Security & Encryption

How StayPrivate Keeps Your Information Safe

You retain sole ownership of your data

With StayPrivate, your information is yours and yours only. StayPrivate provides you with a safe place online where you can be confident that your data is secure and only available to you on whatever device you use. No tracking. No adverts. No data mining. No small print. No tricks.

Military-grade point-to-point encryption

Point-to-point encrytion via dynamically generated keys ensures that (unlike end-to-end encryption) your data is protected even if you lose your password or PIN. We employ multi-layer, military-grade AES256 encryption and only the most secure asymmetric encryption algorithms for key exchange (TLS/SSL).

Email protection and anti-phishing measures

We operate a strict email whitelist. All new email domains are subject to tight volume limits until they have been activtely verified by our team of security specialists. This prevents phishing campaigns and eliminates spam.

Every email is organized into a private channel based on the identities of sender and recipients. All emails, files, data and activities are tracked and stored transparently in the channel history and emails from new contacts explicitly identified as such, making it easy for you to keep track of your conversations and avoid fraud.

We enforce multi-factor authentication for all users, protecting both you and your contacts.

Data security

StayPrivate servers are monitored 24/7 and protected by enterprise-grade cyber-security infrastructure including firewalls, anti-virus and AI monitoring systems.

StayPrivate operates resilient architecture with triple geographic redundancy, best practice security and operational controls, matching or exceeding ISO27001 data security standards.

Legal protection

Data storage is exclusively in the most legally robust, privacy-friendly jurisdictions (primarily the UK). We do not allow mass surveillance and there are no back doors. But, of course, we abide by the law and will comply with legitimate data access requests from law enforcement agencies in countries where the user has citizenship or is located.

We make use of Amazon Web Services (AWS) infrastructure but AWS has no access to your data. All data is encrypted at all times and AWS has no access to any keys or any part of the dynamic key generation processes.