Transparency Report

Warranty Canary: No law enforcement agencies have been here. Watch for this statement’s removal or change. (What is a Warrant Canary?)

Zero censorship policy. We do not censor harmful or revealing content about our company. We will publish all negative articles written about us HERE with the writer/researcher’s name, unedited, and any response.

Password Protection: Our users’ passwords are hashed and salted, so we do not know your password, and there is no way for us to reverse the hash/salt process to uncover a user’s password.

Private Key Protection: Your private key is stored on our server. We do not know your password/passphrase, so we can not decrypt your messages. We encourage a strong password. Your password is your passphrase. Currently, we are working on a downloadable version, so users have complete control of their private key.

Company Transparency: CTemplar is registered and validated by Duns and Bradstreet which is the worldwide standard for cataloging lawful business entities. This was required by Apple for us to offer an iOS app and also helps our users see that we are a lawful business entity recognized internationally. Please contact our legal team for information about our DUNS number issued by D&B

Encryption Guarantee / Checksums: We guarantee “Zero-Access” to our user’s data. We make this statement because we support our users performing checksums to monitor our code. An explanation of how it works regarding our website is HERE.

Stronger Email Solutions: Although our work on checksums is a step in the right direction, there are more robust email solutions available. For a stronger email solution, we suggest you visit Whonix’s email page here.

Release History: Our release history summary can be viewed on GitHub.

Governed by Icelandic Law: Icelandic privacy laws are among the strongest in the world. We only acknowledge legal requests that come from Icelandic courts.

Other Legal: If an Icelandic court order is issued, we will provide the encrypted mail contents and all other metadata in our possession of the offending user(s). We will provide users with options to encrypt metadata at a later time. We do not record IP addresses at any time. For the protection of our community, we avoided hosting our services in jurisdictions that require a backdoor into the user’s data.

User Data Access Requests

35 Requests for Users Data

2 Icelandic Court Orders Issued

2 Requests Granted

Disclaimer: We do not protect users against malicious code delivered from browsers, OSs, plugins, mobile ISP providers, running process software, or the AMD/Intel Microprocessor hardware backdoor. We do not protect users from keyloggers that may be installed on their computers.

The CTemplar whitepaper can be found by clicking this link.