NukeMail
GuidesAboutContactPremium

Privacy Policy

Last updated: April 2026

INTRODUCTION

NukeMail is built around privacy. We created this service specifically so you can receive emails without giving away your identity. This policy explains exactly what data we handle, how we handle it and (more importantly) what we don't do. See also our Terms of Service.

WHAT WE COLLECT

We collect only what's necessary to run the service:

·Temporary email address (e.g. [email protected])
·Received emails (sender address, sender name, subject, body content)
·Access code (generated automatically, format: NUKE-XXXXXXXXXX)
·A single HTTP-only session cookie to keep you connected to your inbox
·For Premium users: payment is processed by Stripe. We store a Stripe customer ID but never see or store your card details
·For the contact form: whatever you voluntarily enter (name, email, message)

That's it. Nothing else.

WHAT WE DO NOT COLLECT

We want to be very explicit about this:

Real name, real email address, password or phone number
IP addresses. We don't log or store them for identification
Location data or browser fingerprints
No tracking cookies set by NukeMail (our ad provider may set their own, see Advertising section below)
No user profiles or personal data linked to your inbox
We don't sell, share or monetise any user data. Ever

COOKIES

Namenukemail_token
PurposeKeeps you connected to your inbox
TypeHTTP-only, Secure, SameSite=Lax
Duration14 days, refreshed on each visit

This is the only cookie NukeMail sets. Our ad provider (shown to free users) may set their own cookies. Refer to their privacy policy for details. Premium users see no ads and no third-party cookies.

DATA RETENTION

Free inbox24h active → locked 14 days → deleted
Premium inboxActive while paid → 3 months dormant → deleted
EmailsAuto-deleted after 30 days regardless of tier
Delete buttonAll data permanently deleted immediately

Permanently deleted means gone from our database. We don't keep backups of deleted user data. Once it's deleted (whether by you or by our automatic cleanup) the data can't be recovered by anyone, including us.

THIRD-PARTY SERVICES

We use a small number of external services to run NukeMail:

·Supabase: database hosting (supabase.com/privacy)
·Cloudflare: CDN and DDoS protection (cloudflare.com/privacypolicy)
·Stripe: payment processing, Premium only (stripe.com/privacy)
·Resend: contact form email forwarding only (resend.com/legal/privacy-policy)
·Umami: privacy-friendly analytics, no cookies, no personal data (umami.is/privacy)

Some of these services may process data outside of your country. By using NukeMail, you acknowledge that your data may be transferred to and processed in the United States or other jurisdictions where our service providers operate.

ADVERTISING

Free users may see advertisements from our affiliate partners. Here's how that works:

·NukeMail doesn't collect, share or sell any user data to advertisers
·Ads are placed inline. They never overlay content, auto-play video or cause layout shift
·Some ads are affiliate links. If you click and make a purchase, NukeMail may earn a commission at no extra cost to you
·Affiliate links are clearly marked with an "AD" label
·Premium users see zero ads

YOUR RIGHTS

You can delete your inbox and all associated data at any time using the “Delete Inbox” button. Deletion is immediate and permanent. If you don't delete manually, your data is automatically removed after the retention period described above. For any privacy-related questions, reach out via our contact page.

GDPR (EUROPEAN USERS)

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation:

·Right to access: you can view all your data in your inbox at any time
·Right to erasure: delete your inbox and all data instantly via the Delete button
·Right to data portability: your emails are viewable and copyable at any time during the active period
·Right to object to processing: you can stop using the service at any time
·Right to restrict processing: delete your inbox to stop all data processing immediately

Our legal basis for processing is legitimate interest (providing the service you requested). For advertising, we rely on consent where required. Contact us via our contact page for any GDPR-related requests.

CCPA (CALIFORNIA USERS)

Under the California Consumer Privacy Act, California residents have the right to know what personal information is collected, request deletion of their data and opt out of the sale of personal information. NukeMail doesn't sell personal information. You can delete all your data at any time using the Delete button in your inbox.

LAW ENFORCEMENT

We will only disclose user data to law enforcement when legally compelled by a valid court order or subpoena. Given our minimal data collection and automatic deletion schedule, there is very little data to disclose in most cases. We will notify affected users where legally permitted to do so.

CHILDREN

NukeMail isn't intended for children under 13. We do not knowingly collect data from children under 13. If you believe a child under 13 has used our service, please contact us and we will delete the associated data.

CHANGES TO THIS POLICY

We may update this policy from time to time. The “Last updated” date at the top of this page reflects any changes. Continued use of NukeMail after changes constitutes acceptance of the updated policy.

CONTACT

Questions about this privacy policy? Reach out via our contact page.