💾 Archived View for gemini.circumlunar.space › users › laur%C3%AB › mail › posteo.gmi captured on 2024-08-18 at 19:37:12. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-12-28)

-=-=-=-=-=-=-

Posteo

Their privacy policy starts off very promising:

we strictly do not save any IP addresses that could be traced back to customers. [...] This was independently confirmed in an audit report by the German Federal Commissioner for Data Protection.

The audit is in German so I can't confirm what was actually checked, however it's nice that they bothered to do it.

We also do not collect or save your IP address if you use an external client to retrieve your emails via IMAP or POP3 or to transmit messages via SMTP to be delivered by us.

So, if you use a mail client, your IP is not stored at all. How about the mail contents? Posteo doesn't seem to directly say what is stored and for how long, besides the fact that you can wipe it:

When you delete content data, it's deleted immediately. If the data has been backed up in one of our daily security backups, it will remain there for an additional 7 days until it is completely deleted.

So you can delete your mail anytime, and it's gone except for the backup. Not bad; you can encrypt the backup as well:

Additionally, we offer the possibility to encrypt all emails, notes, contacts and calendar entries that are saved at Posteo individually with the password of the account (AES-encryption).

Posteo is a paid service (1 EUR per month), though it alleges that the payment data is anonymized (as in, not connected to your account); you can read more about this here. However it is unclear what is actually saved - on one hand, they say that "Despite the change in the law, we still do not save any of our customers' user information"; and on the other - "For PayPal payments: The time and date of a payment, the amount, and the name of the payer". The data is stored for 10 years; they say it is not connected to the user's account, but you will have to take their word for it (UPDATE April 2023: a German native speaker just told me: "I read through the audit documents they provide, the data protection official says the data is properly detached"). Cash payment by letter is also available and apparently, it's possible to do that without giving personal data to the post office. Nice! Means we have a truly anonymous way to sign up for Posteo (if you're worried about CCTV or whatever, send a friend). Still, they should get with the times and accept crypto already...Anyway - since I did this for Disroot, RiseUp and Autistici - let's now check out what does Posteo's ToS prohibit:

5.3 The customer will not use the email service to send out advertisements for commercial purposes by email or to send standardised emails to a multitude of recipients.

So you can't advertise your commercial service, despite Posteo itself being paid for and not following anti-capitalist politics. Weird. You also can't "break German laws" and "break regulations regarding protection of children". Pretty mild, I guess.

Since June 2019, the German laws have changed so that targeted surveillance by the government is now unlawful (maybe we should be speaking about "German privacy laws" instead of "Swiss privacy laws"?). Quoting from Posteo's transparency report:

At the present time, there is no longer any legal basis for TKÜ (surveillance of an account for a specified time period); Posteo is therefore no longer allowed to and will not implement such orders.

No tracking shit on their website, unlike StartMail. No IP storage, e-mail deleted immediately upon your action and only stored in a backup encrypted with your password. No personal information collected ever; payment data (allegedly) anonymized as well, so even when the government comes knocking, they get nothing. Two aliases are available upon signing up, and you can buy more. You can't use custom domains with Posteo and it also does not have an onion domain available. Posteo is powered by renewable energy sources! So you're protecting the environment with this provider, as well. Taking everything into account, this service is one of the best out there, though it does have a few flaws.