Introduction
Welcome to inboxOro ("we," "us," or "our") — a free, disposable temporary email service available at inboxoro.com. This Privacy Policy explains what information we collect, why we collect it, how we use it, and your rights in relation to that information.
By accessing or using inboxOro, you agree to the practices described in this Privacy Policy. If you disagree with any part of this policy, please discontinue use of the service.
Plain-language summary: inboxOro is a tool for generating disposable email addresses. We collect minimal data (like your IP address and browser info) to keep the service running and prevent abuse. We don't require registration, and we don't sell your data. Emails received in temporary inboxes are automatically deleted after a short period — however, they are not private.
This policy applies to all users of inboxOro, including visitors who use the temporary email generator without creating an account.
Information We Collect
inboxOro is designed to be used without registration. As a result, we collect very limited personal information. Here is a breakdown of what we may collect and why:
| Data Type | How Collected | Purpose | Category |
|---|---|---|---|
| IP Address | Automatically via your browser | Abuse prevention, rate limiting, server logs | Automatic |
| Browser Type & Version | Automatically via HTTP headers | Compatibility, analytics | Automatic |
| Device & OS Info | Automatically via user-agent | Analytics, responsive design improvements | Automatic |
| Pages Visited & Actions | Google Analytics | Usage patterns, feature improvement | Third-party |
| Temporary Inbox Emails | Sent by third parties to your temp address | Display in the inbox UI | Temporary |
| Referral / Source URL | Automatically via browser | Marketing analytics | Automatic |
What We Do Not Collect
- Full legal names or physical addresses
- Payment or financial information (the service is free)
- Government-issued identification numbers
- Passwords or authentication credentials
- Sensitive personal data (health, biometric, racial or ethnic origin, etc.)
If we introduce registered accounts or API access in the future, we may collect additional information such as an email address or API key. This policy will be updated before any such change goes live.
How We Use Information
We use the information we collect for the following purposes only:
Service Operation
- Generate and serve temporary email addresses to users
- Receive, display, and automatically delete emails in temporary inboxes
- Route emails to the correct temporary mailbox
- Maintain service uptime and infrastructure reliability
Abuse Prevention & Security
- Detect, block, and investigate spam, bot abuse, and fraudulent activity
- Apply rate limiting to prevent overuse or denial-of-service attempts
- Enforce our Terms of Service and Acceptable Use Policy
- Cooperate with law enforcement where legally required
Performance & Improvement
- Analyze aggregate traffic trends to improve service performance
- Understand which features are most valuable to users
- Diagnose and resolve technical bugs and performance bottlenecks
Advertising
- Display ads via Google AdSense to support free access to the service
- Advertising partners may use cookies to serve personalized ads — see Section 7
Legal Basis for Processing (GDPR)
- Legitimate interest — to operate, secure, and improve the service
- Consent — for cookies, analytics, and advertising where required
- Legal obligation — where we are required to comply with applicable laws
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
Temporary Email Disclaimer
Any email sent to an inboxOro temporary address can be read by anyone who knows that email address. There is no password, authentication, or access control protecting your temporary inbox.
Do not use inboxOro to receive: passwords, banking or financial information, medical records, legal documents, personal identification data, or any other sensitive or confidential information.
inboxOro does not guarantee the privacy, confidentiality, or security of any content received in a temporary inbox.
By using this service, you explicitly acknowledge and accept that all temporary inboxes are public and accessible without authentication.
How Temporary Addresses Work
- A unique temporary email address is generated for you instantly — no registration required
- Any email sent to that address appears in the shared public inbox interface
- Anyone who has or guesses the same address can view its contents
- The address and all associated emails are permanently deleted after the expiry period (typically 30–60 minutes)
- Expired inboxes and their contents cannot be recovered under any circumstances
Intended Use Cases
- Receiving verification emails where permitted by the service provider
- Signing up for newsletters or services to avoid inbox clutter
- Verifying email for single-use or testing purposes
- Developer and QA testing of email delivery flows
Remember: inboxOro is a convenience tool, not a secure communication channel. For private email communication, use an encrypted email provider.
Data Retention Policy
We retain different types of data for different lengths of time, depending on purpose and legal obligations.
| Data Type | Retention Period | Deletion Method |
|---|---|---|
| Temporary Inbox Emails | 30–60 minutes | Automatic, permanent, irreversible |
| Server Access Logs (IP, timestamps, HTTP codes) | Up to 30 days | Automatically deleted or anonymized |
| Analytics Data (Google Analytics) | Up to 26 months | Governed by Google's retention policy |
| Abuse / Security Incident Logs | Up to 90 days | Manually reviewed and deleted |
| Legal Hold Data | As required by law | Deleted when legal obligation ends |
Once the retention period expires, data is permanently and irreversibly deleted. We do not archive, sell, or transfer expired data to third parties.
Because inboxOro does not require user registration and stores no accounts, there is typically no user-specific data we can delete on request — it has already been deleted automatically. For any data retention questions, contact us at support@inboxoro.com.
Cookies Policy
inboxOro and its third-party partners use cookies and similar tracking technologies (web beacons, pixel tags) to operate the service and deliver advertising. Here is a clear breakdown:
Managing Your Cookie Preferences
- You can disable cookies through your browser's settings — note that disabling strictly necessary cookies may break core features
- To opt out of Google Analytics: Google Analytics Opt-out Add-on
- To manage Google ad personalization: Google Ad Settings
- For broad opt-out of interest-based advertising: Your Online Choices (EU) or About Ads (US)
Do Not Track (DNT)
Our service does not currently respond to browser Do Not Track signals. We will revise this section if our practice changes.
Third-Party Services
We integrate with the following third-party services. Each has its own privacy policy governing how they handle data:
We use Google Analytics to understand how visitors interact with inboxOro — including which pages are visited, how long sessions last, and where traffic originates. Google Analytics uses cookies to collect this information. Data is aggregated and does not identify individual users.
Google Privacy Policy → Opt Out →inboxOro displays advertisements powered by Google AdSense to keep the service free. AdSense may use cookies to show ads relevant to your interests based on prior visits to this and other websites. We do not have direct control over the specific ads shown by Google.
AdSense Privacy → Opt Out of Personalized Ads →inboxOro relies on SMTP/mail relay infrastructure to receive emails sent to temporary addresses. These providers process email data solely to deliver messages to the correct temporary inbox. They are bound by data processing agreements and may not use your data for independent purposes.
Request Provider Details →Our servers are hosted on third-party cloud platforms (such as AWS, Google Cloud Platform, or similar providers). These providers may have access to infrastructure-level data as part of operating our servers. All hosting providers are subject to appropriate data processing agreements.
Request Hosting Details →We do not share personal information with any third parties beyond what is described above. We never sell data to data brokers or marketing companies.
Security
We implement reasonable technical and organizational measures to protect the data we collect from unauthorized access, disclosure, alteration, or destruction:
- HTTPS encryption — all data transmitted between your browser and our servers is encrypted via TLS/SSL
- Automatic deletion — email content is permanently removed after a short window, reducing exposure risk
- Access controls — server infrastructure is protected by firewalls, key-based authentication, and role-based access
- Rate limiting — protects against brute-force attacks and abuse at the network level
- Regular reviews — periodic security assessments and dependency updates
Despite our infrastructure security measures, the temporary inbox itself is inherently public. Any person who knows or can guess your temporary email address can view your inbox. No amount of technical security can protect a public inbox from authorized or unauthorized viewers.
Never use inboxOro for sensitive communications. No electronic service can guarantee 100% security.
If you discover a security vulnerability in inboxOro, please report it responsibly to support@inboxoro.com. We appreciate responsible disclosure.
Your Responsibility
By using inboxOro, you accept personal responsibility for how you use the service. Your obligations include:
This service is not intended for children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has used this service, please contact us and we will take appropriate action.
Understanding the Public Nature of Inboxes
- You acknowledge that temporary inboxes are publicly accessible to anyone with the address
- You will not use inboxOro to receive confidential, sensitive, or legally protected information
- You understand that inboxOro cannot recover expired inboxes or deleted emails
Acceptable Use
- You will not use inboxOro to engage in spam, phishing, fraud, or harassment
- You will not use inboxOro to circumvent authentication systems in a manner that violates applicable laws
- You will not use inboxOro to receive or distribute illegal content of any kind
- You will not use inboxOro's API (if available) to overload, disrupt, or reverse-engineer our systems
- You will not use automated scripts to generate large numbers of addresses without prior permission
No Account Recovery
Because inboxOro requires no registration, we have no account data to recover. If your temporary address expires, all associated emails are permanently gone. We are not liable for any loss of data resulting from expiry or deletion.
Violations of our Acceptable Use Policy may result in temporary or permanent IP-level blocks from the service. Illegal activity will be reported to the appropriate authorities.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make changes:
- We will update the Effective Date and Last Updated date at the top of this page
- For material changes, we will display a prominent notice on our website homepage or within the service
- Continued use of inboxOro after any change constitutes your acceptance of the updated policy
We encourage you to review this policy periodically. Previous versions are available upon request by emailing support@inboxoro.com.
The most important principle guiding any future changes: we will never start selling your personal data, and we will always give advance notice before introducing any features that collect significantly more personal information than described here.
Your Rights
Depending on your location, you may have the following rights regarding your data:
- Right to access — request a copy of your data
- Right to correction — request correction of inaccurate data
- Right to deletion — request deletion of your data
- Right to restrict processing
- Right to object to data processing
Because inboxOro does not store user accounts and data is automatically deleted, most data cannot be retrieved after expiration.
Contact Information
If you have any questions, concerns, or requests related to this Privacy Policy or how we handle your data, please reach out. We aim to respond to all privacy inquiries within 5 business days and formal data subject requests within 30 calendar days.
This Privacy Policy shall be governed by and interpreted in accordance with the laws of India. Any disputes arising shall be subject to the exclusive jurisdiction of courts located in Kolkata, West Bengal.
If you wish to report abuse, spam, or illegal activity related to this service, please contact us immediately at support@inboxoro.com.
This Privacy Policy was written in plain English intentionally. It is not a substitute for legal advice. If you are building a product on top of inboxOro's API or have complex compliance requirements, we recommend consulting a qualified legal professional.
Limitation of Liability
To the maximum extent permitted by applicable law, inboxOro shall not be liable for any direct, indirect, incidental, consequential, or special damages arising out of or related to:
- Your use or inability to use the service
- Loss of emails due to automatic deletion or expiration
- Unauthorized access to temporary inboxes
- Any reliance on content received via temporary email addresses
- Service interruptions, downtime, or technical failures
We do not warrant that the service will be uninterrupted, error-free, or completely secure.
By using inboxOro, you acknowledge and agree that you use the service at your own risk.