FlowCrypt Privacy Policy
Summary
We will never:
✕ | Sell or otherwise misuse your data. |
✕ | Have access to any of your email content. For more details. |
✕ |
Have access to your Private Key,
[Private Key] Cryptographic information required to open or decrypt previously encrypted data for its corresponding Public Key. The Private Key is additionally protected with a Passphrase. Message Passwords, [Message Password] A one-time password used to encrypt Encrypted Messages when the recipient doesn’t have any Compatible Software. or Passphrase. [Passphrase] A lengthy string of characters that is used to protect the Private Key. It is designed to be difficult to guess or brute force. For more details. |
✕ |
Have access to your email Access Token
[Access Token] A set of tokens and information required to access a user’s account through their Email Provider. Kept exclusively by the Local App within the Local Machine. or email account. For more details. |
✕ | Store or have access to your uncensored credit card information. |
We do:
✓ | Produce software that offers end-to-end email encryption. For more details. |
✓ | Comply with GDPR. For more details. |
✓ |
Make your Public Key
[Public Key] Cryptographic information required to encrypt data for someone. It typically contains an email address, name, and information about how to encrypt messages for a particular recipient. publicly searchable by default. For more details |
We may:
● | Share your email address with our payment processor, if you are a paying customer. For more details. |
● |
Relay encrypted email through our servers. This can happen only when emailing a recipient that does not seem to have any Compatible Software
[Compatible Software] Software from other vendors that follows the OpenPGP standard of asymmetric key encryption. The Local App or Private Web App will attempt to find out which recipients use any Compatible Software by searching your Local App Contacts first. If no Public Key was found, the Local App will perform a lookup on Attester. Recipients are considered as having Compatible Software if the Local App or Private Web App has access to the recipient’s Public Key. installed (password-protected messages). For more details. |
Table of Contents
- End-To-End Encryption
- Email Access Token
- Message Delivery and Storage
- Handling Message Passwords and Passphrases
- Handling of Private Keys
- Personal Information
- Public Key Handling
- GDPR
- Terminology
- Feedback
End-to-end encryption
Regardless of the method of Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
delivery, FlowCrypt is end-to-end encryption software. That means the Message Content
[Message Content]
The actual meaningful information contained inside the Encrypted Message. Accessible to anyone with the corresponding Private Key (with the appropriate Passphrase) or the corresponding Message Password.
is encrypted in a Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
or Private Web App
[Private Web App]
A Web App that produces or is able to decrypt sensitive Message Content exclusively on the Local Machine.
on a Local Machine
[Local Machine]
Hardware used by end-users such as a computer, laptop, tablet, or smartphone.
and then sent to the recipient encrypted. The Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
handling approach by the recipient depends on their setup. The vast majority of compatible software will only decrypt your Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
on the recipient’s Local Machine.
[Local Machine]
Hardware used by end-users such as a computer, laptop, tablet, or smartphone.
That means neither Email Provider
[Email Provider]
A company, person, or their software who ensures the delivery of your email. This may include Google, Yahoo, Microsoft, other public email providers, or a private email server.
nor We
[We]
FlowCrypt developers, employees, legal entities, or server software that is under our direct control.
can access the Message Content
[Message Content]
The actual meaningful information contained inside the Encrypted Message. Accessible to anyone with the corresponding Private Key (with the appropriate Passphrase) or the corresponding Message Password.
in transit or at rest.
Email Access Token
An Access Token
[Access Token]
A set of tokens and information required to access the user’s account through their Email Provider. Kept exclusively by the Local App within the Local Machine.
is required to access the user’s email. The Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
will request this access during the setup process. Tokens are then exclusively stored in the Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
on the user’s Local Machine,
[Local Machine]
Hardware used by end-users such as a computer, laptop, tablet, or smartphone.
with no exceptions. The Access Token
[Access Token]
A set of tokens and information required to access a user’s account through their Email Provider. Kept exclusively by the Local App within the Local Machine.
is used solely within the Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
for user authentication, sending and receiving of Encrypted Messages,
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
and other related actions that make the Local App
[Local App]
FlowCrypt software that runs on a Local Machine. This may take a form of an extension, plugin, add-on, or native application.
work smoothly.
We
[We]
FlowCrypt developers, employees, legal entities, or server software that is under our direct control.
do not have access to your email account or emails, because the Access Token
[Access Token]
A set of tokens and information required to a access user’s account through their Email Provider. Kept exclusively by Local App within Local Machine.
is never shared with the FlowCrypt Server.
[FlowCrypt Server]
Our Server Software, running on Server Hardware.
The only data We[We]
FlowCrypt developers, employees, legal entities, or server software that is under our direct control.
receive this way is your email address and name. All other Email Provider
[Email Provider]
A company, person, or their software who ensures the delivery of your email. This may include Google, Yahoo, Microsoft, other public email providers, or a private email server.
data is confined to the Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
you installed, which we can’t access. Sensitive user data is encrypted before storage, ensuring it is protected from unauthorized access.
Message delivery and storage
When you message a recipient who has any Compatible Software,
[Compatible Software]
Software from other vendors that follows the OpenPGP standard of asymmetric key encryption. The Local App or Private Web App will attempt to find out which recipients use any Compatible Software by searching your Local App Contacts first. If no Public Key was found, the Local App will perform a lookup on Attester. Recipients are considered as having Compatible Software if the Local App or Private Web App has access to the recipient’s Public Key.
the encrypted message is transferred from your Email Provider
[Email Provider]
A company, person, or their software who ensures the delivery of your email. This may include Google, Yahoo, Microsoft, other public email providers, or a private email server.
to the recipient’s Email Provider.
[Email Provider]
A company, person, or their software who ensures the delivery of your email. This may include Google, Yahoo, Microsoft, other public email providers, or a private email server.
This includes any attachments. How the encrypted data is transferred and stored and what happens to the Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
is at the sole discretion of respective Email Providers.
[Email Provider]
A company, person, or their software who ensures the delivery of your email. This may include Google, Yahoo, Microsoft, other public email providers, or a private email server.
An Email Provider
[Email Provider]
A company, person, or their software who ensures the delivery of your email. This may include Google, Yahoo, Microsoft, other public email providers, or a private email server.
will see who you are messaging, how often, the email subject, and related meta-information just like they do when you send a Plain Text
[Plain Text]
Message that has not been encrypted, and may be readable by anyone handling it.
email. The process of sending encrypted emails is similar to that of Plain Text
[Plain Text]
Message that has not been encrypted, and may be readable by anyone handling it.
emails, except that the message contents are encrypted first. Therefore, the Email Provider
[Email Provider]
A company, person, or their software who ensures the delivery of your email. This may include Google, Yahoo, Microsoft, other public email providers, or a private email server.
is not able to read the Message Content.
[Message Content]
The actual meaningful information contained inside the Encrypted Message. Accessible to anyone with the corresponding Private Key (with the appropriate Passphrase) or the corresponding Message Password.
When any of your recipients do not have any Compatible Software,
[Compatible Software]
Software from other vendors that follows the OpenPGP standard of asymmetric key encryption. The Local App or Private Web App will attempt to find out which recipients use any Compatible Software by searching your Local App Contacts first. If no Public Key was found, the Local App will perform a lookup on Attester. Recipients are considered as having Compatible Software if the Local App or Private Web App has access to the recipient’s Public Key.
then the Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
or Private Web App
[Private Web App]
A Web App that produces or is able to decrypt sensitive Message Content exclusively on the Local Machine.
will require the sender to provide a Message Password.
[Message Password]
A one-time password used to encrypt Encrypted Messages when the recipient doesn’t have any Compatible Software.
Anyone who has access to the Message Password
[Message Password]
A one-time password used to encrypt Encrypted Messages when the recipient doesn’t have any Compatible Software.
can open such an Encrypted Message.
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
The Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
is then sent through Email Providers
[Email Provider]
A company, person, or their software who ensures the delivery of your email. This may include Google, Yahoo, Microsoft, other public email providers, or a private email server.
in the same way as above. In addition, the Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
will be stored on the FlowCrypt Server.
[FlowCrypt Server]
Our Server Software, running on Server Hardware.
This helps recipients without any Compatible Software
[Compatible Software]
Software from other vendors that follows the OpenPGP standard of asymmetric key encryption. The Local App or Private Web App will attempt to find out which recipients use any Compatible Software by searching your Local App Contacts first. If no Public Key was found, the Local App will perform a lookup on Attester. Recipients are considered as having Compatible Software if the Local App or Private Web App has access to the recipient’s Public Key.
to open such messages and view their Message Content
[Message Content]
The actual meaningful information contained inside the Encrypted Message. Accessible to anyone with the corresponding Private Key (with the appropriate Passphrase) or the corresponding Message Password.
through the use of a Private Web App.
[Private Web App]
A Web App that produces or is able to decrypt sensitive Message Content exclusively on the Local Machine.
When the recipient doesn’t have any Compatible Software
[Compatible Software]
Software from other vendors that follows the OpenPGP standard of asymmetric key encryption. The Local App or Private Web App will attempt to find out which recipients use any Compatible Software by searching your Local App Contacts first. If no Public Key was found, the Local App will perform a lookup on Attester. Recipients are considered as having Compatible Software if the Local App or Private Web App has access to the recipient’s Public Key.
and the Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
is relayed through the FlowCrypt Server,
[FlowCrypt Server]
Our Server Software, running on Server Hardware.
the following information is stored along with it:
(a) The date and time the Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
was sent
(b) The size of the Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
(c) The Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
(d) The message expiration time
(e) Indication if this is an Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
text or attachment.
From the information that we have stored, we are unable to deduce which sender sent each Encrypted Message
[Encrypted Message]
Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
or to whom it was sent. Because a Message Password
[Message Password]
A one-time password used to encrypt Encrypted Messages when the recipient doesn’t have any Compatible Software.
can be subject to a Brute Force Attack,
[Brute Force Attack]
A method of unlocking encrypted material without breaking the underlying encryption, by using vast amounts of computational power to guess all possible combinations of a given Passphrase or Message Password. This attack method can be combined with other methods such as a dictionary attack (the use of words commonly found in passwords). The success rate of such an attack can vary greatly, depending on the complexity and length of the Passphrase or Message Password. Simple, short passwords are more vulnerable to this type of attack, while long, complicated, uncommon, and hard-to-guess passwords are less likely to be cracked. In fact, with current technology, it is effectively impossible to crack complex, very long, and random passwords.
it is recommended to use a Message Password
[Message Password]
A one-time password used to encrypt Encrypted Messages when the recipient doesn’t have any Compatible Software.
of sufficient strength for your particular use case. By default, messages relayed through the FlowCrypt Server
[FlowCrypt Server]
Our Server Software, running on Server Hardware.
this way expire and get deleted after 90 days for both free users and Enterprise users who use Shared Tenant FES. We do this to protect users who may have used a weak password. However, Enterprise users who run their own server infrastructure can choose the expiration time.
Handling Message Passwords and Passphrases
We
[We]
FlowCrypt developers, employees, legal entities, or server software that is under our direct control.
will never have access to user Private Keys,
[Private Key]
Cryptographic information required to open or decrypt previously encrypted data for its corresponding Public Key. The Private Key is additionally protected with a Passphrase.
Message Passwords,
[Message Password]
A one-time password used to encrypt Encrypted Messages when the recipient doesn’t have any Compatible Software.
or Passphrases.
[Passphrase]
A lengthy string of characters that is used to protect the Private Key. It is designed to be difficult to guess or brute force.
The Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
is designed to never send such information to the FlowCrypt Server.
[FlowCrypt Server]
Our Server Software, running on Server Hardware.
The Local App,
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
Private Web App,
[Private Web App]
A Web App that produces or is able to decrypt sensitive Message Content exclusively on the Local Machine.
or any other FlowCrypt software will not distribute Passphrases
[Passphrase]
A lengthy string of characters that is used to protect the Private Key. It is designed to be difficult to guess or brute force.
or Message Passwords
[Message Password]
A one-time password used to encrypt Encrypted Messages when the recipient doesn’t have any Compatible Software.
in any way. Safe storage, backup, and distribution of this material are left solely up to the user.
If any user intentionally or unintentionally sends a Private Key,
[Private Key]
Cryptographic information required to open or decrypt previously encrypted data for its corresponding Public Key. The Private Key is additionally protected with a Passphrase.
Message Password,
[Message Password]
A one-time password used to encrypt Encrypted Messages when the recipient doesn’t have any Compatible Software.
or Passphrase
[Passphrase]
A lengthy string of characters that is used to protect the Private Key. It is designed to be difficult to guess or brute force.
to us (please do not do that!), we will delete such information immediately upon noticing it, unless the user explicitly indicated that this material is solely for testing purposes. In either case, users should consider such keys not trusted and compromised and should avoid using them in production scenarios.
Handling of Private Keys
The Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
will store Private Keys
[Private Key]
Cryptographic information required to open or decrypt previously encrypted data for its corresponding Public Key. The Private Key is additionally protected with a Passphrase.
in storage that is accessible only to the Local Machine
[Local Machine]
Hardware used by end-users such as a computer, laptop, tablet, or smartphone.
such as browser storage, application storage, hard drive, or similar, and the security of these Private Keys
[Private Key]
Cryptographic information required to open or decrypt previously encrypted data for its corresponding Public Key. The Private Key is additionally protected with a Passphrase.
depends on the security of the underlying Local Machine
[Local Machine]
Hardware used by end-users such as a computer, laptop, tablet, or smartphone.
that stores them. For this reason, it is recommended to always update to the latest operating system, keep up to date with the latest security fixes, keep the system virus free, and use full-disk encryption or any other practices that make the Local Machine
[Local Machine]
Hardware used by end-users such as a computer, laptop, tablet, or smartphone.
less vulnerable to attackers. Additionally, we recommend that you select an “Always require a passphrase when opening email” option as an additional layer of security in case your Local Machine
[Local Machine]
Hardware used by end-users such as a computer, laptop, tablet, or smartphone.
gets compromised in the future through physical or other means.
In addition to storing the Private Key
[Private Key]
Cryptographic information required to open or decrypt previously encrypted data for its corresponding Public Key. The Private Key is additionally protected with a Passphrase.
in the Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
exclusive in the Local Machine,
[Local Machine]
Hardware used by end-users such as a computer, laptop, tablet, or smartphone.
depending on how the Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
was set up, the following will apply:
When importing Private Key from elsewhere.
The Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
will keep both the Private Key
[Private Key]
Cryptographic information required to open or decrypt previously encrypted data for its corresponding Public Key. The Private Key is additionally protected with a Passphrase.
and the Passphrase
[Passphrase]
A lengthy string of characters that is used to protect the Private Key. It is designed to be difficult to guess or brute force.
exclusively on the Local Machine,
[Local Machine]
Hardware used by end-users such as a computer, laptop, tablet, or smartphone.
unless the user specifically navigates to the backup Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
section of settings where they perform an additional form of Private Key
[Private Key]
Cryptographic information required to open or decrypt previously encrypted data for its corresponding Public Key. The Private Key is additionally protected with a Passphrase.
backup.
When creating a new Private Key.
The Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
will provide the user with a comprehensive estimation of their Passphrase
[Passphrase]
A lengthy string of characters that is used to protect the Private Key. It is designed to be difficult to guess or brute force.
strength. Once the user chooses a Passphrase
[Passphrase]
A lengthy string of characters that is used to protect the Private Key. It is designed to be difficult to guess or brute force.
of satisfactory strength depending on their use case, the Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
will store the Passphrase
[Passphrase]
A lengthy string of characters that is used to protect the Private Key. It is designed to be difficult to guess or brute force.
and the Private Key
[Private Key]
Cryptographic information required to open or decrypt previously encrypted data for its corresponding Public Key. The Private Key is additionally protected with a Passphrase.
on the Local Machine.
[Local Machine]
Hardware used by end-users such as a computer, laptop, tablet, or smartphone.
In addition, as a part of the setup process, the Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
will provide the option to backup (default configuration) the encrypted Private Key
[Private Key]
Cryptographic information required to open or decrypt previously encrypted data for its corresponding Public Key. The Private Key is additionally protected with a Passphrase.
on your Email Provider or not to perform any backup.
[Email Provider]
A company, person, or their software who ensures the delivery of your email. This may include Google, Yahoo, Microsoft, other public email providers, or a private email server.
Personal information
We will not sell, share or otherwise abuse your personal information.
To be able to fulfill our services, we may need to share the user’s email address and name with a third-party, such as a payment processor for premium accounts.
Email address and name are also enclosed within your Public Key,
[Public Key]
Cryptographic information required to encrypt data for someone. It typically contains an email address, name, and information about how to encrypt messages for a particular recipient.
which is made searchable by your email address on Attester.
[Attester]
Our Server Software necessary to make encrypted OpenPGP communication smooth. Attester runs on Server Hardware and helps store, distribute, and verify Public Keys
Public Key handling
The Public Key contains your email address, name, and information about how to encrypt messages for you. Distribution of Public Keys is necessary to make end-to-end encryption work. When others encrypt messages for you, their Local App
[Local App]
FlowCrypt software that runs on a Local Machine. It can be in the form of an extension, plugin, add-on, or native application.
will retrieve the relevant Public Key
[Public Key]
Cryptographic information required to encrypt data for someone. It typically contains an email address, name, and information about how to encrypt messages for a particular recipient.
from Attester
[Attester]
Our Server Software necessary to make encrypted OpenPGP communication smooth. Attester runs on Server Hardware and helps store, distribute, and verify Public Keys.
based on your email address.
While Attester
[Attester]
Our Server Software necessary to make encrypted OpenPGP communication smooth. Attester runs on Server Hardware and helps store, distribute, and verify Public Keys.
allows the searching of Public Keys
[Public Key]
Cryptographic information required to encrypt data for someone. It typically contains an email address, name, and information about how to encrypt messages for a particular recipient.
based on email addresses, it does not allow the listing or bulk export of public keys. This way our Public Key
[Public Key]
Cryptographic information required to encrypt data for someone. It typically contains an email address, name, and information about how to encrypt messages for a particular recipient.
database cannot be harvested for spam, unlike other keyservers.
If you want to prevent your Public Key
[Public Key]
Cryptographic information required to encrypt data for someone. It typically contains an email address, name, and information about how to encrypt messages for a particular recipient.
from being publicly available (and instead want to manually distribute it to your contacts, or do not wish to use encryption anymore), visit the Dismiss Recorded Public Key page.
GDPR
We, as well as all of our suppliers, are complying with GDPR for all users globally.
You can utilize our software to meet your own GDPR compliance goals, as end-to-end encryption helps guard your sensitive data, and helps reduce exposure in case of a data breach.
All of our servers are located within the EU.
Terminology
We: FlowCrypt developers, employees, legal entities, or server software that is under our direct control.
You: The user of this software is bound by its license and terms of use.
Server Hardware: Third-party server infrastructure provided as a service to Us. This may include cloud servers and related services.
FlowCrypt Server: Our Server Software, that runs on Server Hardware.
Attester: Our Server Software necessary to make encrypted OpenPGP communication smooth. Attester runs on Server Hardware and helps store, distribute, and verify Public Keys.
Public Key: Cryptographic information required to encrypt data for someone. It typically contains an email address, name, and information about how to encrypt messages for a particular recipient.
Private Key: Cryptographic information required to open or decrypt previously encrypted data for its corresponding Public Key. The Private Key is additionally protected with a Passphrase.
Passphrase: A lengthy string of characters that is used to protect the Private Key. It is designed to be difficult to guess or brute force.
Brute Force Attack: A method of unlocking encrypted material without breaking the underlying encryption, by using vast amounts of computational power to guess all possible combinations of a given Passphrase or Message Password. This attack method can be combined with other methods such as a dictionary attack which involves using words commonly found in passwords. The success rate of such an attack can vary greatly, depending on the complexity and length of the Passphrase or Message Massword. Simple, short passwords are more vulnerable to this type of attack, while long, complicated, uncommon, and hard-to-guess passwords are less likely to be cracked. Actually, with current technology, it is effectively impossible to crack complex, very long, and random passwords.
Local Machine: Hardware used by end-users such as a computer, laptop, tablet, or smartphone.
Local App: FlowCrypt software that runs on a Local Machine. This may take a form of an extension, plugin, add-on, or native application.
Local App Contacts: Collection of contacts who use encryption, their Public Keys, and related info stored in the Local App.
Web App: FlowCrypt software which is served on the web through a link.
Private Web App: A Web App that produces or is able to decrypt sensitive Message Content exclusively on the Local Machine.
Email Provider: A company, person, or their software that ensures the delivery of your email. This could be Google, Yahoo, Microsoft, another public email provider, or a private email server.
Access Token: A set of tokens and information required to access a user’s account through their Email Provider. Kept exclusively by the Local App within the Local Machine.
Compatible Software: Software from other vendors that follows the OpenPGP standard of asymmetric key encryption. The Local App or Private Web App will attempt to find out which recipients use any Compatible Software by searching your Local App Contacts first. If no Public Key was found, the Local App will perform a lookup on Attester. Recipients are considered as having Compatible Software if the Local App or Private Web App has access to the recipient’s Public Key.
Plain Text: Message that has not been encrypted, and may be readable by anyone handling it.
Encrypted Message: Encrypted text data that may or may not include encrypted attachments. Typically in the format of an email with certain encrypted parts of the email.
Message Password: One-time password used to encrypt Encrypted Messages when the recipient doesn’t have any Compatible Software.
Message Content: The actual meaningful information contained inside the Encrypted Message. Accessible to anyone with the corresponding Private Key (with the appropriate Passphrase) or the corresponding Message Password.
Feedback
This privacy policy is subject to change without prior notice based on feedback from the community. Such changes and prior versions will be visible on the project’s public repository and also mentioned in the project’s changelog if/when such changes occur.
Please send us your feedback or requests for clarification at human@flowcrypt.com