Privacy Policy

Last updated: May 31, 2026

1. Introduction

MailFlusher ("we", "our", "us") is an email forwarding service operated from Germany, within the European Union. We are committed to protecting your privacy and handling your personal data in accordance with the EU General Data Protection Regulation (GDPR).

This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights regarding your personal data.

2. Data We Collect

Account Information

  • Username (chosen by you)
  • Email address (your real email, used as the forwarding destination)
  • Password (stored as a one-way hash, never in plain text)
  • Google account ID (if you sign in with Google)

Email Data

  • Email aliases you create
  • Aggregate statistics (number of emails forwarded, blocked, replied, sent)
  • Monthly bandwidth usage

We do not store the content of forwarded emails. Emails are processed in memory and forwarded immediately to your recipient address. The only exception is if you have enabled the "Store Failed Deliveries" option, in which case failed emails may be temporarily stored so you can retry delivery.

Encryption Keys

If you choose to add a GPG/OpenPGP public key, it is stored so we can encrypt forwarded emails before delivery. We never have access to your private key.

Ghost Inbox (Pro feature)

If you enable Ghost Inbox and mark an alias as "ghost mode", incoming mail to that alias is stored rather than forwarded. To make this genuinely private we designed the feature so that MailFlusher staff and server operators cannot read the stored content, even with full database access:

  • Your browser generates an OpenPGP keypair the first time you set up your vault. The passphrase that protects the private key never leaves your browser.
  • We store the public key (used to encrypt incoming mail for you) and the passphrase-encrypted private key (a ciphertext blob that only your passphrase can unlock).
  • When mail arrives at a ghost-mode alias, the server immediately encrypts the entire MIME message with your public key, stores the resulting ciphertext, and discards the plaintext. No copy in logs, no copy in backups beyond the encrypted form.
  • Reading requires unlocking the private key in your browser with your passphrase. Decryption happens locally; plaintext is only ever in your browser's memory.
  • Depending on your preview-mode setting, we may additionally store the first 10 characters of the From and Subject headers in plain text so the inbox list is usable without unlocking. You can disable this by switching to "Encrypt everything" in Settings → Ghost Inbox.
  • Stored emails are automatically deleted after 30 days.
  • If you forget your passphrase, stored emails are permanently unreadable. We cannot recover them. You are offered a recovery sheet to download at setup time.
  • Rotating or destroying your vault deletes all previously-stored emails, because they would be unreadable under a new key anyway.

Threat-model note: a browser-delivered web app can never offer the same guarantees as a native cryptographic tool, because we deliver the JavaScript that performs the decryption. An attacker with control of our application server could theoretically push JavaScript that captures your passphrase. Ghost Inbox protects against passive database compromise, server-side subpoena of stored content, and stolen backups — not an active application-layer attack. If you need stronger guarantees, use an external OpenPGP client with the public key we store for you.

Server Logs

Standard server access logs (IP address, timestamp, request URL) are kept for security and debugging purposes and are automatically rotated and deleted.

3. How We Use Your Data

We use your data solely to:

  • Provide the email forwarding service
  • Authenticate you when you log in
  • Send you service-related notifications (e.g. email verification, bandwidth warnings)
  • Prevent abuse of the service (rate limiting, spam filtering)

We do not:

  • Sell your data to third parties
  • Use your data for advertising
  • Track you across websites
  • Use analytics or tracking scripts on our website
  • Share your data with third parties except as required by law

4. Data Storage & Security

All data is stored on servers located in Germany, European Union. Your data never leaves the EU.

We use industry-standard security measures including:

  • TLS encryption for all connections
  • Encrypted database fields for sensitive data
  • DKIM, SPF, and DMARC for email authentication
  • Bcrypt password hashing

5. Third-Party Services

We use the following third-party services:

We do not use any analytics, advertising, or tracking services.

6. Your Rights (GDPR)

Under the GDPR, you have the following rights:

  • Right of access — You can view all your data in your account settings
  • Right to rectification — You can update your email address and account details at any time
  • Right to erasure — You can delete your account and all associated data from the account settings page
  • Right to data portability — You can export your aliases from the account data settings page
  • Right to restrict processing — You can deactivate aliases to stop forwarding
  • Right to object — Contact us if you wish to object to any data processing

7. Data Retention

We retain your data for as long as your account is active. When you delete your account:

  • All recipients are permanently deleted
  • All aliases on custom domains are permanently deleted
  • Aliases on shared domains are anonymized and soft-deleted to prevent reuse
  • Your username is encrypted and stored to prevent re-registration
  • All other account data is permanently deleted

8. Cookies

We use only essential cookies required for the service to function (session cookies for authentication). We do not use any tracking cookies, advertising cookies, or third-party cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.

10. Contact

If you have any questions about this Privacy Policy or your personal data, please contact us at our contact page.