RacterMX ← Back to Home

Privacy Policy

Effective Date: January 1, 2026

Last Updated: January 26, 2026

Our Privacy Commitment

RacterMX is built on a zero-knowledge architecture. We cannot read your email because we don't store it. We collect only the minimum data required to operate the service. We never sell your data. Your privacy is our product.

1. Information We Collect

1.1 Account Information

  • Email address (for account creation and notifications)
  • Authentication credentials (passkey, OAuth tokens)
  • Subscription tier and billing information

1.2 Email Forwarding Metadata

  • Sender email address
  • Recipient alias
  • Timestamp of forwarding
  • Forwarding status (success/failure)
  • Message size in bytes

We do NOT collect: email subject, body content, attachments, or IP addresses.

1.3 Configuration Data

  • Domain names and DNS settings
  • Email aliases and forwarding rules
  • Privacy and security preferences
  • Webhook URLs (if configured)

1.4 Payment Information

  • Billing address
  • Payment history (amounts and dates)
  • Stripe customer ID (reference only)

Note: Credit card details are stored by Stripe, not by us. We never see your full card number.

2. How We Use Your Information

We use collected information to:

  • Provide and operate the email forwarding service
  • Authenticate your account and prevent fraud
  • Process payments and manage subscriptions
  • Send service notifications and updates
  • Monitor DNS configuration and service health
  • Provide customer support
  • Comply with legal obligations

We do NOT use your information for advertising, profiling, or marketing to third parties.

3. Information Sharing

3.1 We Do NOT Share Your Data With:

  • Advertisers or data brokers
  • Social media platforms
  • Analytics companies
  • Marketing partners

3.2 Limited Sharing With Service Providers:

  • Stripe: Payment processing only (they don't see email data)
  • Infrastructure Providers: Hosting and data center services (encrypted data only)

All service providers are contractually bound to protect your data and use it only for specified purposes.

3.3 Legal Requirements:

We may disclose information when required by valid legal process:

  • Subpoena from a court of competent jurisdiction
  • Court order or warrant
  • Emergency situations involving imminent harm

We maintain a Transparency Report documenting all legal requests.

4. Data Retention

  • Email Content: Never stored (zero-knowledge architecture)
  • Forwarding Logs: Community (0 days), Professional (30 days), Business (90 days)
  • Account Data: Duration of account + 30 days after deletion
  • Billing Records: 7 years (tax compliance requirement)
  • Audit Logs: 1 year (security and compliance)

5. Your Privacy Rights

5.1 Access and Portability

You can access and export all your data through the dashboard or by contacting us.

5.2 Correction

You can update your account information and settings at any time through the dashboard.

5.3 Deletion

You can delete your account at any time. All data will be permanently deleted within 30 days, except billing records required for tax compliance.

5.4 GDPR Rights (EU Users)

EU users have additional rights under GDPR:

  • Right to be forgotten (data deletion)
  • Right to data portability
  • Right to restrict processing
  • Right to object to processing

Contact privacy@ractermx.com to exercise these rights.

5.5 CCPA Rights (California Users)

California residents have rights under CCPA:

  • Right to know what data we collect
  • Right to delete personal information
  • Right to opt-out of data sales (we don't sell data)
  • Right to non-discrimination

6. Security Measures

  • Zero-Knowledge Architecture: Email content never stored on disk
  • Encryption in Transit: TLS 1.3 for all connections
  • Encryption at Rest: AES-256 for database and backups
  • Access Controls: Role-based access with audit logging
  • Security Monitoring: 24/7 intrusion detection
  • Regular Audits: SOC 2 Type II certified

7. Cookies and Tracking

We do NOT use:

  • Third-party cookies
  • Advertising trackers
  • Analytics services (Google Analytics, etc.)
  • Social media pixels

We DO use:

  • Essential session cookies (for authentication only)
  • Local storage (for theme preferences)

8. Jurisdiction and Data Location

🇮🇸 Hosted in Iceland: RacterMX infrastructure is hosted in Iceland, a jurisdiction with some of the world's strongest privacy protections and data sovereignty laws.

Why Iceland?

  • Strong constitutional privacy protections
  • No membership in surveillance alliances (Five Eyes, etc.)
  • Robust data protection laws aligned with GDPR
  • Limited government data access requirements
  • Journalist and whistleblower protection laws

All data is stored in SOC 2 Type II certified data centers located in Iceland. We do not transfer data outside of Iceland except as necessary to deliver email to your designated forwarding address.

For EU users, Iceland's EEA membership ensures full GDPR compliance without requiring additional data transfer mechanisms.

9. Children's Privacy

The Service is not intended for users under 18. We do not knowingly collect information from children. If we learn we have collected data from a child, we will delete it immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email at least 30 days in advance.

Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

For privacy questions or to exercise your rights:

Email: privacy@ractermx.com

Racter Holdings, LLC
Privacy Officer
🇮🇸 Hosted in Iceland
Registered: United States

Questions about your privacy?

We're committed to transparency and protecting your data.

What We Log Contact Privacy Team

A Racter Holdings, LLC company.