Private Email Provider Privacy Grades

Standard email is not private — Gmail, Outlook, and Yahoo scan your inbox for advertising signals. Privacy-focused email providers promise to change that, typically through end-to-end encryption, minimal metadata collection, and a subscription model that removes the incentive to monetise your data. All three providers in this category use encryption and are subscription-funded, but they differ on jurisdiction, audit practices, and what metadata is retained.

#	Company	Grade	Score	In plain English
1	Tuta	A	91/100	Tuta is a German E2E-encrypted email service that genuinely can't read your emails, stores all data …Tuta is a German E2E-encrypted email service that genuinely can't read your emails, stores all data in ISO 27001-certified German data centres, uses no cookies and no third-party analytics, and has a policy short enough to actually read — the main caveats are that some metadata (sender/recipient addresses, timestamps) is stored unencrypted, and campaign tracking via hashed connection data is present.	→
2	Proton	A	88/100	Proton collects as little as technically possible, can't read your encrypted content even if asked, …Proton collects as little as technically possible, can't read your encrypted content even if asked, is governed by strict Swiss law, and gives you real control — the rare case where the privacy policy matches the privacy pitch.	→
3	Fastmail	B+	79/100	Fastmail is a paid email provider that doesn't sell your data or serve ads, has clear retention peri…Fastmail is a paid email provider that doesn't sell your data or serve ads, has clear retention periods and a transparency report — but unlike Proton, staff can technically access your emails, data moves through US and Indian infrastructure, and IP logs are kept for a year.	→