ProtonMail’s is incorporated in Switzerland.
All user data is protected by the Swiss Federal Data Protection Act (DPA) and the Swiss Federal Data Protection Ordinance (DPO) which offers some of the strongest privacy protection in the world for both individuals and entities. Only a court order from the Cantonal Court of Geneva or the Swiss Federal Supreme Court can compel us to release the extremely limited user information we have.
Zero Access to User Data.
Your encrypted data is not accessible to us.
ProtonMail's segregated authentication and decryption system means logging into a ProtonMail account that requires two passwords. The first password is used to authenticate the user and retrieve the correct account. After that, encrypted data is sent to the user. The second password is a decryption password which is never sent to us. It is used to decrypt the user’s data in the browser so we do not have access to the decrypted data, or the decryption password. For this reason, we are also unable to do password recovery. If you forget your decryption password, we cannot recover your data.
Messages are encrypted at all times.
Messages are stored on ProtonMail servers in encrypted format. They are also transmitted in encrypted format between our server and users’ browsers. Messages between ProtonMail users are transmitted in encrypted form within our protected server network. Because data is encrypted at all steps, the risk of message interception is largely eliminated.
No tracking or logging of personally identifiable information.
Unlike competing services, we do not log user activity. We do not save any metadata such as the IPs used to connect to accounts. We also have no way to scan encrypted messages to serve targeted advertisements. To protect user privacy, ProtonMail does not require any personally identifiable information to register.
Securely communicate with other email providers.
Even your communication with non-ProtonMail users can be secure.
We support sending encrypted communication to non-ProtonMail users via symmetric encryption. When you send an encrypted message to a non-ProtonMail user, they receive a link which loads the encrypted message onto their browser which they can decrypt using a decryption passphrase that you have shared with them. You can also send unencrypted messages to Gmail, Yahoo, Outlook and others, just like regular email.
Self Destructing Messages.
With ProtonMail, emails are no longer permanent.
You can set an optional expiration time on ProtonMail’s encrypted emails, so they will be automatically deleted from the recipient's inbox once they have expired. This works for both emails sent to other ProtonMail users, and encrypted emails sent to outside email addresses. Similar to SnapChat in a way, we've added a way for you to have even more ephemeral communication.
Open Source Cryptography.
Time-tested and trusted encryption algorithms you can depend on.
We use only secure implementations of AES, RSA, along with OpenPGP. Furthermore, all of the cryptographic libraries we use are open source. By using open source libraries, we can guarantee that none of the encryption tools we are using have clandestinely built in back doors. We are constantly working with security experts from around the world to offer the highest levels of protection.
Hardware Level Security.
Full disk encryption and storage in secured datacenters.
We have invested heavily in owning and controlling our own server hardware at several locations within Switzerland. They are collocated in some of the same secured and guarded datacenters used by Switzerland’s famed private banks. We do this to ensure that even your encrypted data is not easily accessible to any third parties.
On a system level, our servers utilize fully encrypted hard disks with multiple password layers so data security is preserved even if our hardware is seized. On an organizational level, no single individual possesses all access passwords to minimize the risk of human security compromises.
SSL Secured Connections.
Swiss SSL to secure your connection.
We use SSL to secure communication between our server and your browser. Message data between our server and your browser is already sent encrypted, but we use SSL to add another layer of protection and to ensure that the web pages your browser loads is not tampered with by a third party intercepting your traffic in a MITM (Man in the Middle) attack.
Our SSL certificate authority (CA) is SwissSign, which is a wholly owned by Swiss Post (a public institution owned by the Swiss Confederation and not under the control of US or EU governmental agencies). To allow extremely security conscious users to further verify that they are in fact connecting to our server, we will also release the SHA3 hash for our SSL public key.
Easy to Use.
Comprehensive Security for Everyone.
We created ProtonMail because we found that none of the existing secure email services available today are sufficiently secure. However, a secure service like ProtonMail cannot improve the security landscape if it is so difficult to use nobody can use it. So from the start, we designed ProtonMail with a strong emphasis on usability. As a result, ProtonMail is extremely easy to use. There is nothing to install, and no encryption keys to manage. If you can use Gmail, Thunderbird, or Outlook, you can use ProtonMail.
Contact us at email@example.com for security related issues.