Privacy Policy
Last updated: July 16, 2026
Routed Mail is an encrypted email service. This policy describes what data we collect, how the service processes it, and where the encryption boundary sits.
Who we are
Routed Mail is operated by Lee Valentine. Contact: support@routed.org.
Data we collect
Email address and display name
We store your email address as your mailbox identity. You may also provide a display name. We use these details to operate your account and mail service, not for advertising.
Email content
Stored message bodies and attachments are encrypted at rest. Routed transiently processes inbound plaintext to receive and deliver mail, apply spam and user filters, create mailbox metadata such as snippets, and encrypt the result for storage. If you enable an AI feature, plaintext needed for that feature is sent to Cloudflare Workers AI during processing; semantic-search embeddings are stored separately from the original text.
Drive files
We store the files, folder names, and related metadata you place in Routed Drive. File content is encrypted at rest. Routed processes file content when you upload or download it so the service can provide the requested operation.
Your password-derived key is not stored by Routed. Account recovery uses a separately wrapped recovery copy of your mailbox key whose private recovery key is held under an offline operator recovery process. This means "encrypted at rest" does not mean that no server-side processing or recovery path exists.
Device ID and push notification token
When you enable push notifications, we store device details and the push token needed to deliver new-mail alerts. These are linked to your account.
Crash data
If your device submits a crash report through Apple's crash-reporting settings, we may receive it to diagnose stability problems. We do not add advertising or third-party tracking SDKs to the app.
Security and operational data
We record security events such as sign-in, reauthentication, session revocation, and token refresh. These records can include your IP address, user agent, account or device identifier, event time, and limited diagnostic details. Application security audit records are retained for up to 90 days.
How we use your data
- Email address — account creation, login, and email delivery.
- Display name — display in Routed and outgoing mail.
- Email content — mail delivery, user-requested filtering and search, and encrypted storage.
- Drive files — private file storage, folder organization, upload, and download.
- Device ID — device management and push notification delivery.
- Crash data — app stability analysis.
- Security and operational data — abuse prevention, incident investigation, and service reliability.
We do not sell your data or use it for advertising.
Infrastructure providers
Routed runs on Cloudflare infrastructure, including Workers, Durable Objects, D1, R2, Queues, Vectorize, and optional Workers AI. Cloudflare processes data as our infrastructure provider under its data-processing terms.
Data retention and account deletion
Messages remain stored until you delete them or an automatic retention rule applies. Spam is automatically purged after 7 days and Trash after 30 days. Backend cleanup can take up to 24 hours after a message is permanently deleted.
You can schedule account deletion from Mail settings. Scheduling starts a 24-hour grace period during which you can sign in and cancel. After that grace period, Routed permanently destroys the account's mailbox, files, settings, devices, and account records. Backups and provider-level deletion logs may remain for the limited periods required to operate and secure the service.
Security
Data in transit uses TLS. Stored mailbox content is encrypted at rest. No security system eliminates all risk; the processing and recovery boundaries above are part of the service design.
Changes to this policy
We will post changes here and update the date above.
Contact
Questions or privacy requests: support@routed.org