o2-mail.com

PRIVACY POLICY

We respect your privacy

Consent

In the following policy, O2-Mail.com refers to the service offered by Innotech OU (the "Company" or "We") through the O2-Mail.com website (the "Service"). This Privacy Policy explains (i) what information we collect through your access and use of our Service (ii) the use we make of such information; and (iii) the security level we provide for protecting such information.

By visiting O2-Mail.com and using the Services provided here, you consent to the terms outlined in this privacy policy.

Legal Framework

The Company is domiciled in Estonia and all data storage infrastructure is also located solely within Estonia, and thus governed by the laws and regulations of Estonia.

Data related to the opening of an account

Any emails provided to O2-Mail.com through either our waiting list, optional email verification, or optional notification/recovery email setting in your account, are considered personal data as defined and protection by the Estonian Federal Data Protection Act.

Such data will only be used to contact you with important notifications about O2-Mail.com, to send you information related to security, to send you an invitation link to create your O2-Mail.com account, to verify your O2-Mail.com account, or to send you password recovery links if you enable the option. We may also inform you about new O2-Mail.com products in which you might have an interest. You are free, at any given time, to opt-out of those features through the account settings panel.

In order to maintain the integrity of the service, O2-Mail.com must take measures to avoid creation of accounts by spammers. This is because if spammers use O2-Mail.com to send messages, O2-Mail.com’s IP addresses can become blocked by major mail providers such as Gmail, Yahoo, Outlook, etc.

In order to prevent the creation of accounts by spam bots or human spammers, O2-Mail.com uses a variety of human verification methods. You may be asked to verify using either reCaptcha, Email, or SMS. IP addresses, email addresses, and phone numbers provided are saved temporarily in order to send you a verification code and to determine if you are a spammer. If this data is saved permanently, it is always saved as a cryptographic hash, which ensures that the raw values cannot be deciphered by us.

Data Collection

Our company’s overriding policy is to collect as little user information as possible to ensure a completely private and anonymous user experience when using the Service. We also have no technical means to access your encrypted message contents.

Service's user data collection is limited to the following:

Account creation: It is not necessary to provide personal information in order to create an account, but you may provide an external email address for notification or password recovery purposes. Should you choose to provide it, we do associate another email address with your account (for password recovery, or notifications).
Account activity: Due to limitations of the SMTP protocol, we have access to the following email metadata: sender and recipient email addresses, the IP address incoming messages originated from, message subject, and message sent and received times. We do NOT have access to encrypted message content but unencrypted messages sent from external providers to O2-Mail.com are scanned for Spam and Viruses for the protection of our users. We also have access to the following records of account activity: number of messages sent, amount of storage space used, total number of messages, last login time.
Communicating with O2-Mail.com: Your communications with the Company, such as support requests, bug reports, or feature requests may be saved by our staff.
IP Logging: By default, O2-Mail.com does not keep permanent IP logs. We also don't record your login IP address unless this feature is specifically enabled by the user. However, IP logs are sometimes kept to combat abuse and fraud, and your IP address may be retained if you are engaged in activities that breach our terms and conditions (spamming, DDoS attacks against O2-Mail.com infrastructure, brute force attacks, etc).
Payment Information: The Company relies on third parties to process credit card, PayPal, and Bitcoin transactions so the Company necessarily must share payment information with third parties. Anonymous cash or Bitcoin payments and donations are accepted however.
Native Applications: When you use our native applications, we (or the mobile app platform providers) may collect certain information in addition to the information mentioned elsewhere in this Policy. We may use mobile analytics software (such as fabric.io app statistics and crash reporting, Play Store app statistics, App Store app statistics, or self-hosted Sentry crash reporting) to send crash information to our developers so that we can fix bugs rapidly. Some platforms (such as the Google Play Store or the Apple App Store) may also collect aggregate, anonymous statistics like which type of devices and operating systems that are most commonly used (like percentage of Android 6.x vs Android 7.x), the total number of installs, total number of uninstalls, and the total number of active users, and may be governed by the privacy policy and terms and conditions of the Google Play Store or the Apple App Store. None of the software on our apps will ever access or track any location-based information from your device at any time.

Data Use

We do not have any advertising on our site. Any data that we do have will never be shared except under the circumstances described below in the Data Disclosure Section. We do NOT do any analysis on the limited data we do possess with two exceptions:

Emails sent unencrypted to O2-Mail.com accounts (e.g. Gmail to O2-Mail.com) are scanned automatically for spam so we can block IPs which are sending a lot of spam to O2-Mail.com users and place spam messages in a spam directory. Inbound message are scanned for spam in memory, and then encrypted and written to disk. We do not possess the technical ability to scan messages after they have been encrypted.
Emails sent by O2-Mail.com users to outside (e.g. Gmail) users with encryption disabled are scanned automatically for spam in the same manner as incoming email. This is to ensure a O2-Mail.com account which is being used for spamming purposes can be detected and locked so email deliverability for legitimate users is not degraded.

Data Storage

All servers used in connection with the provisioning of the Service are located in Estonia and wholly owned and operated by the Company. Only employees of the Company have physical or other access to the servers. Data is ALWAYS stored in encrypted format on our servers. Offline backups may be stored periodically, but these are also encrypted. We do not possess the ability to access any user encrypted message content on either the production servers or in the backups.

Right to Access, Rectification, Erasure and Portability

Through the Service, you can directly access, edit, delete or export personal data processed by the Company in your use of the Service.

If your account has been suspended for a breach of our terms and conditions, and you would like to exercise the rights related to your personal data, you can make a request to our support.

Data Retention

When a O2-Mail.com account is closed, data is immediately deleted from production servers. Active accounts will have data retained indefinitely. Deleted emails are also permanently deleted from production servers. Deleted data may be retained in our backups for up to 14 days.

Data Disclosure

We will only disclose the limited user data we possess if we receive notice from the Estonian Public Prosecutor's office or the Estonian Federal Police regarding a court. While we may comply with electronically delivered notices (see exceptions below), the disclosed data can only be used in court after we have received an original copy of the court order by registered post or in person and provide a formal response.

If a request is made for encrypted message content that O2-Mail.com does not possess the ability to decrypt, the fully encrypted message content may be turned over. If permitted by law, O2-Mail.com will always contact a user first before any data disclosure. Under Estonian law, it is obligatory to notify the target of a data request, although such notification may come from the authorities and not from the Company.

O2-Mail.com may from time to time, contest court orders if there is a public interest in doing so. In such situations, the Company will not comply with the court order until all legal or other remedies have been exhausted. Therefore, not all court orders described in our Transparency Report will lead to data disclosure.

Modifications to Privacy Policy

O2-Mail.com reserves the right to periodically review and change this policy from time to time and we will notify users who have enabled the notification preference about changes to our Privacy Policy. Continued use of the Service will be deemed as acceptance of such changes.

Applicable Law

This Agreement shall be governed in all respects by the substantive laws of Estonia. Any controversy, claim, or dispute arising out of or relating to the Agreement shall be subject to the jurisdiction of the competent courts of Estonia.

TERMS AND CONDITIONS

Our terms and conditions

Agreement

By using the O2-Mail.com web site and making use of O2-Mail.com, a service offered by Innotech OU ("the Company"), you are agreeing to be bound by the following Terms and Conditions. These Terms and Conditions cover all present and future features offered by your O2-Mail.com account, individually and collectively referred to as the "Service".

If you are agreeing to these Terms and Conditions on behalf of a company or another legal entity, you represent that you have the authority to bind such entity, its affiliates and all users who access the Service through your account to these Terms and Conditions. In the absence of such an authority, you may not use the Service.

Users of the Service

This Service is provided exclusively to individuals who are at least 18 years of age.

This Service is provided exclusively to persons. Accounts registered by “bots” or automated methods are not authorized and will be terminated.

Each user is solely responsible for all of his or her messages sent through the Service.

Use of the Service

You agree to not use this Service for any unlawful or prohibited activities. You also agree to not disrupt the O2-Mail.com networks and servers.

You further agree to not use O2-Mail.com to send Spam, junk mail, bulk emails or mailing list emails that contain persons that have not specifically agreed to be included on that list. Any account found to be sending the afore mentioned type of emails will be immediately suspended.

For the purpose of these Terms and Conditions, Spam shall refer to irrelevant or unsolicited messages sent over the internet, typically to large numbers of users, for the purposes of advertising, phishing, spreading malware or virus ("Spam").

We may also terminate accounts which are being used for illegal activity, particularly in response to court orders from the competent authorities informing us of such illegal activity.

The Company has no obligation to store or forward the contents of terminated accounts. We also have no obligation to store messages for accounts that are over their storage quotas. Due to the encrypted nature of the Service, you acknowledge that the Company has no ability or obligation to recover your data if you misplace your decryption password.

Although it is not the current practice, we reserve the right to suspend or delete accounts that are inactive for over three months. Paid accounts with active paid status are not subject to this measure.

Limited Warranties and Liability

The Company cannot make any warranty about the reliability of the Service or guarantee the security of user data despite best efforts. The Service is provided “as is” and you agree to not hold the Company responsible nor to seek indemnification for any damages that may arise as a result of the loss of use, data, or profits connected to the performance of the Service or failure in such performance.

Furthermore, you will not hold the Company liable or seek indemnification if confidential material is unintentionally released as the result of a security failure or vulnerability in the performance of the Service.

We may make improvements and changes to the Service at any time without notice. The Company may at its sole discretion, terminate service without cause or notice.

Indemnification

You agree that the Company, and any parents, subsidiaries, officers, employees, or third party contractors cannot be held responsible for any third party claim, demand, or damages, including reasonable attorneys' fees, arising out of your use of this Service.

Privacy

Our Privacy Policy (https://o2-mail.com/privacy-policy) explains the way we handle and protect your personal data and privacy in relation to your use of the Service and your browsing of the O2-Mail.com web site. By agreeing to the present Terms and Conditions and to be able to use the Service, you also agree to our Privacy Policy.

Modification to Terms of Service

Within the limits of applicable law, the Company reserves the right to review and change this agreement at any time. You are responsible for regularly reviewing these Terms and Conditions. Continued use of the Service after such changes shall constitute your consent to such changes.

Applicable Law

O2-Mail.com

Sign-up form

ABOUT US

Who we are

Team

Development

SERVICE

Advantages

Privacy

Our FREE account includes:

CONTACT US

Tell us what you need

PRIVACY POLICY

We respect your privacy

TERMS AND CONDITIONS

Our terms and conditions