Privacy Policy

• A generated email address, inbox expiry time, message metadata, and message content for the active inbox window.
• A session cookie that binds your browser session to your inbox so knowing the address alone is not enough to read mail.
• Operational request data that may be processed by our application, hosting, CDN, DNS, and security providers.
• Abuse reports and related evidence submitted to us.

• To create temporary inboxes, receive email, render messages, copy verification codes, and expire inboxes on schedule.
• To detect spam, phishing, fraud, security abuse, service misuse, reliability issues, and policy violations.
• To respond to abuse reports, provider notices, and lawful requests.

Inbox messages auto-delete after 10 minutes, extendable once to 20 minutes. After expiry, messages are not recoverable from active inbox storage.

The browser session cookie may live longer than the inbox so a refresh can show the current state, but an expired inbox remains unavailable.

Operational logs, abuse reports, and security records may be kept longer when needed for reliability, abuse prevention, dispute handling, or legal compliance.

We do not sell personal data. We may share limited data with infrastructure providers that operate the service, with affected providers during abuse handling, or when required by lawful process.

For privacy or abuse questions, contact [email protected] with enough detail for us to identify the relevant inbox, domain, or report.