Our mission
Every week another email provider either ships an AI model that reads your mail to "help you write better", or leaks 600 million addresses to an ad network, or starts scanning your attachments for "brand safety". We don't think that's a reasonable trade for a mailbox.
Tacitus Mail exists to give people — especially European people — a single private hub for the communication they do every day: email, chat, calls, meetings. Not four different subscriptions to four different American surveillance products. One account, one server, one jurisdiction.
We don't mine your inbox. We don't train AI on your mail. We don't sell your data. We don't serve ads. These are not promises we make for marketing — they are baked into the way we built the service and the company that runs it.
Principles we refuse to compromise on
1. No ads, anywhere, ever
The revenue model is a subscription. If a plan can't pay for a user, the user doesn't get surveilled to make up the difference — the plan gets priced correctly. There is no ad slot in the inbox, no sponsored placement in the sidebar, no tracked unsubscribe link injected into your outbound mail.
2. No AI training on your data
Your mail, chat, calendar, notes and contacts are not used to train language models. Not ours, not anyone else's. We don't ship a "smart compose" button that reads your past correspondence to finish your sentences. If we want to build such a feature, we will build it on top of a model that runs on your device.
3. No tracking in the web client
Our web UI loads zero third-party JavaScript SDKs. No Google Analytics, no Facebook Pixel, no Segment, no Hotjar, no session replay. We look at aggregate server logs to spot bugs and that's it.
4. Hosted in the European Union
Every byte of your data lives on servers physically located in the EU and governed by EU law. We do not replicate private mail to US clouds for "resilience" or "caching" or any other euphemism. If the server goes down, we fix the server.
5. Open about what we are and aren't
We don't market PGP keypairs we don't generate. We don't claim "zero-knowledge" when we store mail bodies server-side so IMAP sync works across devices. The security page spells out exactly what the cryptography in the product actually does — and where standard server-side mail hosting has to trust the operator.
What the product is today
One account on tacitusmail.com gives you:
- A full-featured webmail with a unified inbox across your
@tacitusmail.comaddress and any number of Gmail, Outlook, iCloud, Yahoo, Proton Bridge, Zoho, Fastmail, GMX, Yandex or AOL mailboxes you add. - End-to-end encrypted 1:1 chat between Tacitus users, backed by the Olm double-ratchet. Our server only sees ciphertext.
- WebRTC audio and video calls, peer-to-peer with DTLS-SRTP. Media never touches our servers.
- Built-in calendar (CalDAV), notes and contacts that cross-reference with the unified inbox.
- Pro-grade anti-spam via Rspamd + Spamhaus + SURBL + URIBL + Bayesian + neural network scoring. ClamAV scans every outbound attachment.
- A native iOS app with CallKit, APNs push notifications and an offline chat cache. The web client works on everything else.
- A customisable UI: ten muted sidebar accents (forest, midnight, bordeaux, amethyst, onyx, champagne, espresso, lagoon, rose noir, slate) and ten subtle background patterns.
Who runs it
Tacitus Mail is built and operated by a small, hands-on team in Europe. We do our own deployment, our own on-call, our own user support. If you email [email protected] you talk to the people who wrote the code.
This is deliberate. We don't want to grow into a 500-person company that outsources support to a ticketing system and an LLM. We'd rather stay small, stay close to the product, and keep every customer's trust we earn.
Get in touch
- General & support: [email protected]
- Security & responsible disclosure: [email protected]
- Abuse reports: [email protected]
- Press & partnerships: [email protected]