Privacy Policy

1. Introduction

At Fose, we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our secure email service.

2. Zero-Knowledge Architecture

Fose operates on a zero-knowledge architecture, meaning we cannot access your encrypted data. All encryption and decryption occur locally on your device, and we never have access to your private keys or unencrypted content.

3. Information We Collect

  • Account information (email address, encrypted password)
  • Service usage data (login times, IP addresses)
  • Payment information (processed securely through our payment provider)
  • Support communications

4. How We Use Your Information

We use the information we collect to:

  • Provide and maintain our Service
  • Process your payments
  • Improve our Service
  • Respond to support requests
  • Comply with legal obligations

5. Data Storage and Security

Your encrypted data is stored in secure data centers across multiple jurisdictions. We implement industry-standard security measures, including:

  • Military-grade AES-256 encryption
  • End-to-end encryption for all communications
  • Regular security audits and updates
  • Secure key management

6. Data Retention

We retain your account information for as long as your account is active. Encrypted data is stored until you delete it or close your account. We may retain certain information as required by law or for legitimate business purposes.

7. Your Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Request deletion of your data
  • Export your data
  • Object to certain processing activities

8. GDPR Compliance

As a company that processes personal data of EU citizens, Fose complies with the General Data Protection Regulation (GDPR). This includes:

  • Providing clear information about data processing
  • Implementing appropriate technical and organizational measures
  • Maintaining records of processing activities
  • Reporting data breaches within 72 hours when required
  • Appointing a Data Protection Officer (DPO) where necessary
  • Conducting Data Protection Impact Assessments (DPIAs) for high-risk processing

Our privacy team can be reached at [email protected].

9. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes through the Service or via email.

10. Contact

For privacy-related inquiries, please contact us at [email protected].