Privacy Policy

Last updated: June 13, 2026

This policy describes what Emcognito collects, why we collect it, who we share it with, and the choices you have. The plain-English questions above are part of this policy; the sections below are the formal version. Where the two ever disagree, the plain-English answer is the controlling one and you should email support@emcognito.com so we can fix the formal text.

Who we are

Emcognito is operated from Pennsylvania, United States, by [LEGAL ENTITY NAME], a small independent team. When this policy says "we," "us," or "Emcognito," it means that operator, which is the data controller for the personal data described here. When it says "you," it means the person using the service at emcognito.com. For any privacy matter you can reach us at support@emcognito.com.

What we collect, and why

Information you give us

• Your real email address. Used as the destination for forwarded mail and for passwordless (magic-link) sign-in. This is the one piece of personal data the service cannot function without.
• The aliases you create. Each alias is a unique address on a domain we operate (for example, abc123@emcognito.com). You may optionally attach a label, source, note, or category to an alias; if you do, we store that text so the dashboard can show it back to you.
• Optional support messages and feedback. If you email us or use the feedback form, we keep the message so we can reply.
• Billing details (paid plans only). If you subscribe to a paid plan, Stripe — not Emcognito — collects and holds your payment card. We store a customer identifier and the subscription state Stripe sends us, never your card.

Information we collect automatically

• Forward counts and timestamps. For every forwarded message we increment a counter on the destination alias and on your account so we can enforce monthly plan limits, surface aliases that are getting unusual volume, and detect a destination inbox that's bouncing. We do not retain the message body after delivery (see "What we don't do" below).
• Standard request logs. Our infrastructure provider (AWS) records request-level metadata — IP address, user agent, timestamp, and HTTP status — for the requests your browser makes to emcognito.com and to our API. These logs are retained for up to 30 days for security and abuse-prevention purposes.
• Analytics. We load Google Analytics 4 (GA4) across the Emcognito web app — both the public marketing pages (homepage, pricing, blog) and the signed-in dashboard. GA4 records usage events — page views, button clicks, the city-level location your IP geolocates to, and product events such as creating or refreshing aliases. We configure GA4 with IP anonymization, we do not use it for advertising, we do not enable Google Signals or cross-device/remarketing features, and we do not use GA4 data to identify you by name. You can opt out by using an ad/tracker blocker or the official Google Analytics opt-out browser add-on at tools.google.com/dlpage/gaoptout. We disclose GA explicitly because the homepage describes our position as "no third-party advertising trackers" — product analytics is a deliberate, narrow exception and we'd rather you know than discover it in a network inspector.

What we don't do

• We do not read, scan, profile, or analyze the contents of the email messages forwarded through your aliases. They pass through our forwarder host (Postfix → AWS SES) and are deleted from disk as soon as SES accepts them for delivery.
• We do not sell, rent, or trade your information to third parties.
• We do not share your data with marketers, data brokers, or advertising networks.
• We do not build behavioral profiles of you across sites.
• We do not use third-party advertising trackers or ad pixels on this site.

How we use what we collect

Specifically and exhaustively:

• To run the service: route forwarded mail, enforce plan quotas, issue magic-link sign-ins, suspend aliases that are getting bounced by a dead destination inbox.
• To bill you (paid plans only): create a Stripe customer, process subscriptions, deliver receipts.
• To keep the service safe: rate-limit abusive traffic, detect credential stuffing or magic-link enumeration attempts.
• To support you: reply to your emails, investigate issues you report.
• To improve the service: GA4 analytics tell us which pages people read, which CTAs they click, and which product actions they take in the dashboard, so we can fix confusing flows and prioritize features. We configure GA4 not to identify you by name and do not merge GA events into your account record.
• To comply with legal obligations: respond to lawful requests from authorities with jurisdiction over us; preserve records we're required by law to preserve.

Our legal bases (for EEA/UK users)

If GDPR or UK GDPR applies to you, we rely on the following legal bases:

• Performance of a contract (Art. 6(1)(b)) — to create your account, forward your mail, sign you in by magic link, and bill paid plans.
• Legitimate interests (Art. 6(1)(f)) — to keep the service secure, prevent abuse, enforce plan limits, and understand product usage through analytics, balanced against your privacy rights.
• Legal obligation (Art. 6(1)(c)) — to keep tax and accounting records and to respond to lawful requests.
• Consent (Art. 6(1)(a)) — where we ever ask for it explicitly; you can withdraw consent at any time without affecting prior processing.

Subprocessors — the third parties we use to run Emcognito

We use a small number of named third parties ("subprocessors") to run the service. Each has access only to the categories of data it needs to do its job. We list them so the policy you read matches what you'd find with a network inspector.

• Amazon Web Services (AWS), United States. Hosts our database (DynamoDB), forwarder, mail-sending service (SES), object storage (S3), and CDN (CloudFront). AWS sees account email, alias rows, forwarded-mail bodies in transit, and standard request logs.
• Stripe, Inc., United States. Payment processing for paid plans. Stripe sees billing email, card details (which they hold, we never see), and subscription state. Stripe's privacy policy: stripe.com/privacy.
• Google LLC (Google Analytics 4), United States. Product and marketing analytics across the web app, including the signed-in dashboard. GA4 sees event metadata (page, action, IP-derived city, anonymized IP) but not your forwarded mail and not your name. Google's privacy policy: policies.google.com/privacy.
• Cloudflare or equivalent DNS provider, United States. Resolves emcognito.com DNS queries. Sees IP-level DNS request metadata only; no account data.

Our subprocessors store and process data in the United States; we do not route your data to subprocessor regions outside the United States. We do not use AI-model providers (OpenAI, Anthropic, etc.) on user data. If we ever add or change a subprocessor we'll update this list and date the change at the top.

International data transfers

Emcognito is operated from, and stores your data in, the United States. If you use the service from the European Economic Area (EEA), the United Kingdom, Switzerland, or another country with data-transfer rules, your personal data is transferred to and processed in the United States. Where that transfer requires a legal mechanism, we rely on the European Commission's Standard Contractual Clauses (and the UK International Data Transfer Addendum) with our US-based subprocessors, together with the data-minimization practices described in this policy. You can ask us about these safeguards at support@emcognito.com.

How long we keep things

• Forwarded email bodies: not retained. Stored on disk only between Postfix receipt and SES handoff (seconds), then deleted.
• Account row (your real email, plan state): retained while your account is active; deleted within 30 days of account deletion.
• Alias rows (your aliases and their labels): retained while your account is active or until you delete each alias.
• Magic-link tokens: 15-minute TTL; deleted automatically once consumed or expired.
• Standard request logs: up to 30 days.
• Stripe billing records: retained by Stripe per their policy and by us as long as legally required for tax/accounting (typically 7 years in the United States).
• Support emails: retained for up to 2 years after the last reply, then deleted.

Your rights

Wherever you sign up from, we apply the following:

• Right to access: email support@emcognito.com and we'll send you a copy of what we have on you.
• Right to deletion: from inside the app you can delete individual aliases at any time. To wipe your entire account record and every associated alias, email support and we'll do it. We will confirm completion within 30 days.
• Right to correct: you can edit alias labels and notes inside the app at any time. Email support to correct anything you can't change yourself.
• Right to portability: email support and we'll export your aliases as JSON or CSV.
• Right to opt out of analytics: use a tracker-blocking browser extension or the official Google Analytics opt-out add-on linked above; either one stops GA4 from loading. We do not currently detect or act on browser Do-Not-Track or Global Privacy Control headers, so please use one of those tools to opt out.
• Right to object / restrict (EEA/UK): where we process data on the basis of legitimate interests, you may object to that processing or ask us to restrict it; email support and we'll review the request.
• Right to lodge a complaint: EU/EEA residents may complain to their national data-protection authority and UK residents to the ICO. California residents have the rights described under the CCPA/CPRA — including the right to know, the right to delete, the right to correct, and the right to non-discrimination for exercising those rights. We do not sell or share your personal information, and we do not use it for cross-context behavioral advertising, as those terms are defined under the CCPA/CPRA — so there is nothing to opt out of on that front.

We don't charge for fulfilling rights requests and we don't ask for legal-style documentation — your account email is enough.

How we protect your data

• In transit: HTTPS (TLS) for the website and API. Forwarded mail uses SMTP over TLS to AWS SES.
• At rest: account and alias records are encrypted at rest in DynamoDB.
• Access: only the operator can read the production database. We do not use third-party customer-data tools (no Segment, no CRM, no support desk with full-account visibility).
• Sign-in: magic-link only; sessions are signed HS256 JWTs with a 7-day TTL.

No service can promise zero breaches. If we discover a personal-data breach that affects you, we will notify you by email without undue delay — and within any timeframe required by applicable law — describing what happened, what data was involved, and what you should do.

Cookies

We use a small number of strictly-necessary cookies and local-storage entries to keep you signed in (the emcognito_session entry in localStorage is your session JWT). Google Analytics sets its own analytics cookies across the web app (marketing pages and the signed-in dashboard); you can block these with any tracker-blocker or the Google opt-out add-on. We do not set any advertising cookies. We do not use Flash cookies, browser fingerprinting, or device-ID tracking.

Children

Emcognito is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe we've collected data from a child, email support and we'll delete it.

Changes to this policy

When we change this policy we update the "Last updated" date at the top. For material changes (new subprocessors, new categories of collection, new uses of data) we will also email registered users at least 30 days before the change takes effect.

Contact

Privacy questions, deletion requests, complaints, or anything else: support@emcognito.com.