Return to Inbox

Privacy Policy

Your Data, Your Keys.

1. Data Minimization

We adhere to the principle of data minimization. We do not require your name, phone number, or existing email address. The only data we process is what is strictly necessary to route temporary emails to your browser.

2. Zero-Knowledge Encryption (Technical Security)

This is our primary privacy safeguard. We employ a Client-Side Encryption model:

  • Keys in Browser: Your inbox's private key is generated in your browser and stored in `localStorage`. It is never sent to our servers.
  • Encrypted Storage: Emails stored on our temporary servers are encrypted. Because we do not possess your private key, we cannot decrypt or read your messages, even under legal compulsion.

3. Essential Cookies & Security

We use a minimal number of strictly necessary cookies to ensure the stability and security of our service.

Bot Protection & Authenticity

These cookies are used solely for technical verification (Proof of Work) to prevent automated abuse and ensure you are a human user. We do not use proprietary cookies for behavioral tracking or cross-site profiling.

4. Analytics & Logs (Umami)

We use a self-hosted instance of Umami Analytics to monitor system health.

Privacy-First Analytics

Our analytics are anonymous and aggregated. No tracking cookies are used for analytics purposes.

Server Logs

Access logs (IP addresses) are rotated and permanently purged every 24 hours to prevent long-term user profiling.

5. Payments & Blockchain Data

When you purchase a Premium extension via cryptocurrency (LTC/DOGE), the transaction data is public on the blockchain. However, we do not link this payment to any personal identity. We only store the transaction hash (TXID) to validate the service extension.

6. Advertising & Funding

To keep our service free and cover infrastructure costs, we display advertisements provided by aads.com (Anonymous Ads).

We chose A-Ads because they align with our privacy values: they focus on non-intrusive advertising and do not use invasive tracking or personal data profiling. Interactions with these ads are subject to the privacy policy of aads.com.

7. Data Retention & Purging

  • Free 10 minutes Inboxes: Automatically deleted after 10 minutes of inactivity.
  • Free Inboxes: Automatically deleted after 24-48 hours of inactivity.
  • Premium Inboxes: Deleted 30 days after the subscription period ends.
  • Deleted means Deleted: Once purged, the cryptographic keys and encrypted data are erased from our infrastructure and cannot be recovered.

GDPR Notice: You have the right to request deletion of your data. Since we do not collect personal identifiers, you must provide your session keys for us to locate your data. Contact: [email protected]