We believe online privacy matters.
Privacy is a right, not a feature. This is the founding principle of the Mailfence service. After the 2013 global mass surveillance revelations by Edward Snowden, it became evident that online privacy is threatened. Therefore, we decided to launch a highly secure email and collaboration service which respects the privacy of users.
- No tracking, no advertising
We do not use any third-party advertising or marketing trackers. We do not track your activity in the application.
Mailfence is completely free from ads. We do not send spams or solicitations. We have never and will never commercialize our databases or share data with any third-party for targeted advertising or any other purpose.
- No third-party access to your data
We have never and will never create backdoors or government shadow access that could be used to spy on our users.
Our SSL/TLS certificate does not include any US certification authority in the certification chain.
- No one can read your encrypted emails
Since emails are encrypted by your browser and decrypted by the intended recipients, no one else can read them, not even Mailfence. This is called end-to-end encryption (E2EE).
We do store your private key on our servers but we can't read it, since it is encrypted with your passphrase (via AES-256). There is no root key that would allow us to decrypt messages encrypted with your keys.
- Strict privacy laws
In many countries, government sponsored programmes collect massive amounts of data from the Internet. This data collection is done without any search warrant, court order, or subpoena. In Belgium, where Mailfence is located and our servers hosted, the law protects privacy. Only a valid Belgian court order can force us to release data. Since we have no foreign parent company, we never comply with any rogue or other data requests from either domestic or foreign authorities. We are not liable to US gag orders or NSL’s.
We think that transparency is key to building trust between you and us. Therefore, we have from day one, maintained an up-to-date transparency and warrant canary report. It lists all the data requests that we have received, including the ones that we denied.
Moreover, our code is open to audits or scrutiny by recognized security experts.