Privacy Policy

This Privacy Policy explains what information notrace.email collects, stores, and processes as part of providing email services. This document is intentionally minimal — notrace.email is built for privacy, and the service is designed to retain as little information as possible.

Last updated:

What We Do Not Collect

notrace.email does not collect or permanently store:

• IP addresses
• User agent strings
• Device information
• Browser fingerprints
• Tracking identifiers or analytics
• Any metadata beyond what is strictly required for mail delivery

We do not use Google Analytics, trackers, pixels, ads, or third-party scripts of any kind.

What Mail-in-a-Box Automatically Handles

notrace.email runs on Mail-in-a-Box (MIAB), which by design stores only the data necessary for operating an email service. MIAB does not collect user agents or connection IPs for web login, and webmail sessions do not log identifiable information.

MIAB temporarily keeps extremely short-lived technical logs (usually under 48–72 hours) for mail transport functions. These logs typically include:

• The sender and recipient email addresses
• Delivery status information
• Server-to-server routing information required by SMTP

These logs rotate automatically and are not retained long-term. They are not used to profile users.

Information You Provide

When you create an account, the following information is stored:

• Your chosen email address
• A hashed password
• Your mailbox contents (mail you keep on the server)
• Any filters or settings you configure inside webmail

No personal identity information is required. You may register using Tor, a VPN, or any privacy-preserving method.

Cookies & Sessions

Cookies are used only to keep you logged into the webmail interface. These cookies do not track or follow you outside the service.

Data Sharing

notrace.email does not share or sell data to third parties. The service runs on self-managed infrastructure; no external mail processors or analytics providers are used.

Legal Compliance

We comply with lawful requests applicable to our operating jurisdiction. No data is provided to any entity without a legally binding order.

Proof of Ownership

Your ability to log in is the only proof of account ownership. If you lose your password, access cannot be restored.

Right to Erasure

You may delete your account at any time. To erase your presence from the service:

1. Delete all mailbox contents (user-controlled data).
2. Request account deletion from support or the designated removal interface.

Registration information is removed upon account deletion. Temporary operational logs (if present) expire automatically.

Backups

Backups are system-wide and immutable. Deleted accounts are removed during restoration, but historical backups cannot retroactively remove old data blocks — this is a normal security practice.

Final Notes

notrace.email is designed to preserve privacy and retain the minimum information necessary for a functional email service. For maximum anonymity, use Tor or a VPN when accessing the service.