Home | Account | Docs
Last updated: 2021-11-20
AltMail.se operates a privacy-conscious email service for personal use. As an account holder, you are not required to disclose your identity. You are welcome to hide behind pseudonyms, Tor, etc. when contacting us and using our services.
We only collect and store data that is technically necessary for us to provide our services, and all personally identifiable data is retained only until you explicitly delete it, or your account gets deleted. We do not give out any information concerning any of our account holders to a third party (except when legally obliged to do so as part of a criminal investigation). We do not have any commercial interest in tracking or profiling our users, and we do not implement any such data collection.
When accessing our web-based account portal, we use session cookies that are technically necessary for providing the service. We do NOT store any non-essential cookies (for tracking, analytics, or any other purposes). Some of the cookies we do store might be persistent to allow you stay logged in for certain periods of time. You are welcome to delete our cookies at any point in time, after which you will be required to login the next time you need to access any of these services.
We collect industry-standard access logs on our HTTP, IMAP and SMTP endpoints. We log the subset of what is applicable for any given protocol out of: timestamp, client IP and user agent, the request (or resource being accessed), number of bytes served, and the result code. We also collect similarly scoped application-level event logs for select backend services. All of these logs are rotated daily and are kept for a maximum of ten (10) days. The logs are machine-read and processed to facilitate monitoring of our systems to provide insight into request rates, errors, resource usage, abuse detection, etc.
We extract certain data points from our access logs and application logs, compute statistical aggregates on top of them, and store the resulting data beyond the end of the retention period of the original data. All of this statistically derived data is completely anonymous (does not include client IP, user agent, or account address) and aggregated, and is used to drive operational excellence. It is never shared with a third party.
In-flight email (being received into, or sent from your account) is machine-read and processed by industry-standard spam and virus scanner programs to ensure orderly and safe operation of our infrastructure and to protect all our users. This process also includes outbound rate-limiting.
We do not retain copies of outbound emails, other than as a consequence of your mail client saving a copy of sent email into a certain folder (usually named "Sent"). This is within your control and is completely optional.
At any point in time, the personal data we store on your behalf is constituted by the emails kept in your account, plus offline backups thereof that are kept for a maximum of ten (10) days. The entirety of this data is strongly encrypted at rest at all times, and transmitted over encrypted channels as much as possible. The only scenario where your email is transmitted unencrypted between our server and the outside world is when you send email to, or receive email from a counterparty whose mail server does not offer TLS-encrypted mail transport. (This is getting increasingly rare; all major mail providers support TLS.) We never allow unencrypted connections between our servers and your (mail and web) clients.
Please keep in mind that we are technically able to access the email stored in your account in human-readable form. Naturally (as well as a matter of policy), we do NOT do this unless we are forced to investigate ourselves (e.g., as a consequence of abuse reports) or aid an external (criminal) investigation. We strive to notify you whenever such a "data incident" happens, but we may be legally prevented from doing so.
If you are paranoid, you are advised to periodically download all email from your account, store it locally in your own archive, and delete it from our server. Such a so-called offline email setup is facilitated by purpose-built IMAP sync clients (e.g., offlineimap, mbsync); most general-purpose mail clients (e.g., Thunderbird) also support a "do not leave email on the server" mode of operation. If you are truly paranoid, you are advised to avoid email altogether in favour of a different communications medium with built-in end-to-end encryption guarantees.
Apart from your emails themselves, we store and process a few more individual pieces of data related to your account and your person. The single unique identifier of your account is your primary account email that serves as your user name when logging in to our account portal, and when authenticating against our IMAP and SMTP services. You might (and are warmly advised to) also have a recovery address on file with us. Both of these email addresses, as well as any other account-related data that we store on your behalf (such as any further email aliases you use), are either strictly necessary for providing our services to you, or provided optionally (you can leave them blank without loss to the core functionality of our service). In any case, all such information will always be stored strongly encrypted on our servers and in our backups at rest, but parts of them might appear in application event logs and protocol access logs, and those might be viewed by humans during certain operational (technical) investigations (including routine checks), but especially in case your account gets flagged by our monitoring systems for suspicious activity.
We only ever store your account password in hashed form, and therefore we are never able to recover your password. If you lose your password and do not have a verified recovery email where we can send a password reset email, we are not able to help you, and you will lose access to your account.
If you delete an email in your account, the corresponding data will be promptly deleted from our mail server. Depending on the age of the deleted email, our backups might continue to hold the email subject to their retention period, which is ten (10) days at most.
If you choose to delete your account, this action will promptly delete all related data (your emails and your account settings). Backups will continue to hold your data subject to their retention period, which is ten (10) days at most.