Safemails.Net Privacy Policy
Last updated: June 26, 2025
1. Introduction
Safemails.Net (“we,” “our,” or “us”) provides quantum-safe, end-to-end encrypted email via plugins and integrations (e.g., Gmail, Outlook). We comply with GDPR, HIPAA, NIS2, and DORA. This policy explains how we collect, use, store, and safeguard your data.
2. What Data We Collect
Sender Data (via plugin/integration):
- Email address and domain
- Plugin/app activity logs
- Subscription and billing info
- Draft metadata (with explicit consent): sender & recipient addresses, subject, body, attachments
- Encrypted email payloads (unreadable to us)
Recipient Data (non‑registered users):
- Pseudonymized device fingerprint
- Onboarding timestamp
- Hashed email address
- No inbox or content access
Gmail integration uses only these consented API scopes:
https://www.googleapis.com/auth/gmail.readonly
https://www.googleapis.com/auth/gmail.compose
https://www.googleapis.com/auth/gmail.addons.current.action.compose
https://www.googleapis.com/auth/gmail.addons.current.message.metadata
https://www.googleapis.com/auth/gmail.addons.execute
https://www.googleapis.com/auth/script.external_request
3. How We Use Data
- Encrypt messages with quantum‑entropy-based ephemeral keys
- Authenticate recipient devices via challenge/response
- Ensure GDPR, HIPAA, NIS2, DORA compliance
- Support audit logs, billing, and support workflows
4. Message Confidentiality
- We never read, share, or mine email content
- Encrypted drafts are accessed only to encrypt/send messages
- Only sender/recipient devices can decrypt; staff cannot
5. Data Storage and Retention
- Retention: Encrypted emails and attachments are retained for as long as the account or tenant is active. Upon deletion or deactivation, all related data is permanently and securely erased using cryptographic key destruction or secure deletion methods.
- GDPR Compliance: Aligned with GDPR's storage limitation principle—retained only as necessary and documented.
- Secure Storage: Data is encrypted in transit (TLS 1.2+) and at rest (AES‑256+), with post-quantum encryption (e.g., NIST-compliant lattice schemes).
- Secure Deletion: Upon deletion, crypto-shredding makes data irrecoverable, following NIST SP 800-88 standards.
- Review & Justification: Retention schedules are based on consent, business need, and legal obligation; reviewed periodically.
- Tenant-Specific Policies: Enterprise tenants may configure custom retention periods per their needs.
6. Data Residency
Data is stored in EU or US data centers, based on tenant configuration, ensuring compliance with relevant laws.
7. Cookies & Analytics
We use only essential session cookies. We do not use third-party tracking or analytics tools.
8. Your Rights & Controls
- Revoke Access: You can remove Safemails.Net via your Google Account (myaccount.google.com → Security → Third-party apps).
- Data Requests: Contact privacy@safemails.net to access, correct, or delete your data.
- Consent Withdrawal: Uninstalling revokes future access; prior encrypted data is managed per the retention policy until deletion.
9. Security Measures
- Quantum-entropy key generation with per-device ephemeral keys
- End-to-end encryption with no key reuse
- Tamper-proof audit logs
- Per-tenant microservice isolation
- Annual independent security assessments and Google OAuth/API verification
10. Third-Party Policies
Use of Gmail APIs is governed by Google’s Privacy Policy. Any other integrations follow their respective privacy terms.
11. Updates to Privacy Policy
We may update this policy to reflect changes in services or legal requirements. Material changes will be posted here and communicated via email or in-app banner.
By using our service, you agree to this Privacy Policy.