Security

Storing your Data

Your data is stored securely on our servers. We use military grade encryption to ensure your data is well protected and stored on our server.

We pay special attention to security for our application and our servers. We have an experienced team that uses the best engineering practice and tools to develop the product.

We use AES 256 bit encryption and Secure Sockets Layer (SSL). Our server provider themselves have their own robust security policy which adds as an additional layer of security for our product.

Backing up your Data

Dropmyemail's backup servers connect to your mail server using standard protocols such as IMAP and POP. We use a secure connection if available. We use a secure connection to fetch data from your database server for backup. All the files that are fetched are encrypted. Thus your data is always secure and protected.

Access to Data

Your data can only be accessed by your account. No other user with a Dropmyemail account has access to your. Dropmyemail employees are prohibited from viewing your account and backups. We follow best-in-class practices where we have a small team of trusted and verified employees who must be able to access user data for the reasons stated in our privacy policy (e.g., when legally required to do so). We have a strict policy and access controls for these employees that prohibit them to access the data except for these rare situations. All employees are required to act under our strict compliance guidelines. We have proper security policies in place to ensure that your files are protected from unauthorized access.

Responsible Disclosure

Dropmyemail recognizes the importance of security and the effort that it required. We encourage and reward responsible disclosure of any vulnerabilities to us.

Please share the details of the vulnerability to us. Please do not announce the vulnerability to the public until we are given a chance to rectify it. Once our security team has verified, your efforts will be acknowledged. Your cooperation is much appreciated.

Please report any vulnerabilities to security@dropmyemail.com If you are using GPG, you may encrypt your email using our public key.

Acknowledgements

We would like to extend our gratitude to the following researchers who have submitted vulnerability reports.

We also provide a Dropmyemail tshirt for researchers who discovered critical vulnerabilities.