Elektrine
Log in Register

Privacy Policy

1. Information We Collect

Account and Profile Data

  • Account identifiers such as username, mailbox address, login credentials, and recovery or security settings.
  • Profile information you choose to publish, such as display name, avatar, bio, links, and public posts.
  • Preferences such as locale, notification settings, privacy settings, and enabled product features.

Content You Store or Send

  • Email messages, drafts, sent-mail copies, folders, labels, contacts, aliases, attachments, and filtering preferences.
  • Social posts, chats, notes, files, nerve metadata, and other content you create or upload.
  • Operational metadata needed to provide these services, such as message IDs, timestamps, delivery status, mailbox IDs, thread IDs, flags, and storage usage.

Information Collected Automatically

  • IP addresses, user agents, device/browser information, request timestamps, and session identifiers.
  • Security and abuse-prevention data such as login attempts, rate-limit events, SMTP/IMAP/POP connection events, and spam or malware signals.
  • Service logs and metrics used to operate, debug, secure, and improve Elektrine.

2. Email Privacy and Encryption

Email uses open internet protocols. Elektrine can protect local storage, but normal SMTP delivery still exposes some information to mail infrastructure.

Stored Mail

  • By default, message bodies are encrypted at rest for the account using server-side application encryption, while some metadata remains available to the server for mailbox operation.
  • If private mailbox storage is enabled, message subject, body, attachments, sender, recipients, and sent-mail copies are stored in browser-unlocked encrypted payloads. The server stores placeholders for protected fields.
  • Private mailbox storage reduces server-side search. Protected subject, body, sender, and recipient fields are not searchable by the server unless a future encrypted-search feature is explicitly enabled.
  • Private mailbox storage does not encrypt every operational field. The server may still store message IDs, mailbox IDs, timestamps, delivery state, folder/label state, read/unread flags, spam/deleted/archive flags, attachment counts, and similar mailbox-management metadata.

Mail Delivery

  • When you send or receive ordinary email, SMTP envelope data, routing headers, sender, recipient, subject, timestamps, message IDs, DKIM/SPF/DMARC headers, and server IPs/domains may be visible to Elektrine, receiving providers, sending providers, and intermediate mail systems.
  • Outgoing messages must be processed in plaintext by Elektrine/Haraka long enough to format, sign, scan, route, and deliver them unless you use message-level encryption such as PGP.
  • PGP or similar end-to-end content encryption can protect message contents from mail providers and relays, but it does not hide normal email routing metadata.

3. How We Use Information

We use information to:

  • Provide, operate, and maintain Elektrine services.
  • Send, receive, store, sync, filter, and display email and other user content.
  • Authenticate users, protect accounts, prevent fraud and abuse, rate-limit automated activity, and investigate security issues.
  • Debug failures, measure reliability, maintain backups, and improve product behavior.
  • Respond to support, legal, or safety requests.

4. Security Measures

We use technical and organizational safeguards, including:

  • TLS for supported web, API, and mail protocol connections.
  • Hashed password storage and account security controls.
  • Encryption at rest for supported stored content and optional private mailbox storage for browser-unlocked mail protection.
  • Access controls, rate limits, spam/abuse protections, logging, and operational monitoring.

No system can guarantee perfect security. You are responsible for protecting your account credentials and any private mailbox passphrase or device used to unlock encrypted mailbox content.

5. Data Sharing

We do not sell your personal data. We may share or disclose information:

  • With your direction or consent, such as when you send email to another provider or publish public content.
  • With service providers that help us operate infrastructure, storage, delivery, security, monitoring, or support.
  • To deliver email through the public email ecosystem, including DNS, SMTP, DKIM/SPF/DMARC, spam filtering, recipient providers, and remote mail servers.
  • To comply with applicable law, legal process, or enforceable government requests.
  • To protect Elektrine, our users, or the public from abuse, fraud, security threats, or harm.

6. Cookies and Local Storage

We use cookies and browser storage for:

  • Session management and authentication.
  • Security protections and CSRF prevention.
  • User preferences such as theme, locale, and interface state.
  • Private mailbox unlock state in the current browser tab when you choose to unlock protected mail.

7. Logs and Retention

We retain account data and user content while your account is active or as needed to provide the service. Operational logs may include IP addresses, request metadata, mail delivery events, rate-limit events, error messages, and security signals.

  • Deleting messages or attachments removes them from the active mailbox storage path, subject to backups and operational retention.
  • Account deletion removes or anonymizes personal data where feasible, subject to backups, legal obligations, fraud prevention, abuse records, and deliverability/security logs.
  • Backups and logs may persist for a limited period after deletion before they expire through normal retention cycles.

8. Your Choices and Rights

Depending on your location and account status, you may be able to:

  • Access, correct, export, or delete your account data.
  • Delete messages, attachments, posts, contacts, aliases, and other stored content.
  • Change privacy settings, notification settings, and mailbox encryption settings.
  • Opt out of optional communications where available.

9. Children's Privacy

Our services are not directed to children under 13. We do not knowingly collect personal information from children under 13.

10. International Data Transfers

Your data may be processed in countries other than your own. Where required, we use safeguards appropriate to the processing and providers involved.

11. Changes to This Policy

We may update this policy periodically. We will notify you of significant changes by email, service notification, or posting an updated policy.

12. Contact Us

For privacy-related questions or requests:

Email: privacy@elektrine.com