Paperweight scans your inbox to map your digital footprint, then helps you take back control and delete your data. Local-first and open source.

I’m excited to introduce Paperweight, a local-first open-source desktop app I’ve been building to help people understand and reduce their digital footprint.

Your inbox is a paper trail of every company that has ever had your data. Every account you created, every service you tried, every online purchase. It’s all connected to your email. Most people have 100+ accounts they’ve forgotten about, each a potential security, or privacy risk. For me the final push was the Odido data breach in the Netherlands. I hadn’t been a customer for more than 8 years, but all my data was still in their systems.

What it does:

  • Account inventory — Maps every company that has ever emailed you, with risks classifications and recommendations for action.
  • Bulk unsubscribe — Find and unsubscribe from any marketing and mailing lists (auto RFC 8058 where supported).
  • Breach alerts — Alerts when any company you’ve been in contact with has been breached (via HaveIBeenPwned).
  • GDPR requests — Generates pre-filled GDPR requests in multiple languages.

Supports Gmail, Outlook, Apple Mail, Proton (via Bridge) and other email providers via IMAP.

Privacy approach:

Everything runs on your machine. Email content, credentials, and connection details never leave your device. No telemetry, no cloud sync, no analytics. The code is fully open source and auditable on GitHub.

Most alternatives in this space all require your to share your data through their services. Some of them have actually been caught selling your data. Paperweight is the only tool I’m aware of that does this entirely local and is open-source.

Website

github.com
u/wslyvh — 1 month ago

Paperweight - Take back your privacy

I’m excited to introduce Paperweight, a local-first open-source desktop app I’ve been building to help people understand and reduce their digital footprint.

Your inbox is a paper trail of every company that has ever had your data. Every account you created, every service you tried, every online purchase. It’s all connected to your email. Most people have 100+ accounts they’ve forgotten about, each a potential security, or privacy risk. For me the final push was the Odido data breach in the Netherlands. I hadn’t been a customer for more than 8 years, but all my data was still in their systems.

What it does:

  • Account inventory — Maps every company that has ever emailed you, with risks classifications and recommendations for action.
  • Bulk unsubscribe — Find and unsubscribe from any marketing and mailing lists (auto RFC 8058 where supported).
  • Breach alerts — Alerts when any company you’ve been in contact with has been breached (via HaveIBeenPwned).
  • GDPR requests — Generates pre-filled GDPR requests in multiple languages.

Supports Gmail, Outlook, Apple Mail, Proton (via Bridge) and other email provider via IMAP.

Privacy approach:

Everything runs on your machine. Email content, credentials, and connection details never leave your device. No telemetry, no cloud sync, no analytics. The code is fully open source and auditable on GitHub https://github.com/wslyvh/paperweight

Most alternatives in this space all require your to share your data through their services. Some of them have actually been caught selling your data. Paperweight is the only tool I’m aware of that does this entirely local and is open-source.

Feedback welcome! Thanks

paperweight.email
u/wslyvh — 1 month ago

Paperweight v0.3: local-first email clean up, now with multi-account support, smoother onboarding, and broader IMAP/SMTP support

A few months ago I shared the first version of Paperweight here. It's an open-source desktop app that scans your inbox locally to show which companies have your data and helps you take back control of it.

Every account you create, every service you sign up for, every online purchase is connected to your email address. Most people have 100+ accounts they've forgotten about, creating security risks and privacy exposure.

Local-first. Your inbox is scanned on your own device, your data never leaves it, and there is no account or cloud component.

v0.3 focused on onboarding and connecting more mailboxes reliably:

  • No more security warnings. The macOS app is notarized by Apple, and Gmail connects through Google's verified app. No Gatekeeper warnings, no unverified-app screens, no workarounds.
  • Broader IMAP/SMTP support, incl. Apple iCloud, Proton Mail (using Bridge) and IMAP presets for other major email providers.
  • Easier multi-account setup, switching, and reconnect flows.
  • Improved breach and risk classification, so affected accounts are flagged with clearer next steps.

This round was mostly groundwork for a more reliable base for whatever mailbox you use.

Github https://github.com/wslyvh/paperweight

Feedback welcome! Thanks

reddit.com
u/wslyvh — 2 months ago