CheckThis — Privacy Policy

DataIsland Software LLC  ·  Last updated: 20 May 2026

CheckThis is an email phishing and fraud analysis tool for macOS. This policy explains exactly what data CheckThis accesses, what leaves your device, and what is stored locally.

Summary

CheckThis does not collect personal data. Email content never leaves your Mac — except via the optional OpenRouter AI feature, which you must explicitly enable with your own API key. The app has no server, no account, and no analytics.

What CheckThis Analyzes

CheckThis reads email headers and content from Apple Mail. This analysis happens entirely on your device. The raw email content is never transmitted to DataIsland or to any server.

What Leaves Your Device

DNS, WHOIS, and Geolocation Lookups

To verify sender reputation, CheckThis sends the following to third-party services:

• Domain names — sent to DNS resolvers, WHOIS servers, and email reputation blocklists to check sender domain age, authentication records (SPF, DKIM, DMARC), and abuse history.
• IP addresses — sent to ipinfo.io to resolve routing hops to a city, country, and ISP.

Your email subject, body, and personal information are not included in these lookups. Only the domain name or IP address crosses the network.

These lookups can be individually disabled in Settings → DNS.

OpenRouter (Optional — Opt-In Only)

CheckThis can optionally use the OpenRouter API to add an AI analysis layer. This feature:

• Is disabled by default
• Requires you to supply your own OpenRouter API key
• Sends email content (headers and body) to OpenRouter's servers for analysis
• Is governed by OpenRouter's privacy policy

DataIsland does not receive or store any content sent through OpenRouter. Your API key is stored only in your macOS Keychain.

Apple Intelligence (Optional — Opt-In Only)

On supported hardware (Apple Silicon Mac, macOS 26, Apple Intelligence enabled), CheckThis can use Apple Intelligence for AI analysis. Apple Intelligence processes everything on-device. No email content leaves your Mac via this path.

Mail Extension

The CheckThis Mail Extension runs inside Apple Mail and screens incoming messages using a local rule engine. The extension makes no network calls — it does not contact DNS, WHOIS, or any external service. Analysis is entirely local and instant.

What Is Stored Locally

• Analysis history — past analyses and verdicts, stored in the app's local sandbox
• Safe Senders and Block List — stored locally
• Settings and preferences — stored in UserDefaults, local only
• OpenRouter API key (if provided) — stored in macOS Keychain

None of this data is synced to iCloud or transmitted to DataIsland.

What CheckThis Does Not Do

• Does not send email content to DataIsland or any server (except OpenRouter if enabled)
• Does not require an account or login
• Does not track usage, collect analytics, or send crash reports to DataIsland
• Does not share any data with third parties for advertising
• Does not sync any data to the cloud

Children's Privacy

CheckThis is not directed at children under 13. We do not knowingly collect information from children.

Changes to This Policy

If we make material changes to this policy, we will update the "Last updated" date above. Continued use of CheckThis after changes constitutes acceptance of the updated policy.

Contact

Questions about this policy:
support@dataisland.com
DataIsland Software LLC