1. Our Privacy Principles
- No advertising, ever. We do not show ads in your inbox, and we never will.
- No tracking or profiling. We do not scan your messages to build advertising profiles.
- No selling of personal data. We do not sell, rent, or trade your personal information to third parties.
- Minimum data, maximum protection. We collect only what is necessary to operate your account and our service.
- Canadian hosted. Your data is stored on servers physically located in Canada and protected by Canadian privacy law.
2. Information We Collect
We collect only the information needed to provide and secure your email service:
- Account information: name, recovery email (optional), and billing details required to maintain your subscription.
- Email content: messages, attachments, contacts, calendar entries, and folders you create. This content is stored encrypted at rest.
- Connection metadata: limited logs (IP address, timestamp, client type) retained briefly to detect abuse and protect your account. These logs are automatically purged on a short rolling schedule.
- Support communications: any information you voluntarily share when contacting our support team.
We do not collect advertising identifiers, behavioral profiles, browsing histories, or third-party tracking data.
3. How We Use Information
We use the information we collect strictly to:
- Operate, maintain, and secure your FiwiMail® account.
- Deliver, send, receive, and store your email and related content.
- Detect, prevent, and respond to fraud, spam, abuse, and security threats.
- Process payments and manage your subscription.
- Provide customer support when you request it.
- Comply with our legal obligations.
We do not use your email content for analytics, advertising, machine-learning training, or any commercial purpose unrelated to delivering email to you.
4. Encryption & Security
- AES-256 encryption at rest for all mailbox data.
- TLS 1.3 in transit between your client and our servers, and between FiwiMail® and other providers that support it.
- One-click end-to-end encryption for messages to other FiwiMail® users and supported OpenPGP recipients.
- Two-factor authentication (2FA) available on all plans.
- Hardened infrastructure with continuous monitoring, intrusion detection, and 24/7 incident response.
5. Data Location & Jurisdiction
All FiwiMail® data is stored on servers located in Canada. Your information is governed by Canadian privacy laws including the Personal Information Protection and Electronic Documents Act (PIPEDA). We do not host, replicate, or back up customer data in jurisdictions outside Canada.
6. Sharing of Information
We do not sell or rent your personal information. We share information only in the limited circumstances below:
- Service providers who help us operate FiwiMail® (e.g., payment processors), strictly under contract and only for the purpose for which they were engaged.
- Email delivery: the recipients you choose to send messages to.
- Legal requests: when we are compelled by a valid Canadian legal process. We review every request, push back on overbroad demands, and disclose only what is legally required. Where lawfully permitted, we notify affected users.
7. Data Retention
We keep your content for as long as your account is active. If you delete a message, it is removed from your mailbox immediately and purged from our backups on a short rolling schedule. If you close your account, we delete your data within 30 days, except where we are legally required to retain limited records.
8. Your Rights
- Access the personal information we hold about you.
- Correct inaccurate information.
- Export your data in a portable format.
- Delete your account and associated data.
- Lodge a complaint with the Office of the Privacy Commissioner of Canada.
To exercise any of these rights, contact us at privacy@fiwimail.com.
9. Cookies & Tracking
Our website and webmail use only essential cookies required to keep you signed in and to remember your preferences. We do not use third-party advertising cookies, pixels, or cross-site trackers.
10. Children's Privacy
FiwiMail® is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us information, contact us and we will delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and update the "Last Updated" date above. Continued use of FiwiMail® after the effective date constitutes acceptance of the revised policy.
12. Contact Us
FiwiMail® Privacy Office
Email: privacy@fiwimail.com
Mail: FiwiMail® Inc., Privacy Office, Canada