Privacy Policy
This Privacy Policy explains how this temporary email service processes personal data, including GDPR-style transparency information.
1. Controller and Contact
The service operator acts as the data controller for personal data processed through this site. Contact details are provided on the homepage/footer.
2. Data We Process
- Temporary email addresses you create.
- Email content and attachment data received for those addresses.
- Email metadata such as sender/recipient details, timestamps, message identifiers, and processing metadata.
- Technical and security data, including IP-related anti-abuse signals, rate-limit events, and request/security logs.
- Client-side preference data (for example theme/language) and essential session/security identifiers.
3. Purposes and Legal Bases (GDPR Art. 6)
- Service delivery (Art. 6(1)(b) contract): create temporary inboxes and display incoming messages.
- Security and abuse prevention (Art. 6(1)(f) legitimate interests): rate limiting, anti-abuse checks, operational monitoring.
- Compliance obligations (Art. 6(1)(c)): legal or regulatory requirements when applicable.
- Optional analytics/advertising features (Art. 6(1)(a) consent, where legally required).
4. Public Temporary Inbox Warning
This is a public temporary email service, not a private authenticated mailbox product. Privacy and security are implemented on a best-effort basis and cannot be guaranteed. You should assume temporary messages may be exposed, delayed, removed, or become inaccessible.
Do not use this service for sensitive, confidential, regulated, or high-risk personal data.
5. Data You Choose to Provide
You are not required to provide real-world identity data to use this service. However, if you do not provide the minimum data needed to create and maintain a temporary inbox (such as an inbox address/session context), core service functionality may not work.
6. Retention
Data is retained for limited periods based on technical and abuse-control policies. Inboxes/messages may be automatically soft-deleted and hard-deleted. Security logs are retained only as long as reasonably necessary for abuse prevention, reliability, and legal compliance.
7. Sharing and Processors
Data may be processed by infrastructure and security providers required to operate the service (for example hosting, bot-protection, storage, CDN, analytics, or monitoring providers). Data may also be disclosed when legally required or necessary to protect rights, safety, or infrastructure.
We do not sell personal data.
8. International Transfers
Because internet infrastructure is global, personal data may be processed outside your country. Where required, the operator relies on appropriate transfer safeguards under applicable law.
9. Your Rights
Subject to applicable law, you may have rights to access, rectification, erasure, restriction, portability, and objection, and the right to withdraw consent where processing relies on consent. Where processing is based on legitimate interests, you may object to that processing based on your specific situation. You may also lodge a complaint with your local supervisory authority (for EEA users, your GDPR data protection authority).
10. Automated Decisioning
Automated abuse controls (for example rate limits and bot checks) may block or limit requests to protect service integrity.
11. Children
This service is not intended for children under the age required by local law to independently consent to data processing.
12. Changes to this Policy
We may update this policy periodically. Updates are effective when posted on this page.
13. Legal Note
This policy is provided for transparency and does not constitute legal advice. If you operate this service in production, obtain jurisdiction-specific legal review.