Mail.tdMail.td

Privacy Policy

Last updated: March 2026

Overview

Mail.td provides developer-focused email testing tools, inbox services, and related API functionality. We are committed to protecting your privacy and handling data responsibly. This Privacy Policy explains what information we collect, how we use it, how long we retain it, and how we protect it.

What We Collect

We collect only the minimum information necessary to operate, secure, and improve the service:

  • Inboxes and email content — used to provide email receiving functionality and automatically deleted after the retention period (default: 7 days)
  • Registered account information — such as your email address and hashed credentials, used solely for authentication and account access
  • API tokens — stored only as secure SHA-256 hashes; never stored in plaintext
  • Server logs — including IP addresses, request timestamps, and limited request metadata, retained for a short period to detect abuse, troubleshoot issues, and maintain service security

What We Do Not Collect

  • No advertising identifiers or third-party analytics scripts
  • No selling, renting, or sharing your personal data with advertisers
  • No collection of personal information beyond what you voluntarily provide or what is technically required to operate the service
  • We are committed to data minimization — we collect only what is necessary to deliver and secure the platform

Data Retention

We retain data only for as long as necessary to operate the service and protect the platform:

  • Inboxes, emails, and raw .eml files are automatically deleted after their retention period ends (default: 7 days)
  • Revoked API tokens are permanently deleted after a limited retention period
  • Server logs are retained only for a short period for abuse prevention, debugging, and security monitoring — automated deletion is applied wherever practical

Security

We use reasonable technical and organizational measures to protect the platform and stored data, including TLS encryption for data in transit, bcrypt hashing for passwords, SHA-256 hashing for API tokens, and AES-256 encryption for webhook secrets. No internet-connected service can be guaranteed to be completely secure, but we take appropriate steps to reduce risk and protect stored information.

Third-Party Services

Mail.td does not use third-party advertising, analytics, or behavioral tracking services.

Our infrastructure is hosted on server infrastructure providers and related technical services necessary to deliver the product. In limited cases, standard public DNS resolvers or other network services may be used for domain verification, email routing, security checks, or service operation.

Cookies and Local Storage

Mail.td does not use tracking cookies.

To support authentication and product functionality, certain tokens, preferences, or session-related data may be stored in your browser using localStorage or similar browser storage mechanisms. This information is used only for the operation of the service and is not shared with third-party advertisers.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in the service, legal requirements, or security practices. When we do, the updated version will be posted on this page with a revised effective or revision date.

Contact

If you have any questions about this Privacy Policy, you may contact us at service@mail.td.