Privacy Policy

Last updated: March 2026

INTRODUCTION

NukeMail is built around privacy. We created this service specifically so you can receive emails without giving away your identity. This policy explains exactly what data we handle, how we handle it, and — more importantly — what we don't do.

WHAT WE COLLECT

We collect only what's necessary to run the service:

·Temporary email address (e.g. [email protected])

·Received emails (sender address, sender name, subject, body content)

·Access code (generated automatically — format: NUKE-XXXXXXXXXX)

·A single HTTP-only session cookie to keep you connected to your inbox

·For Premium users: payment is processed by Stripe — we store a Stripe customer ID but never see or store your card details

·For the contact form: whatever you voluntarily enter (name, email, message)

That's it. Nothing else.

WHAT WE DO NOT COLLECT

We want to be very explicit about this:

✕Real name, real email address, password, or phone number

✕IP address — we do not log or store IP addresses for identification

✕Location data or browser fingerprints

✕No tracking cookies, no analytics cookies, no third-party cookies from us

✕No user profiles, no behavioral analytics, no usage patterns

✕We do not sell, share, or monetise any user data — ever

COOKIES

Namenukemail_token

PurposeKeeps you connected to your inbox

TypeHTTP-only, Secure, SameSite=Lax

Duration14 days, refreshed on each visit

This is the only cookie NukeMail sets. Our ad provider (shown to free users) may set their own cookies — refer to their privacy policy for details. Premium users see no ads and no third-party cookies.

DATA RETENTION

Free inbox24h active → locked 14 days → deleted

Premium inboxActive while paid → 3 months dormant → deleted

EmailsAuto-deleted after 30 days regardless of tier

Delete buttonAll data permanently deleted immediately

Permanently deleted means gone from our database. We do not keep backups of deleted user data. Once deleted — whether by you or by our automatic cleanup — the data cannot be recovered by anyone, including us.

THIRD-PARTY SERVICES

We use a small number of external services to run NukeMail:

·Supabase — database hosting (supabase.com/privacy)

·Cloudflare — CDN and DDoS protection (cloudflare.com/privacypolicy)

·Stripe — payment processing, Premium only (stripe.com/privacy)

·Resend — contact form email forwarding only (resend.com/legal/privacy-policy)

·Ad provider — free users only, when applicable

ADVERTISING

·Free users may see non-intrusive advertisements

·No personalised or targeted advertising — ever

·No user data is shared with advertisers

·Ads never overlay content, auto-play, or cause layout shift

·Premium users see zero ads

YOUR RIGHTS

You can delete your inbox and all associated data at any time using the “Delete Inbox” button. Deletion is immediate and permanent. If you don't delete manually, your data is automatically removed after the retention period described above. For any privacy-related questions, reach out via our contact page.

CHILDREN

NukeMail is not intended for children under 13. We do not knowingly collect data from children under 13. If you believe a child under 13 has used our service, please contact us and we will delete the associated data.

CHANGES TO THIS POLICY

We may update this policy from time to time. The “Last updated” date at the top of this page reflects any changes. Continued use of NukeMail after changes constitutes acceptance of the updated policy.

CONTACT

Questions about this privacy policy? Reach out via our contact page.