Privacy Policy
Last updated: January 2025
Introduction
defnd.email is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights under applicable data protection laws. Our service is built on zero-knowledge architecture — we cannot read your data, even if we wanted to.
Information We Collect
We collect minimal information necessary to provide our service:
- Account information: email address, username
- Encrypted data: your emails, calendar, notes, and passwords (encrypted with your keys)
- Technical data: IP addresses for security, basic usage analytics
Information We Cannot Access
Due to our zero-knowledge architecture, we cannot access:
- Content of your emails, notes, or calendar events
- Your passwords stored in the vault
- Your encryption keys or recovery phrase
Encryption & Security
Your data is protected using modern cryptography:
- End-to-End Encryption: All data is encrypted on your device before being sent to our servers.
- Zero-Knowledge: We store only encrypted data. We cannot decrypt it without your keys.
- Key Management: Your private keys are encrypted with your password and never transmitted in plaintext.
Cookies
We use essential cookies only:
- Session cookies for authentication
- Preference cookies for theme and language settings
Third-Party Services
We use minimal third-party services: infrastructure providers within the EU for hosting. We do not sell your data or use advertising networks.
Your Rights (GDPR)
Under GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Request deletion of your data
- Export your data in a portable format
- Object to certain processing activities
Data Retention
We retain your encrypted data for as long as your account is active. Upon account deletion, all data is permanently removed within 30 days.
Changes to This Policy
We may update this policy from time to time. We will notify you of significant changes via email or through our service.
Contact Us
For privacy-related inquiries: