Their website is so full of privacy posturing it's a wonder how they managed to fit anything else. I won't bother quoting it all here; let's move right on to seeing whether the posturing is actually worth anything (spoiler: it isn't). From their privacy policy:
You consent to providing us with the following personal data when you register an account: First name, last name, company name (where applicable), mobile phone number (where applicable), country, and alternative email address. [...] To revoke this consent you must terminate the Service
Sorry Runbox, but requiring my real name just ain't privacy-respecting. The first impression already isn't very good...and it's just the beginning. UPDATE February 2023: didn't care about this provider for a long time, but someone notified me that this data can be faked and / or removed after registration. I never actually tested it as I lacked an account, and Runbox is paid. I also have no means of confirming if they do care that you fake it. Still a bad omen that they ask for this data in the first place.
Your Account Information is stored on servers located in Norway for as long as your account is active...
Great, so I have to kill the account for you guys to stop storing my information. And then it's fucking gone, right?
...and: up to 1 month after closure of trial accounts; or up to 5 years after closure of subscribed accounts, as financial records must be kept for 5 years according to the Norwegian Bookkeeping Legislation.
No, of course it isn't fucking gone - that would be too private for the "privacy-loving" Runbox. So it's five years after the deletion of your account until your real name is gone from their database...or is it?
Backup of Account Information is stored on secure servers separate from the Runbox system for up to 6 months, even after the information has been deleted from the main storage.
Nope, the privacy-loving Runbox is truly smashing all the previous privacy records set by privacy giants such as Google or Yahoo; it's five and a half years until your data is gone from their servers! Oh Runbox, what are some other ways in which you protect my privacy?
Email service content (data associated with Webmail, Contacts, and Files in the Service) is stored in main storage on servers located in Norway for as long as your account is active and: up to 3 months after closure of trial accounts; or up to 6 months after closure of subscribed accounts.
So all your mail and metadata (sender, recipient, subject, date/time) is stored as long as your account exists. There's also the backup which is stored for longer. Should we prolong this torture? Okay, let's do the finishing move and get this over with: The Runbox "service" is fucking paid! Can we say final nail in the coffin? Seriously, they're like a Gmail you have to pay for...but wait, there is more: (I swear it's the last quote!)
If you correspond with us via e-mail, the postal service, or other forms of communication, we will retain such correspondence and the information contained therein.
To say something positive, I will mention that they accept Bitcoins...and you can use them through the mail client. There is also a 30 day "free" trial. Oh, and they are powered by renewable energy sources (but so is the actually private Posteo, reviewed later), which is the only really commendable thing about this "service". But since the data collection and storage policy is so terrible, you should stay away.