We use state-of-the-art technical and organizational security measures to protect your data.</p> <p><strong>On the Technical Side</strong>, we use state-of-the-art cryptography to protect your data. For example:</p> <ul> <li><p>Traffic between the User and our servers is encrypted with TLS, and perfect forward secrecy is applied.</p></li> <li><p>We only store passwords in hashed form on our servers.</p></li> <li><p>Your StartMail inbox and its folders are stored in your own encrypted User Vault. Your User Vault is only opened when you login. Without the account password or a recovery key the vault is inaccessible when it is closed.</p></li> <li><p>When you are logged out of StartMail, your entire inbox is encrypted. When you are logged in, your unencrypted emails are unencrypted, but all of your PGP-encrypted emails are still encrypted unless you open an <a href="https://www.startmail.com/encrypted-email">encrypted email</a> by submitting your PGP-passphrase.</p></li>