Privacy Policy

Last updated: May 29, 2026

Pop3.io is built for people who want their domain email in one place. This policy explains what we collect, how we use it, and how we protect sensitive information such as your mail server credentials.

Data we collect

We collect only what is needed to run your account and unified inbox:

• Account information — your Pop3.io email address and a one-way bcrypt hash of your login password (we never store your login password in plain text).
• Mail server credentials — POP3, IMAP, and SMTP hostnames, ports, usernames, and passwords that you provide for each identity, plus TLS/SSL preferences and mailbox names where applicable.
• Email data — messages, headers, and attachments downloaded from your mail servers into your Pop3.io account, along with metadata such as senders, recipients, subjects, and dates.
• App data — folder and identity settings, filter rules, HTML signatures, drafts, templates, and interface preferences you configure in the app.
• Billing information — if you subscribe to a paid plan, payment and subscription details are handled by Stripe. We do not store full credit card numbers on our servers.
• Support communications — messages you send us through help or support channels.
• Technical logs — limited server and security logs (such as IP address, request timestamps, and error records) used to keep the service reliable and secure.

How we use your data

We use your information to provide, maintain, and improve Pop3.io:

• Fetching mail from your POP3/IMAP servers and sending mail through your SMTP servers.
• Displaying, organizing, searching, and filtering mail within your account.
• Processing subscriptions, add-ons, and account administration.
• Responding to support requests and protecting against abuse or unauthorized access.

We do not sell your account data, inbox contents, or mail server credentials to unrelated third parties. This policy may be updated if our practices change in material ways.

How we protect mail server credentials

Your POP3, IMAP, and SMTP credentials are stored in our database so the service can connect to your mail providers on your behalf. We treat them as highly sensitive:

• Credentials are used only to fetch or send mail for your account—they are not sold or shared with unrelated third parties.
• After you save them, passwords are not shown again in the interface; you may replace them by entering a new password in identity settings.
• Connections from Pop3.io to your mail servers use TLS/SSL when you enable secure connection settings (recommended for POP3 port 995, IMAP port 993, and typical SMTP submission ports).
• All traffic between your browser and Pop3.io is served over HTTPS.
• Access to stored credentials is limited to the automated processes that operate your account within our infrastructure.

Questions

If you have questions about this policy or your data, contact us through Help & support in Settings after you log in.

← Back to Pop3.io