The Gist
Look, this is a joke email service run by one person. We're not Facebook. We don't have the time, energy, or technical skill to build a dystopian surveillance machine. We just want to see what cursed email addresses people come up with. The serious legal stuff is below.
Official Privacy Policy
Effective Date: 29 July 2025
This policy outlines how oiledup.email ("we", "us", "our") collects, uses, and protects your personal information. We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR).
1. Data Controller
The data controller responsible for your personal information is the operator of oiledup.email. For any data protection inquiries, you can contact us at [email protected].
2. Data We Collect
We collect the minimum information necessary to provide the service:
- Email Address: The email address you create on our service. The lawful basis for processing this is the performance of our contract with you (i.e., providing you with an email account).
- Hashed Password: We process your password to create a secure, irreversible hash (using Argon2i) for authentication. We never store your plaintext password.
- Server Access Logs: We automatically log technical data, such as your IP address, when you interact with our services. The lawful basis for this is our legitimate interest in maintaining the security and stability of our systems and for troubleshooting.
3. How We Use Your Data
Your data is used exclusively to:
- Provide, operate, and maintain the email service.
- Authenticate your access to your account.
- Protect our services from fraud, abuse, and security threats.
4. Data Storage and Security
Your data is stored on servers located within the United Kingdom. We take reasonable technical measures to secure your data, including hashing passwords and using encryption in transit (TLS). However, no online service can be 100% secure.
5. Data Retention
We retain your personal data for as long as your account is active. Server logs are retained for a limited period (e.g., 30 days) for security analysis and are then automatically deleted.
6. Your Data Protection Rights
Under UK GDPR, you have the following rights:
- The right to access – You can request copies of your personal data.
- The right to rectification – You can request that we correct any information you believe is inaccurate.
- The right to erasure – You can request that we erase your personal data, which will involve closing your account.
- The right to object to processing – You have the right to object to our processing of your personal data under certain conditions.
To exercise these rights, please contact us at [email protected]. For abuse reports, please use [email protected]. We don't have an automated system for this yet, but we'll sort it out.
7. Data Sharing
We do not sell, rent, or share your personal data with third parties for marketing purposes. We will only disclose your information if required to do so by law or in response to a valid legal request from a competent authority.
8. Changes to This Policy
We may update this policy from time to time. We will notify you of any significant changes. Or we might forget. It's probably best to check back here occasionally.