Data Storage & Security

Here's exactly how we handle your data - no marketing fluff, just the technical facts.

💡 Here's What Makes Us Different

We don't store your email messages. Period.

When you check your inbox, we fetch messages in real-time from our mail server. They're never written to our application database. Think of it like streaming a video instead of downloading it.

How It Actually Works

Real-Time Fetching

Every time you open your inbox, we query our backend mail server on-the-fly. No database queries, no permanent storage - just a direct connection to the mail server.

Encrypted RAM Storage

Your messages live in encrypted RAM on our mail server. Not on a hard drive, not in a database - just temporary memory. This is lightning-fast and inherently more secure since RAM is wiped when freed.

Smart Backup System

Our backend creates periodic backups for system stability. Here's the clever part: each new backup overwrites the previous one. Old emails get purged automatically, only fresh ones survive. No data hoarding, ever.

Instant Manual Deletion

When you delete an email from your dashboard, it's gone. Immediately. Both the email address and all associated messages are completely removed from our system. No "soft deletes" or recovery periods - it's just... gone.

What We Actually Store

Email Metadata (Firebase)

We store basic info about your temporary emails:

Email prefix (e.g., "john123" in john123@easytrashmail.eu)
When it was created and when it expires
Visibility settings (public/private/specific users)

No message content lives here. Just metadata.

Your Account (If You Made One)

Optional account data for logged-in users:

Your email address (for login)
Plan type (Free or Premium)
Account status and creation date
Support tickets if you've contacted us

🚫 What We DON'T Store

Email messages - fetched in real-time, never saved to our database
Your personal information (we don't need it)
IP addresses (anonymized for basic analytics only)
Browser fingerprints or device tracking
Location data
Third-party tracking cookies

Security Measures

Encryption Everywhere

Messages are encrypted in RAM. Data transmission uses TLS 1.3. Firebase data is encrypted at rest. Basically, everything's locked down.

Access Control

Firebase Security Rules ensure you can only access your own data. No exceptions.

GDPR Compliant

You have full control over your data. Access it, modify it, or delete it anytime from your dashboard.

No Data Sharing

We don't sell, rent, or share your data. Ever. Your emails are yours alone.

How Long Your Data Lives

Free Plan - 1 Hour

Your email and messages stick around for 1 hour. After that, they're automatically cleared from the system during the next backup cycle.

Premium Plan - 30 Days

Premium users get 30 days of email access. Same deal - after expiration, everything gets purged.

Manual Deletion - Instant

Don't want to wait? Delete your email manually from the dashboard. The email address and all messages are wiped immediately - no delays, no recovery, just gone.

Account Data

If you created an account, your account info stays until you delete it. You can do that anytime from your dashboard settings.

🤓

For Nerds - Technical Deep Dive

Architecture Overview

Frontend (Next.js) → API Routes → Backend Mail Server (IMAP/POP3)

User Auth & Metadata → Firebase (Firestore + Auth)

Message Storage → Backend RAM (encrypted, no disk writes)

Message Retrieval Flow

User opens inbox → Frontend calls /api/emails/[slug]/messages
API authenticates request & validates email ownership
API connects to backend mail server via IMAP/POP3
Backend fetches messages from encrypted RAM (in-memory mailbox)
Messages are parsed & returned as JSON to frontend
No database writes occur - messages stay in RAM only

RAM Storage Details

Messages stored in-memory using mail server's native RAM-based storage (e.g., Postfix with in-memory queue)
Encryption: AES-256 in memory (keys rotated per session)
No persistence to disk - when RAM is freed, data is gone
Fast retrieval: O(1) lookup by email address, no disk I/O latency

Backup & Rotation Mechanism

Backups run on a fixed interval (e.g., every 6 hours) to prevent data loss from unexpected crashes:

Snapshot of current RAM state is taken
Old backup file is immediately overwritten (no append, just replace)
During snapshot, emails older than retention period are excluded
Result: Only fresh emails survive the rotation cycle

Example: Free plan = 1h retention. Backup runs every 6h. Emails older than 1h don't make it into the new backup.

Deletion Process

Manual deletion by user:

Frontend calls DELETE /api/emails/[slug]
API removes email metadata from Firestore
API sends delete command to backend mail server
Backend purges mailbox from RAM immediately
No traces left - email prefix becomes available for reuse

Automatic expiration:

Firestore TTL (Time-To-Live) policy removes expired email metadata
Backend backup cycle excludes expired messages (they don't get written to new backup)
RAM is eventually freed when mail server garbage collection runs

What Happens on Server Restart?

If the mail server crashes or restarts, RAM is wiped. We load the last backup (which only contains non-expired emails). This means:

Max data loss = time since last backup (e.g., 6 hours)
Old/expired emails are never restored (intentional feature)
System recovers quickly since backups are small (only fresh data)

Tech Stack Summary

Frontend: Next.js 14 (App Router), React, TypeScript

Backend: Next.js API Routes, Node.js

Mail Server: Custom backend with IMAP/POP3 (RAM-based storage)

Database: Firebase Firestore (metadata only)

Auth: Firebase Authentication

Hosting: Vercel (frontend), custom VPS (mail server)

💡 TL;DR for fellow engineers: We treat messages as ephemeral streams, not persistent entities. RAM-first architecture with smart backup rotation ensures old data naturally ages out without manual cleanup jobs. It's basically a self-cleaning system.

Still Have Questions?

We're happy to explain our system in more detail. Just reach out.

Contact Support