Make a GDPR data request

MailOver supports your GDPR rights to access, export, and erase your data. You can handle most of it yourself from Settings with one-click export and account deletion, or email [email protected] for a formal request. Storage is zero-access encrypted, so deleting your account also removes any ability for MailOver to read what it held.

Your rights under GDPR

If you are in the EU or the UK, GDPR gives you clear rights over your personal data, and MailOver is built to honour them. The ones that matter most day to day:

Handle it yourself from Settings

You do not have to wait on anyone for the two most common requests. To exercise access and portability, run a one-click export and you get everything as a JSON file. See Export your data. To exercise erasure, delete your account from Settings. That schedules removal and stays reversible for about 30 days before it becomes permanent. See Delete your account and data. Export is instant, and both are free.

Zero-access encryption

Your email content and the tokens that connect your accounts are encrypted with AES-256-GCM using a key derived for your account alone, before any of it is stored. We describe this as zero-access because we cannot read your mail. It is also why deletion is so clean: once your account is gone, the encrypted data has no path back to plain text. This is the privacy-by-design and security backbone behind Articles 25 and 32.

EU contract withdrawal

EU customers also have a statutory right to withdraw from a contract, sometimes called the Widerruf right. If that applies to your purchase, email us and we will help you exercise it.

Making a formal request

If you need something the in-app tools do not cover, or you want a formal record of your request, email [email protected]. Tell us what you are asking for, whether that is access, a copy of your data, erasure, or a withdrawal, and a real person will handle it.

Related articles

Still stuck? A real person will help. Email support →