RacterMX - Privacy-Focused Email Forwarding

Summary

RacterMX is built on a zero-knowledge architecture. We log only the minimum metadata required to operate the service. Email content never touches disk and is processed entirely in memory.

We cannot provide email content to anyone, including law enforcement, because we don't store it.

What We DO Log

Email Forwarding Metadata

Sender Address: The "from" email address
Recipient Alias: Which of your aliases received the email
Timestamp: When the email was forwarded
Status: Success or failure of forwarding
Message Size: Size in bytes (not content)
Forwarding Destination: Where we forwarded the email

Retention: Community (0 days), Professional (30 days), Business (90 days)

Account Information

Email Address: Your account email
Authentication Method: How you log in (passkey, magic link, Google)
Subscription Tier: Your current plan
Account Creation Date: When you signed up
Last Login: Timestamp of last authentication

Retention: Duration of account + 30 days after deletion

Configuration Changes

Audit Log: When you add/delete domains or aliases
Settings Changes: Privacy mode changes, webhook updates
DNS Status: Results of DNS validation checks

Retention: 1 year for security and compliance

Billing Information

Stripe Customer ID: Reference to your payment account
Subscription Status: Active, cancelled, past due
Billing Address: For tax and invoicing
Payment History: Invoice dates and amounts (not card details)

Retention: 7 years for tax compliance. Card details stored by Stripe, not us.

What We DON'T Log

Email Content

Subject Lines: Never logged or stored
Message Body: Never logged or stored
Attachments: Never logged or stored
Email Headers: Only routing headers, not content headers

Email content is processed entirely in memory and immediately discarded after forwarding.

Network Information

IP Addresses: Not logged for email forwarding or web access
User Agent: Browser/client information not stored
Geolocation: No location tracking
Device Fingerprints: No device identification

Behavioral Data

Analytics: No Google Analytics or tracking pixels
Usage Patterns: No behavioral profiling
Third-Party Cookies: None

Who Can Access Your Data?

You

You can view your forwarding logs (within retention period), export all your data, or delete your account at any time through the dashboard.

RacterMX Staff

Only authorized engineers can access logs for debugging and support purposes. Access is logged and audited. Staff cannot access email content (we don't store it).

Law Enforcement

Only with valid legal process (subpoena, court order, or warrant). We can only provide the metadata we collect. We maintain a Transparency Report of all requests.

Third Parties

Never. We do not sell, rent, or share your data with advertisers, data brokers, or any third parties. The only exception is Stripe for payment processing (they never see your email data).

Data Deletion

Automatic Deletion

Forwarding logs are automatically deleted based on your plan's retention period. Email content is never stored, so there's nothing to delete.

Account Deletion

When you delete your account, all data is permanently deleted within 30 days, except:

Billing records (retained 7 years for tax compliance)
Audit logs of legal requests (retained indefinitely for legal protection)

Right to Deletion (GDPR)

EU users can request immediate data deletion by contacting privacy@ractermx.com. We'll comply within 30 days.

Technical Implementation

Zero-Knowledge Architecture

Email content is processed in memory only. Our forwarding servers have no persistent storage for email content. Even if our servers were compromised, attackers would find no email content.

Encryption

All data in transit: TLS 1.3
Database encryption: AES-256 at rest
Backups: Encrypted with separate keys
Business plan: Optional edge PGP encryption

Data Location

All data stored in SOC 2 Type II certified data centers in the United States. No international data transfers.

What We Log