Email Policy

🔒 Gnoppix Encrypted Email Service Policy (V 1.3, Effective Date: December 5, 2025)

**Maintained by Gnoppix **

This document outlines the usage guidelines for the Gnoppix encrypted email service provided to Gnoppix community members or free users using the @gnoppix.me domain. The Gnoppix project itself operates under the domain gnoppix.org.

1. The Gnoppix Promise: Privacy and Security

The Gnoppix email service is designed around maximum user privacy and data security.

Post-Quantum Encryption: All stored emails are secured using state-of-the-art post-quantum encryption standards.
Zero Knowledge: The Gnoppix project does not have access to any post-quantum encryption keys. We have no technical ability to decrypt or read your email content.
Zero Logs: We do not store user IP addresses, email content, or login activity logs. Usernames are stored only for account management purposes but are not linked to usage metrics.

2. Service Scope and Geographical Limitations

Due to emerging changes in international privacy and surveillance laws, particularly concerning data protection and government access in specific regions, we have implemented strict geographical limitations for our infrastructure and service delivery.

Hosting Jurisdiction: For robust legal and data security reasons, all user data and email infrastructure are hosted exclusively in Japan, Iceland, and Norway.
EU/Switzerland Exclusion: For legal and compliance reasons, we do not serve users located in the European Union (EU) or Switzerland. If you are accessing this service from any of these jurisdictions, you are in violation of this policy and your account may be subject to immediate closure.

3. Service Limitations and Account Management (Free Tier)

This is a free community service, and its availability and terms are subject to technical and community limitations.

Inactive Account Termination: Accounts that show no login activity or email usage for a period of thirty (30) days are considered inactive. These accounts are subject to immediate termination and deletion without notice. You are welcome to register a new account at any time.
User Backup Responsibility: The Gnoppix project does not have the infrastructure resources to back up user data. Users are solely responsible for backing up their own emails and content. Data lost due to inactivity termination, technical failure, or service changes cannot be recovered. We have a general 1 time 1 day backup on the OS level.
Storage Limits: We reserve the right to reduce the free storage limit at any time if our infrastructure capacity is reached or threatened.
Paid Service Option: As a free service, resources are limited. For guaranteed service availability, more generous storage, and dedicated resources, you are always welcome to subscribe to our paid service tier, priced affordably (less than the cost of a cup of coffee monthly).

4. Acceptable Use and Account Abuse

Prohibited Use: Any activity that constitutes a severe abuse of the email service, including but not limited to spamming, phishing, distributing malware, or attempting to compromise the security of the infrastructure, is strictly prohibited.
Automated Abuse Detection and Rate-Limiting: The Gnoppix email infrastructure is protected by an AI-trained automated system that detects and blocks abuse in real-time.
- Zero Tolerance: Even a minimal attempt to bypass or abuse the system’s rate limits will automatically trigger the abuse detection protocols.
- Severe Penalty: If abuse is detected, your account will be immediately disabled and permanently terminated, and the originating source IP address will be permanently blocked from accessing the service. Gnoppix staff have no influence over the decisions made by this automated system.
- Rate Limiting Guideline: We strongly recommend not maintaining more than three (3) active accounts per external IP address to avoid automatic flags and rate-limiting issues.

5. Technical Responsibility and Service Disclaimer

The Gnoppix project provides the technical infrastructure but is not responsible for the content or communications transmitted by its users.

Analogy (Common Carrier): Gnoppix operates like a public utility or telephone company. We provide the encrypted line of communication, but we are not responsible for the words or actions of the users who utilize that line. We do not monitor, filter, or control the content of your communications.
User Liability: You are solely responsible for the content, attachments, and links you send, receive, and store. Any legal consequences resulting from your use of the email service are your exclusive responsibility.

6. Legal Process and Data Requests

Due to our zero-log and zero-knowledge architecture, retrieving user data is technically impossible without user cooperation. We will only review requests for account data if they strictly comply with the following procedures:

Required Documentation: Any request for information regarding a Gnoppix email account must include a valid and binding court order from an official authority in Iceland, Japan, or Norway.
Mandatory Detail: The request must explicitly include the case number and be attached to a formal request email.
Submission: All legal inquiries must be sent to our legal team at: [email protected].
Strict Adherence: Any legal request that does not meet these requirements will be immediately rejected and ignored. We do not respond to informal requests, requests lacking proper legal standing, or requests originating from jurisdictions outside of Iceland, Japan, or Norway.

7. Policy Governance

This policy is subject to periodic review and update to ensure continued alignment with security standards and evolving international legal requirements. Continued use of the service constitutes acceptance of the current policy.

License and Attribution: This Email policy is distributed under the BC-NC-SA-4.0 License.

Original Author: Andreas Mueller, December 5, 2025