Privacy Policy

1. Our Privacy Commitment

At Onyx Mail, privacy isn't just a feature—it's the foundation of everything we build. We believe that private communication is a fundamental human right, and we've architected our entire service around this principle. Our commitment to your privacy goes beyond mere compliance; it's embedded in our technical infrastructure, our business practices, and our company culture.

We operate under the principle that your data belongs to you, not us. This privacy policy outlines how we protect your information, the minimal data we collect to operate our service, and the extraordinary measures we take to ensure your communications remain private.

2. Information Collection Practices

Onyx Mail adheres to strict data minimization principles. We collect only the absolute minimum information required to provide reliable email service and prevent abuse. Unlike conventional email providers, we do not profile users, scan email content for advertising purposes, or collect unnecessary metadata.

2.1 Account Information

When you create an Onyx Mail account, we collect:

• Email Address: Your chosen Onyx Mail address for account identification
• Authentication Credentials: Securely hashed passwords (we never store plaintext passwords)
• Account Creation Timestamp: For service management purposes
• Recovery Information (Optional): Alternative email or security questions, if provided

2.2 Technical Information

To maintain service reliability and prevent abuse, we collect minimal technical data:

• Connection Logs: Temporary logs containing IP addresses and timestamps, used exclusively for security monitoring and abuse prevention
• Service Usage Metrics: Aggregated, non-identifying statistics about service performance
• Security Events: Failed login attempts and suspicious activity patterns

2.3 What We Don't Collect

We explicitly do not collect:

• Email content or subject lines (protected by end-to-end encryption)
• Contact lists or address books beyond what's necessary for email delivery
• Behavioral tracking data or advertising identifiers
• Location data beyond what's inherent in IP addresses
• Device fingerprints or persistent tracking cookies
• Social media information or third-party profile data

3. Data Minimization Principles

Our data minimization philosophy extends beyond mere compliance—it's a fundamental design principle. We continuously evaluate our data practices to ensure we're collecting only what's absolutely essential for providing secure, reliable email service.

3.1 Purpose Limitation

Every piece of data we collect serves a specific, legitimate purpose:

• Service Delivery: Essential data needed to route and deliver emails
• Security: Information required to detect and prevent abuse, spam, and unauthorized access
• Legal Compliance: Minimal records necessary to comply with applicable laws
• Service Improvement: Aggregated, anonymized metrics to enhance reliability

3.2 Automatic Purging

We implement aggressive data purging policies. Operational logs are automatically deleted on a rolling basis, typically within days or weeks of creation, depending on their purpose. Once data has served its intended function, it's permanently removed from our systems.

4. Encryption and Security Architecture

Onyx Mail implements a zero-trust security architecture with end-to-end encryption at its core. This means that your email content is encrypted on your device before transmission and can only be decrypted by intended recipients. Even Onyx Mail cannot access the content of your encrypted communications.

4.1 End-to-End Encryption

All emails between Onyx Mail users are automatically protected with end-to-end encryption using industry-standard cryptographic protocols. Your private encryption keys are generated and stored locally on your devices, never on our servers. This ensures that only you and your intended recipients can read your messages.

4.2 Zero-Knowledge Architecture

Our zero-knowledge architecture means we have no technical ability to decrypt or access your email content. This design choice provides you with the strongest possible privacy protection but comes with an important consideration: if you lose your password and haven't set up proper recovery methods, we cannot recover your encrypted emails. This is a deliberate security feature, not a limitation—it ensures that even under legal compulsion or in the event of a breach, your communications remain private.

4.3 Transport Security

All connections to Onyx Mail services are protected with:

• TLS 1.3 or higher for all web connections
• Perfect Forward Secrecy to protect past communications
• Strong cipher suites with regular security audits
• Certificate pinning for mobile applications
• DANE and MTA-STS for email transport security

5. How We Use Information

The minimal information we collect is used exclusively for legitimate operational purposes:

5.1 Service Operations

• Email Delivery: Routing messages to correct recipients
• Account Management: Maintaining your account and preferences
• Service Reliability: Ensuring consistent uptime and performance
• Customer Support: Responding to your inquiries and resolving issues

5.2 Security and Abuse Prevention

• Threat Detection: Identifying and blocking malicious activity
• Spam Prevention: Maintaining the integrity of our service
• Fraud Prevention: Protecting against unauthorized account access
• DDoS Mitigation: Ensuring service availability for all users

5.3 Legal and Compliance

• Regulatory Compliance: Meeting our legal obligations in applicable jurisdictions
• Terms Enforcement: Ensuring compliance with our Terms of Service
• Legal Defense: Protecting our rights and those of our users

5.4 What We Never Do

We will never:

• Sell, rent, or trade your personal information
• Use your data for advertising or marketing without explicit consent
• Profile you based on email content or behavior
• Share your information with third parties except as explicitly stated in this policy
• Access your encrypted email content (we technically cannot)

6. Data Retention and Deletion

We maintain industry-leading data retention practices designed to minimize the amount of information stored about our users. Our retention policies balance the need for service reliability and abuse prevention with our commitment to user privacy.

6.1 Operational Logs

Connection and security logs are retained for the minimum period necessary to ensure service reliability and prevent abuse. These logs are automatically purged from our systems on a rolling basis:

• Access Logs: Retained for no more than 7-14 days before automatic deletion
• Security Event Logs: Maintained for up to 30 days for threat analysis
• Error Logs: Purged within 72 hours unless required for ongoing incident response
• Performance Metrics: Aggregated and anonymized within 24-48 hours

6.2 Email Data

Your encrypted emails remain in your account until you choose to delete them. When you delete emails:

• They are immediately marked for deletion and become inaccessible
• Permanently purged from primary systems within 24 hours
• Removed from backup systems within 30 days
• Cryptographically overwritten to prevent recovery

6.3 Account Deletion

When you delete your Onyx Mail account:

• All associated data is immediately queued for permanent deletion
• Account becomes irreversibly inaccessible within 24 hours
• Complete data purging occurs within 30 days
• No recovery is possible after deletion is initiated

6.4 Legal Retention Requirements

In rare circumstances, we may be legally required to retain certain information for longer periods. In such cases, we:

• Retain only the minimum data required by law
• Segregate such data from active systems
• Apply additional encryption and access controls
• Delete immediately upon expiration of legal requirements

7. Third-Party Services

To provide comprehensive email services, we carefully integrate select third-party services. Each third-party provider is thoroughly vetted for privacy practices, security standards, and alignment with our values.

7.1 Service Providers

We work with reputable third-party services for specific operational needs:

• Payment Processing: Secure payment gateways handle financial transactions. We never store complete payment card information on our servers.
• Infrastructure Providers: Cloud and hosting services that meet our strict security and privacy requirements, with data processing agreements in place.
• Security Services: DDoS protection and threat intelligence providers that process only essential network data.
• Analytics Tools: Privacy-respecting analytics for service performance monitoring, configured to collect minimal, anonymized data.
• Support Systems: Customer support platforms that handle only the information you explicitly provide when contacting us.

7.2 Third-Party Safeguards

For all third-party integrations, we:

• Require contractual privacy and security commitments
• Minimize data sharing to only what's essential
• Implement technical controls to limit data access
• Regularly audit third-party compliance
• Maintain the ability to terminate relationships if privacy standards aren't met

7.3 No Third-Party Access to Email Content

Your encrypted email content is never accessible to third-party services. Our end-to-end encryption ensures that email contents remain private, even from our infrastructure providers.

8. Government Requests and Legal Compliance

While we respect the rule of law and comply with valid legal obligations, we are committed to protecting our users' privacy to the maximum extent legally permissible. Our technical architecture and data minimization practices serve as strong safeguards against unauthorized surveillance.

8.1 Our Approach to Legal Requests

When we receive government requests for user data:

• Thorough Review: Every request is carefully examined for legal validity and appropriate scope
• Legal Challenge: We challenge overbroad, vague, or legally questionable requests through appropriate legal channels
• Minimal Disclosure: If compelled to respond, we provide only the minimum information legally required
• User Notification: We notify affected users unless legally prohibited from doing so
• Transparency Reporting: We publish regular transparency reports detailing the types and numbers of requests received

8.2 Technical Limitations on Disclosure

Our privacy-focused architecture inherently limits what we can disclose:

• No Email Content Access: End-to-end encryption means we cannot provide email contents, even under legal compulsion
• Minimal Logs: Our aggressive log purging means historical data is often unavailable
• Limited Metadata: We collect minimal metadata, reducing what can be disclosed
• No Behavioral Data: We don't track user behavior, so such data doesn't exist to disclose

8.3 Warrant Canary

We maintain a warrant canary to alert users if we receive certain types of legal requests that we're prohibited from disclosing. Check our transparency page for current status.

8.4 International Requests

For requests from foreign governments:

• We require proper legal process through appropriate international channels
• We assess requests against both local and international human rights standards
• We reject requests that don't meet our strict legal standards

9. Your Rights and Controls

You have comprehensive rights regarding your personal information, and we provide tools to exercise these rights effectively.

9.1 Access and Portability

• Data Access: Request a copy of all personal information we hold about you
• Data Export: Export your emails and account data in standard formats
• Transparency: Understand what data we collect and how it's used

9.2 Control and Correction

• Update Information: Modify your account information at any time
• Privacy Settings: Configure privacy preferences for your account
• Communication Preferences: Control what communications you receive from us

9.3 Deletion and Restriction

• Data Deletion: Request deletion of specific data or your entire account
• Processing Restriction: Limit how we process your information
• Objection Rights: Object to specific data processing activities

9.4 Regional Rights

Depending on your location, you may have additional rights under laws such as:

• GDPR (European Union): Comprehensive data protection rights including consent withdrawal and automated decision-making protections
• CCPA/CPRA (California): Rights to know, delete, correct, and opt-out of sale of personal information
• LGPD (Brazil): Similar comprehensive data protection rights
• Other Jurisdictions: We respect all applicable privacy laws in jurisdictions where we operate

10. Security Measures

We implement multiple layers of security to protect your data from unauthorized access, disclosure, alteration, and destruction.

10.1 Technical Safeguards

• Encryption: Data encrypted at rest and in transit using industry-standard algorithms
• Access Controls: Multi-factor authentication and role-based access controls
• Network Security: Firewalls, intrusion detection, and DDoS protection
• Vulnerability Management: Regular security audits and penetration testing
• Incident Response: 24/7 security monitoring and rapid incident response

10.2 Organizational Safeguards

• Security Training: Regular privacy and security training for all personnel
• Access Limitations: Strict need-to-know basis for data access
• Background Checks: Screening of personnel with access to systems
• Confidentiality Agreements: Legal obligations for all staff and contractors
• Security Policies: Comprehensive internal security policies and procedures

10.3 Physical Security

• Data Centers: Servers housed in secure, access-controlled facilities
• Environmental Controls: Protection against environmental threats
• Redundancy: Multiple data center locations for resilience
• Secure Disposal: Cryptographic erasure of decommissioned hardware

11. International Data Transfers

As a global email service, we may need to transfer data across international borders. We ensure all transfers comply with applicable data protection laws.

11.1 Transfer Safeguards

When transferring data internationally, we implement appropriate safeguards:

• Standard Contractual Clauses approved by relevant authorities
• Adequacy decisions where applicable
• Additional technical and organizational measures
• Encryption of data during transfer

11.2 Data Localization

Where legally required or beneficial for user privacy, we support data localization to keep your information within specific geographic regions.

12. Policy Updates

We may update this Privacy Policy to reflect changes in our practices, technologies, legal requirements, or for other operational reasons.

12.1 Notification of Changes

• Material Changes: Advance notice via email for significant privacy practice changes
• Minor Updates: Posted on our website with updated revision date
• User Consent: Affirmative consent required for material changes affecting existing data
• Version History: Previous versions available for reference

12.2 Continuous Improvement

We continuously evaluate and improve our privacy practices to ensure they meet the highest standards and serve our users' best interests.

13. Contact Information

We welcome questions, concerns, and feedback about our privacy practices.