We believe the Internet should do a simple thing: Keep your private information private. No one should be able to touch what you think or write and do, but you. And we are out to prove that far too many companies mismanage your information for no other reason than laziness and greed.
We will never ask you to take our word for protecting your privacy by burying lax standards in user agreements carefully crafted so nobody understands them. Instead, we will proudly present peer-reviewed and auditable policies that the entire world can see, touch and debate.
Here's how we do it:
End-to-End Encryption: All your data—no matter if you’re using a PC, a phone, or a tablet—is encrypted anytime it touches a disk, like on our servers or on your device, using a password no one in the world knows but you. Because this data is end-to-end encrypted, we can't read it, and we can’t sell it. Even if someone forced their way into our data centers, your data would be complete gibberish to them.
Independently Audited: The security and privacy of our users guides every decision we make, but don't just take our word for it. We engage with leading security researchers on a recurring basis to conduct independent audits of our cryptography, application, and server code to make sure your data is safe and sound.
Open: We've made all our code open and available, so it's clear how your data is being handled every step of the way. Many companies promise encryption but don't open up their code for peer-review. We believe the definition of end-to-end encryption should mean that code on both ends is viewable by the public.
No tracking or intrusive analytics. We are heavily opposed to industry standard tracking tools like Google Analytics, which gathers and analyzes your browsing history to sell you better advertisements. Instead, we use an open-source, privacy-focused, and self-hosted analytics installation.
No third-party email services. Most services use third-party services like Mailchimp to send you email notifications and campaigns. We use our own infrastructure for email, so your email is never shared with third-party services like Mailchimp.