Transparency

Are we reading your email?

No. Never. Not possible.

EmailAlias is built on a zero-knowledge architecture. We physically cannot read your emails — even if we wanted to, even if someone forced us to.

What “zero-knowledge” actually means

When we say “zero-knowledge,” we mean it in the cryptographic sense. Our servers process your email forwarding without ever accessing the content. Here's exactly what happens when an email arrives at your alias:

1

Email arrives via TLS 1.3

The sender's email server connects to ours over TLS 1.3. The email is encrypted in transit — no one can intercept it on the wire.

2

Alias is resolved from encrypted mapping

We look up the alias in our database. The alias-to-destination mapping is encrypted with AES-256. We decrypt the destination address in memory, never writing it to disk in plaintext.

3

Email is forwarded immediately

The email is forwarded to your real inbox over another TLS 1.3 connection. The email content passes through our servers in an encrypted stream — we don't parse, scan, or store it.

4

Only metadata is logged

We log only: sender address, subject line, timestamp, delivery status, and which alias received it. This powers your analytics dashboard. We never log email bodies or attachments.

What we can see vs. what we can't

What we CAN see (minimal metadata)

  • Sender email address
  • Subject line (logged for delivery records, max 500 chars)
  • Timestamp of delivery
  • Delivery status (delivered/bounced)
  • Which alias received the email

This is the metadata that powers your monitoring & analytics dashboard — exposure events, risk scores, and forwarding counts.

What we CANNOT see

  • Email body / content
  • Attachments
  • Your real email address (never disclosed to senders)
  • Stored copies of links
  • Stored images or tracking pixels

How this is different from Gmail, Outlook, or Yahoo

Major email providers scan your emails to serve you targeted ads, train AI models, and build advertising profiles. Here's how EmailAlias is fundamentally different:

Practice
EmailAlias
Big Email Providers
Read email content
Never
Yes, routinely
Scan for ad targeting
Never
Yes
Train AI on your emails
Never
Yes (some)
Share data with third parties
Never
Yes (partners)
Store emails on their servers
No (pass-through only)
Yes, indefinitely
Encrypt alias mappings
AES-256
Plaintext

What if law enforcement requests my data?

If we received a valid legal request, we could only provide the minimal metadata we store: sender addresses, subject lines, timestamps, and delivery statuses. We cannot provide email content or attachments because we never have access to them once a forward completes. We publish a transparency report annually.

Your emails are yours. Period.

Join thousands of users who trust EmailAlias to keep their emails truly private. Zero-knowledge means zero compromise.

Protect Your Email — Free