Privacy Policy

Last updated: February 8, 2026

            TL;DR: We access your Gmail to filter emails. We don't sell your data. We don't read your emails (they're processed automatically). Payments happen on Bitcoin's Lightning Network.
        

1. What We Collect

When you use TANSTAAFL Mail, we collect:

Gmail Data: Email metadata (sender, subject, date) and content to determine if senders are trusted or need to pay. This data is processed automatically and not reviewed by humans.
Account Information: Your email address and display name when you sign up via Google OAuth.
Payment Data: Bitcoin Lightning payment hashes and amounts. We do not store traditional payment info (no credit cards).
Trusted Contacts: The list of senders you've marked as trusted.

2. How We Use Gmail Access

We request the following Gmail permissions:

Read emails (gmail.readonly): To check incoming emails and determine if the sender is trusted or needs to pay.
Send emails (gmail.send): To send payment request emails to blocked senders on your behalf.
Modify emails (gmail.modify): To label, archive, or move emails based on payment status and your preferences.

            We never: Share your emails with third parties, use your data for advertising, or allow human review of your email content.
        

3. Data Storage & Security

Email content is processed in real-time and not permanently stored on our servers.
OAuth tokens are encrypted and stored securely.
All connections use HTTPS/TLS encryption.
We use industry-standard security practices.

4. Bitcoin & Lightning Payments

Payments are processed via the Bitcoin Lightning Network.
We record payment amounts and transaction hashes for your earnings dashboard.
Withdrawals go to your provided Bitcoin/Lightning address.
We do not have access to your personal Bitcoin wallet.

5. Data Retention

Account data is retained while your account is active.
You can delete your account at any time from Settings.
Upon deletion, we remove your data within 30 days.
Payment records may be retained for legal/tax compliance.

6. Third-Party Services

We use:

Google OAuth: For authentication and Gmail access (Google Privacy Policy)
Cloudflare: For DNS, email routing, and security
Bitcoin Lightning Network: For payment processing

7. Your Rights

You have the right to:

Access your data
Delete your account and data
Revoke Gmail access at any time via Google Account Settings
Export your trusted contacts list

8. Children's Privacy

TANSTAAFL Mail is not intended for users under 18. We do not knowingly collect data from minors.

9. Changes to This Policy

We may update this policy. Significant changes will be announced via email or in-app notification.

10. Contact

Questions? Contact us at [email protected]

TANSTAAFL Mail · Home · Terms of Service