Privacy by design
digitaleu.me exists to help people move away from surveillance-heavy technology. Our product choices follow the same principle: collect less, store less, and make the safest path the default.
Last updated: 2026-07-09
digitaleu.me is a European migration portal that helps users discover accounts linked to Big Tech services and move toward privacy-respecting European alternatives. For privacy questions, contact info@digitaleu.me.
The inbox scanner is designed so your email content stays in your browser. OAuth is used only to let your browser access the metadata needed to detect sender domains. We do not receive email bodies, attachments, or full message lists.
In Guest Mode, scan results and OAuth tokens live only in your browser session. Closing the tab or clearing browser storage removes them. If you create an account and save results, we store scan metadata (detected service names and counts) in Supabase — hosted in Stockholm, Sweden (EU/EEA). We never store your email content.
If you choose Profile Mode, migration progress is encrypted client-side before it is saved to Supabase. Keys are derived in your browser using the Web Crypto API and your chosen secret; the key never leaves your device. Supabase receives ciphertext, not readable profile data.
This means we cannot recover your encrypted profile data if you lose the secret. That is an intentional zero-knowledge tradeoff: no backdoor for us means less risk for you.
Paid toolkit access is processed by Mollie (Netherlands, EU) for card and bank payments, and optionally BTCPay Server (self-hosted in Iceland, EEA) for cryptocurrency payments. We never store or process credit card numbers on our servers. Payment providers handle card data and authentication. We only receive the minimum payment status information needed to unlock the product, issue support, and satisfy accounting obligations.
Account and entitlement data is stored in Supabase (Stockholm, Sweden, EU/EEA).
We use Plausible Analytics only when you grant consent in the cookieless consent banner. Plausible is privacy-friendly, EU-based, and uses no tracking cookies. If you decline, the analytics script is not loaded on this device.
Plausible gives us aggregate product signals such as page views and referrers. It does not create personal advertising profiles, track you across websites, or sell data.
If you use the optional breach-check feature, your email is checked against Have I Been Pwned (HIBP) using k-anonymity — only a partial hash of your email is sent, and HIBP never receives your full address. This is a US-based/global security service; no EU adequacy decision applies, but no full personal data leaves your device. Results are shown only in your browser and are not stored by us.
The DigitalEU extension is local-first. It stores the migration target email and account queue in browser storage and uses bundled playbooks to help you change email addresses on supported services. It does not send browsing history, passwords, or account activity to our backend.
Extension–website communication: The extension communicates with digitaleu.me exclusively via the browser's window.postMessage API. This is a local, in-browser channel — no data is transmitted to any third-party server as part of this communication. The only data exchanged is the migration target email address and account queue that you have explicitly entered.
Gmail access (inbox scanner): If you connect Gmail, the extension itself does not request any Gmail permissions. Gmail access is handled entirely by the digitaleu.me web app using the gmail.metadata OAuth scope, which provides read-only access to email headers (sender domain only). Your email body, attachments, and message content are never accessed. All Gmail API calls are made directly from your browser — the OAuth token and email metadata are never sent to digitaleu.me servers. You can revoke access at any time at myaccount.google.com/permissions.
We process personal data under GDPR legal bases such as consent, contract performance, legal obligations, and legitimate interests for security and service reliability. We retain personal data only as long as needed for the purpose collected. Guest scan data is not retained by us. Encrypted Profile Mode data is retained until you delete it or close your account.
Under GDPR, you may request access, correction, deletion, restriction, portability, or objection to processing of your personal data. You may also withdraw consent where consent is the legal basis. Send requests to info@digitaleu.me.