Privacy Statement
The most secure data is the data that doesn't exist.
Non-Custodial Data Policy
NovoInbox does not act as a custodian of your content. All messages, attachments, and metadata are encrypted client-side using OpenPGP standards. We do not hold the keys to decrypt your data. Our servers only see encrypted blobs that are meaningless to anyone but the intended recipient.
Zero Log Architecture
We do not log IP addresses, browser agents, or access times for authenticated sessions. Our infrastructure runs on ephemeral RAM-disk nodes that wipe all transient session data every 24 hours. We believe that what you do on our platform is your business alone.
Invite Verification Metadata
The only persistent metadata we collect is the cryptographic hash of the invite code used to create the account. This is used solely to verify network integrity and prevent unauthorized node saturation. This hash cannot be linked back to a real-world identity.
Third Party Disclosure
Since we do not collect personal information and cannot read your communications, we have no data to disclose to third parties, even under legal compulsion. We operate outside standard data-sharing jurisdictions to provide maximum protection.
The Golden Rule of NovoInbox
"We cannot give what we do not have. We do not have your keys, your logs, or your identity."