Legal

Privacy Policy

Effective: May 20, 2024 • Last updated: May 21, 2026

This Privacy Policy describes how TempMailKit collects, uses, and shares information when you visit tempmailkit.com, and explains your rights in relation to that information. We have written this policy in plain English because we think you deserve to understand exactly what happens to your data.

1. Who We Are

TempMailKit (“we”, “us”, or “our”) operates the website tempmailkit.com (the “Service”), a free disposable email service. The Service is designed to let you receive email messages at a temporary address without creating an account or providing any personally identifying information.

For privacy enquiries, you may contact us at tempmailkit@gmail.com.

2. Information We Collect

2.1 Information You Provide Directly

If you use our contact form, we collect the information you voluntarily submit: your name, email address, and the content of your message. This information is used solely to respond to your enquiry. We do not use it for marketing, and we do not add you to any mailing list.

2.2 Server Logs (Collected Automatically)

When you visit our website, our web servers and infrastructure providers automatically record certain technical information, including:

  • Your IP address
  • Date and time of your visit
  • Pages and resources you requested
  • HTTP method and response status code
  • Browser type and version (User-Agent string)
  • Operating system
  • The referring URL (the page you came from, if any)

Server logs are retained for up to 30 days for security, abuse prevention, and operational diagnostics. They are not used to build user profiles, and they are not shared with advertisers or data brokers.

2.3 Temporary Email Content

When an email is delivered to a temporary address generated on our Service, the message passes through our mail infrastructure so it can be displayed in your browser. We do not read, analyse, index, or retain email content beyond what is strictly necessary to show it to you during your session. Messages are stored in fast, ephemeral storage (Upstash Redis) with a 10-minute time-to-live (TTL). They are permanently deleted when the TTL expires, when you generate a new address, or when you close your session.

2.4 Cookies and Browser Storage

TempMailKit itself uses session storage (not persistent cookies) to remember your active temporary inbox within a single browser session. Session storage is cleared automatically when you close the browser tab. We do not set persistent first-party tracking cookies.

Our advertising partners (see Section 6 below) may set persistent third-party cookies in your browser. These cookies are controlled by the advertising networks, not by TempMailKit. You can manage or block advertising cookies through your browser’s settings, through a browser extension, or via industry opt-out tools such as:

2.5 Analytics

We use privacy-preserving, aggregated analytics to understand how pages are used in aggregate (e.g., which pages are most visited, how long pages load). Analytics data is anonymised before analysis and is never tied to individual users. We do not use Google Analytics or any cross-site tracking service.

3. Cookie Policy

A cookie is a small text file placed on your device by a website. Below is a breakdown of the cookies and storage technologies used on or associated with this Service:

Name / TypePurposeExpires
tmk_v2 (session storage)Stores your active temporary inbox address so it persists across page navigations within the same browser tab.Tab close
Google AdSense cookiesUsed by Google to serve and measure ads, apply frequency capping, and prevent fraud. May include personalised interest-based advertising where permitted.Up to 13 months (set by Google)
Cloudflare cookiesSecurity and bot-detection tokens set by Cloudflare as part of network protection.Session or short-term

4. Google AdSense and Advertising

TempMailKit is free to use and is funded by display advertising. We use Google AdSense to serve ads on this website. Google AdSense is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

When you visit a page that contains an AdSense ad unit, Google may:

  • Set cookies in your browser to recognise your device across visits
  • Use your IP address to determine your approximate location
  • Use your browsing history and interests (if you are signed in to a Google account or have permitted personalised ads) to show you relevant advertisements
  • Collect data about ad impressions, clicks, and viewability to measure ad performance and detect invalid traffic

Google’s use of advertising cookies enables it and its partners to serve ads based on your visit to this site and other sites on the internet. You can opt out of personalised advertising by visiting Google Ad Settings or by visiting www.aboutads.info.

For more information about how Google uses data collected through its advertising products, please review How Google uses data when you use our partners’ sites or apps.

Important: TempMailKit does not share your email content, temporary addresses, or any personal information with Google AdSense or any other advertiser. Advertising is contextual or general-interest. We do not build profiles based on what emails you receive.

5. How We Use Your Information

We use the information we collect for the following purposes only:

  • To operate and maintain the Service (mail delivery, inbox generation, session management)
  • To respond to messages submitted through our contact form
  • To investigate suspected abuse, security incidents, or violations of our Terms of Service
  • To comply with applicable legal obligations and respond to valid legal requests
  • To monitor and improve the performance, reliability, and security of the Service
  • To serve contextual display advertising through Google AdSense

We do not use your information for marketing, profiling, lead generation, or any purpose not listed above. We do not sell, rent, or trade personal data.

6. How We Share Information

We do not sell your personal information to any third party. We share information only in the following limited circumstances:

6.1 Infrastructure and Service Providers

We rely on the following third-party infrastructure providers:

  • Cloudflare, Inc., DNS, CDN, DDoS protection, email routing, and worker execution. Cloudflare processes network requests on our behalf and is subject to its own Privacy Policy.
  • Upstash, Inc., Serverless Redis database used to store temporary email messages during your session. Data is stored with a short TTL and deleted automatically. See Upstash’s Privacy Policy.
  • Vercel, Inc., Hosting and serverless function execution for the Next.js application. See Vercel’s Privacy Policy.
  • Google LLC, Advertising services via Google AdSense. See Google’s Privacy Policy.

Each of these providers is bound by contractual obligations to protect the data they process on our behalf and to use it only for the purposes we specify.

6.2 Legal Requirements

We may disclose information to law enforcement, courts, or other authorities if required by applicable law, court order, or binding legal process. Where legally permitted, we will notify you of any such request.

6.3 Business Transfers

In the event of a merger, acquisition, or sale of substantially all of our assets, user information may be transferred to the acquiring entity. We will notify you by posting a notice on this page before any such transfer takes effect.

7. Email Content and Confidentiality

TempMailKit is a pass-through service. Email messages are routed from the sender’s mail server to our infrastructure, stored briefly, and displayed in your browser. We do not read, scan (beyond basic spam filtering), index, or retain the content of messages for any purpose.

Because TempMailKit is a public temporary service, you should never use it to receive sensitive or confidential information, such as passwords, financial details, medical records, or personally identifying documents. The purpose of the Service is to avoid spam and protect your real email address, not to serve as a secure or private communications channel.

Anyone who knows your current temporary address can send email to it. We recommend generating a new address if you believe your current one has been shared or guessed.

8. Data Retention

We retain different categories of information for different periods:

  • Temporary email messages: Deleted after 10 minutes (TTL) or on new-address generation, whichever comes first.
  • Server access logs: Retained for up to 30 days, then automatically deleted.
  • Contact form submissions: Retained for up to 90 days after your enquiry is resolved, then deleted.
  • Aggregated analytics data: Retained indefinitely in anonymised, non-identifiable form.
  • Advertising data (Google): Governed by Google’s data retention policies as described in their Privacy Policy.

9. Children’s Privacy

TempMailKit is not directed to children under the age of 13 (or 16 in certain jurisdictions within the European Economic Area). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided personal information to us, please contact us at tempmailkit@gmail.com and we will delete it promptly.

10. Your Rights Under GDPR (EEA and UK Users)

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) or equivalent UK law:

  • Right of access: You may request a copy of the personal data we hold about you.
  • Right to rectification: You may request correction of inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”): You may request deletion of your personal data where there is no compelling reason for us to continue processing it.
  • Right to restriction of processing: You may request that we limit how we use your data in certain circumstances.
  • Right to data portability: You may request your data in a structured, machine-readable format.
  • Right to object: You may object to processing of your data based on legitimate interests or for direct marketing.
  • Rights related to automated decision-making: You have the right not to be subject to solely automated decisions that significantly affect you. We do not make any such decisions.

Our legal bases for processing personal data are: (a) legitimate interests, operating the Service, maintaining security, and investigating abuse; (b) consent, displaying interest-based advertising where applicable (withdrawable at any time via your browser or ad settings); (c) legal obligation, retaining or disclosing data as required by law; and (d) contract performance, responding to enquiries you have sent us.

To exercise any of these rights, contact us at tempmailkit@gmail.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

11. Your Rights Under CCPA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:

  • Right to know: You may request disclosure of the categories of personal information we have collected about you, the purposes for collection, and the categories of third parties with whom we share it.
  • Right to delete: You may request deletion of personal information we have collected, subject to certain exceptions.
  • Right to opt out of sale: We do not sell personal information as defined by the CCPA. You do not need to take any action to opt out.
  • Right to non-discrimination: We will not discriminate against you for exercising your CCPA rights.

To submit a CCPA request, contact us at tempmailkit@gmail.com. We will respond within 45 days as required by law.

Categories of personal information we collect (as defined by CCPA): identifiers (IP address); internet or electronic network activity (server logs, page views). We do not collect geolocation data, financial information, biometric data, or health information.

12. Third-Party Links and Services

Our website may contain links to third-party websites, including links within blog posts to external resources, and links within this Privacy Policy to the privacy policies of our infrastructure providers. We are not responsible for the privacy practices of those websites. We encourage you to read the privacy policies of any third-party sites you visit.

In addition, email messages you receive through TempMailKit may contain links to external websites. We have no control over those websites and are not responsible for their content or privacy practices. Exercise caution before clicking links in unsolicited email.

13. Security Measures

We implement appropriate technical and organisational measures to protect your information against unauthorised access, disclosure, alteration, and destruction. These measures include:

  • TLS/HTTPS encryption for all data in transit between your browser and our servers
  • TLS encryption for email routing between mail servers where supported
  • Automatic deletion of temporary email data (10-minute TTL)
  • Restricted access to server infrastructure and databases
  • DDoS protection and bot mitigation via Cloudflare
  • Regular review of access controls and third-party vendor security practices

No method of internet transmission or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. If you discover a security vulnerability in our Service, please disclose it responsibly to tempmailkit@gmail.com.

14. International Data Transfers

TempMailKit is operated from and our infrastructure is primarily located in the United States, European Union, and other regions where our service providers maintain data centres. If you are accessing our Service from outside these regions, your information may be transferred to and processed in jurisdictions with different data protection laws than those of your country of residence.

Where we transfer personal data from the EEA or UK to third countries, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or the adequacy decisions of the European Commission. Our infrastructure providers (Cloudflare, Upstash, Vercel, Google) have established GDPR compliance programmes and data processing agreements.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the features of our Service. When we make material changes, we will update the “Last updated” date at the top of this page. For significant changes, we may also add a notice on our homepage.

Continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the revised policy. We recommend reviewing this page periodically. Archived versions of this policy are available on request.

16. Contact Us

For any privacy-related questions, data subject requests, or concerns about our data handling practices, please contact us:

TempMailKit

Privacy enquiries: tempmailkit@gmail.com

General support: tempmailkit@gmail.com

Legal enquiries: tempmailkit@gmail.com

Contact form: tempmailkit.com/contact

We aim to respond to all privacy-related requests within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your country.