Security at Scroogle Mail

Security you can check. Not just trust.

Our clients are open source, our cryptography is published, and our independent audit reports go up in full - the awkward findings included. Your mailbox is encrypted with keys we never hold, so "trust us" isn't part of the deal. Check us instead.

Zero-access encryption

What zero-access actually means

We do not have the technical means to read your email. That's not a promise written in a policy document - it's a property of the system. When you create your account, your encryption keys are derived from your password using Argon2id, in your browser. Your password never reaches us, so the keys never exist on our side. What sits on our servers is ciphertext: locked boxes we store and back up without ever holding a key.

Plenty of providers say "encrypted" and mean encrypted with keys they keep - which protects you from a stolen hard drive, but not from the provider, its staff, or anyone who can compel it. Zero-access means the lock is yours. If a Scroogle Mail engineer went rogue tomorrow, the worst they could exfiltrate is a pile of encrypted blobs and the routing metadata described on the right.

However - and here's the honest bit - email is a federated system, and running one leaves traces. We can't route a message without knowing where it's going, and we can't fight abuse with our eyes completely shut. So rather than pretend we see nothing, we've written down exactly what we can see, kept it as small as we can, and put it in the table beside this. Judge us on that list.

What we CANNOT see

Encrypted with your keys. Unreadable to us, permanently.

  • Message bodies
  • Attachments
  • Contacts
  • Calendar entries
  • Drafts

What we CAN see

The minimum needed to bill you, route mail and fight abuse.

  • Your account email address and billing state
  • The sizes of your encrypted blobs
  • Delivery metadata needed to route mail
  • Short-lived access logs - kept 3 days by default
Under the bonnet

The encryption, layer by layer

No single lock protects everything, so we don't use a single lock. Here's every layer between your email and anyone who'd like a look.

In your browser

Your keys are generated client-side, on your own device, the moment you sign up. They're locked with a key derived from your password via Argon2id - a memory-hard function built to make brute-force attacks slow and expensive. Your password, and the keys it unlocks, never travel to our servers.

Between users

Mail between Scroogle Mail addresses is end-to-end encrypted automatically, using OpenPGP - the most scrutinised message encryption standard there is. Encrypted on your device, decrypted on theirs, and never readable in between. No toggle to remember, no setup, no exceptions.

To the outside world

Writing to a Gmail or Outlook address? Send it password-protected with an expiry date, and the recipient opens it in a secure viewer - their provider never sees the content. Ordinary external mail travels over TLS 1.3, with MTA-STS and DANE stopping downgrade tricks along the way.

At rest

Your whole mailbox sits under zero-access encryption in two Swiss datacentres - Zurich and Lausanne - that we operate on hardware we own, with no third-party cloud involved. Your mail never leaves Switzerland. Beneath that, full-disk encryption protects the hardware itself, so even a stolen drive tells its thief nothing.

Account security

Your account's armour

The strongest encryption in the world is pointless if someone can simply sign in as you. So we've made that the hard part.

Two-factor authentication

Add a second lock with any authenticator app, or go further with a hardware security key over WebAuthn - the strongest consumer 2FA there is, and immune to phishing pages that fool one-time codes. We'll nudge you to turn it on; we'd rather nag than mop up.

Session management

See every device and browser signed in to your account, when it last connected and roughly where from. Left yourself logged in on a hotel computer? One click signs it out remotely - no need to change your password unless you want to.

Login alerting

A sign-in from a new device or an unfamiliar location triggers an alert straight away, so you find out about anything odd within minutes rather than months. If it wasn't you, one tap locks the session out and walks you through securing the account.

Rate-limited sign-in

Failed attempts slow down sharply and then stop, which turns password-guessing from an automated flood into a geological process. Combined with Argon2id password hashing, brute force against a Scroogle Mail account is a very boring way to waste electricity.

Your recovery phrase - the honest small print

At signup we issue you a one-time recovery phrase. Write it down and keep it somewhere safe, because here's the deal with real encryption: if you lose your password and your recovery phrase, your mail is gone. Not "gone until support resets it" - gone. We can't read your mailbox, which also means we can't rescue it. Any provider that can always recover your mail can always read it too. We think the trade is worth it; we'd rather you made that choice knowingly.

The legal bit, straight

Honesty about Swiss law

Swiss privacy law is a genuine advantage, and we'll happily say so: Scroogle Mail AG is a Swiss company governed by the revised Swiss Federal Act on Data Protection (FADP), and because Switzerland holds adequacy decisions from both the UK and the EU, your mail can lawfully stay in Switzerland. But we won't wave the words "beyond government reach" around, because they aren't true - of us or of anyone. Swiss authorities can compel disclosure through Swiss legal process, and we comply with valid Swiss legal orders. What we did instead was design the service so that compliance hands over almost nothing.

If we're legally required to produce your mailbox, what we can produce is encrypted blobs and minimal metadata. We can't be compelled to hand over keys we don't have.

Encrypted by design

Message content, attachments, contacts and calendars are encrypted with keys derived from your password. A legal order can't change mathematics: we cannot decrypt what we cannot decrypt.

3-day access logs

Access logs exist to fight abuse - password-guessing, spam runs, account takeovers - and are kept for 3 days by default, then deleted. Data we no longer hold is data nobody can demand.

Counted in public

Every request we receive is counted and published in our annual transparency report, alongside what - if anything - was produced. If that number ever moves in a way that worries you, you'll see it.

One more honest note: if your threat model includes a determined state adversary, no email provider should be your whole plan - including us. Layer Tor over your connection, manage your own PGP keys, and treat Scroogle Mail as one part of your setup rather than all of it. We'd rather tell you that plainly than sell you a false sense of security.

Prove it

Verified, not trusted

Every claim on this page is checkable. That's deliberate: security you can't verify is just marketing with a padlock icon.

Open-source clients

Our web, iOS and Android apps are open source on GitHub. The code that generates your keys and encrypts your mail is public, so any cryptographer - or any sufficiently suspicious teenager - can confirm it does exactly what we say and nothing else.

Audited every year

An independent security firm audits our infrastructure and cryptography annually, and we publish the report in full - findings, severities and our fixes included. No executive summaries with the embarrassing bits sanded off.

Bug bounty

Found a hole? We pay for responsibly disclosed vulnerabilities and we credit researchers who want it. Report to security@scrooglemail.com - encrypted reports welcome, details and rewards on our security contact page.

OpenPGP fingerprint for security@scrooglemail.com:

4F2A 9C81 D7E3 55B0 6A1D 8F42 C3B9 07E6 2D14 AA58
Security questions

Asked a lot, answered honestly

Can you read my email?
No - and not in the "we promise we won't" sense. Your mailbox is encrypted with keys derived from your password via Argon2id, and your password never reaches our servers, so the keys to your mail simply don't exist on our side. We do not have the technical means to read it. What our systems can see is listed in full further up this page: account email, billing state, blob sizes, routing metadata and short-lived access logs.
What if I lose my password?
Use the recovery phrase we issued at signup and you can reset your password without losing a single message. Lose both, and your mail is unrecoverable - by you, by us, by anyone. We know that sounds harsh, but it's the unavoidable flip side of zero-access encryption: a provider that can always rescue your mailbox is a provider that can always read it. Keep the phrase in a password manager, or on paper somewhere safe.
Why should I trust your encryption claims?
You shouldn't - you should check them. Our client apps are open source, so the encryption code runs where you can read it. The cryptography is standard, published OpenPGP rather than anything home-brewed. And an independent security firm audits us every year, with the full report published, warts and all. Trust is what's left over after verification, not a substitute for it.
What do you log?
Access logs - connection metadata used to fight abuse like password-guessing and spam runs - are kept for 3 days by default, then deleted. Beyond that we hold what's needed to run a paid service: your account email address, billing state, storage used and the delivery metadata required to route mail. We don't log message content (we couldn't read it anyway), we don't build browsing profiles, and this website doesn't even use analytics cookies.
Is Swiss jurisdiction actually an advantage?
Honest answer: yes, but not in the "untouchable" way some marketing implies. Switzerland has strong privacy law - the revised FADP - and holds adequacy decisions from both the UK and the EU, so your mail lawfully stays in Switzerland while we remain GDPR and UK GDPR compliant for our UK and EU customers. What Swiss jurisdiction does not mean is immunity: Swiss authorities can compel disclosure through Swiss legal process, and we comply with valid Swiss legal orders - every provider in every country complies with its own. Our real answer is architectural: what we can be compelled to produce is encrypted blobs and minimal metadata, because we never hold your keys, and our 3-day log window means most data is gone before anyone asks. Every request is counted in our annual transparency report. If your threat model is a determined state, layer Tor and your own PGP on top - of us or of anyone.

Encryption this good shouldn't need a manual.

Every plan gets the full security model - zero-access storage, end-to-end encryption and tracker blocking - from £2.99 a month, VAT included. Set up takes about three minutes.

Get Scroogle Mail