accounts through a single web interface. All data is stored on the server you operate. Spindle does not provide email hosting or transmission services of its own — it connects to external providers (such as Google Gmail, Microsoft Outlook, or any IMAP/SMTP server) on your behalf.
Access to a Spindle instance is invite-only. Registration requires a valid invite code issued by an administrator of that instance.
You agree to use Spindle only for lawful purposes. You must not:
When you connect a Gmail account, Spindle uses the Google API Services to access your Gmail data on your behalf. Your use of Google services through Spindle is subject to Google's Terms of Service. Spindle's use of data received from Google APIs adheres to the Google API Services User Data Policy , including the Limited Use requirements.
You are responsible for revoking Spindle's access to your Google account at any time via Google Account Permissions if you no longer wish to use the Gmail integration.
When you connect an Outlook account, Spindle uses the Microsoft Graph API to access your mail on your behalf. Your use of Microsoft services through Spindle is subject to Microsoft's Terms of Service. You may revoke Spindle's access at any time via your Microsoft account app permissions.
The administrator of a Spindle instance has elevated privileges, including the ability to generate and revoke invite codes, change user roles, and permanently delete user accounts. By using a Spindle instance you acknowledge that the administrator may exercise these rights. If you operate your own instance, you are the administrator and are responsible for the appropriate use of these privileges.
Because Spindle is self-hosted, all data associated with your account — including email credentials, OAuth tokens, and session data — is stored on the server you operate or have been granted access to. The person or organisation running the Spindle instance is responsible for the security of that server and the data on it.
For details on what data Spindle stores and how it is handled, see the Privacy Policy.
You are responsible for maintaining the confidentiality of your Spindle credentials and for all activity that occurs under your account. You agree to notify the operator of your Spindle instance immediately if you suspect unauthorised access.
Spindle is provided "as is" without warranty of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement. The authors and operators of Spindle do not guarantee that the application will be error-free, uninterrupted, or free of security vulnerabilities.
To the fullest extent permitted by applicable law, neither the developers of Spindle nor the operator of any Spindle instance shall be liable for any indirect, incidental, special, or consequential damages arising from your use of or inability to use the application, including any loss of data or email access.
These terms may be updated from time to time. Continued use of a Spindle instance after terms are updated constitutes acceptance of the revised terms. The operator of your instance is responsible for communicating material changes to users.
Spindle is self-hosted software. Questions about these terms or the specific deployment you are using should be directed to the person or organisation operating that instance.