Privacy policy

Last updated: 2026-01-01

What we collect

  • Encrypted ciphertext you upload. We cannot decrypt it.
  • Keyed HMAC hashes of recipient e-mail addresses, when provided. Original addresses are not stored.
  • Pseudonymous audit entries (event type, hashed IP) for abuse mitigation.
  • Account data (e-mail, hashed password, optional 2FA secret) — only if you create an account.

What we do not collect

  • Plaintext messages or decryption keys.
  • Tracking cookies, analytics, or third-party assets.

Retention

Messages are deleted at most 30 days after creation, or earlier when the configured expiry or open limit is reached. Audit log entries are kept for 180 days.

Contact

Questions: see the contact details in our security policy.

We use only essential cookies (session, CSRF, language). No tracking. Learn more