Tutanota was founded in 2011 with a very clear vision: Bring privacy to the world.
Every step we take as a company must stand up to this criterion: Are we protecting your privacy to the maximum? In the short run this makes building our product more complex as we can’t take any short-cuts. Your privacy and security are paramount. This focus has led to work-intensive development decisions such as building our own push notification system on Android instead of simply using Google Push.
In the long run, though, this strategy pays off. We are well respected as the best secure email service that focuses on privacy 100%, comes with zero tracking, and encrypts the most data. For example, Tutanota also encrypts email subject lines and calendar event reminders – this high level of security is unrivaled by any of our competitors.
We never choose the easy way out or the most profitable way if that means compromising your privacy or security. And we’re not pressured to do so, because we’re not beholden to any VCs or to shareholders outside the team.
Our goal with Tutanota is to make security and privacy easily accessible to everyone. That's why we strongly focus on usability and convenience. The entire encryption process runs in the background, and you can use Tutanota as easily as any email service.
With Tutanota you have absolute certainty that you will never pay with your data.
Since its foundation in 2011 in Hanover, Germany, our goal is to offer the world a secure and private alternative to insecure online services. Today, Tutanota is the world’s most secure email and calendar service. Tomorrow Tutanota will be the private replacement for Big Tech with email, calendar, drive and more online collaboration tools – everything securely encrypted.
We are registered as Tutao GmbH, but the brand name Tutanota was chosen as a word-play derived from Latin, with the words "tuta" and "nota" meaning "secure message".
Our founders, Arne and Matthias, have been friends since they were doing their undergrad studies in computer science and were often discussing more secure ways to share information and documents online. Their ideas eventually coalesced around fighting mass surveillance by building the world’s first end-to-end encrypted email service. Both of them have a long track record of fighting for data independence and privacy rights. Arne and Matthias own the company, without relying on VC funding, so we don’t need to prioritize making profits for shareholders at the expense of our users’ best interests, like other companies often do.
Our team grew by attracting more and more awesome people who shared the same goal of a better internet. Our vision for the future internet is that privacy will be the default!
In August 2018, Tutanota became the first email service provider to release its Android app on F-Droid, removing all dependencies on Google. Instead of Google Push, our Android app uses its own notification service to not leak any data to Big Tech. Our apps also support search on encrypted data, two-factor authentication – including U2F with a hardware token – as well as biometric and pin unlock.
We’ve since launched the first zero-knowledge calendar and our biggest goals for the future are to also be the first email service to secure all data with quantum-safe encryption and Perfect Forward Secrecy.
At Tutanota, we believe that business models based on data collection and exploitation must be stopped. We fight for a different internet. One where privacy by design is the foundation. Our mission is to fight for our right to privacy, helping protect journalists, whistleblowers and human rights activists around the world as well as making the internet a better place for everyone.
Unparalleled security and privacy, as well as our ethics and the most competitive pricing of any end-to-end (E2E) encrypted email make Tutanota the best email service all-around. Privacy & security must not be add-ons that a company tries to integrate into an existing service, but the foundation on which the service is built from the start.
With Tutanota, you get the biggest bang for your buck, with the most features included with a free account and the lowest price points for paid accounts. We don’t collect and share your data. We never serve you ads or try to guide your app usage in a way that would serve us. We provide more thorough encryption than any other provider. Our business accounts are easy to migrate to and include more security features than any other email or calendar service. We don’t rely on integrations with any Google services. All our apps are easy to use, with the experience designed around users’ needs, not with the intent to encourage or discourage usage behaviors based on maximizing the company’s growth.
Still not sure? Find out more about how Tutanota compares to other email services, including one-on-one comparisons for each criteria you might consider when making a choice.
Tutanota was the world's first end-to-end encrypted email provider and, to this day, it is the email service that encrypts more data than any other.
Our encryption protocol enables us to not only encrypt emails, but also features that we add to Tutanota as the product evolves such as contacts, calendars and drive. Plus, we can easily upgrade to post-quantum algorithms and enable Perfect Forward Secrecy.
Tutanota's servers only store the encrypted data, and the decryption key is only available to the user. This ensures that even if your internet connection was intercepted or in the extremely unlikely scenario that someone were to hack our servers, your data would remain secure. Because your data is stored encrypted on the servers, we use an encrypted search index that you store locally, to enable you to search through your mailbox locally while protecting your privacy.
We do not support IMAP as it would only work if we sent decrypted data to your device. Instead we have built our own open source desktop clients, which store your data encrypted. The desktop clients are also signed so that everyone can verify that the client is running exactly the same code as the code we published on GitHub.
To decrypt your data, you simply login to your secure email address with your password, that’s it. You can easily login via a web browser, via the Tutanota apps for Android and iOS, or via the Tutanota desktop clients for Windows, macOS and Linux.
Tutanota automatically encrypts all emails sent between Tutanota users end-to-end encrypted, giving you the highest security for emails possible. Even when you’re sending emails to recipients who do not use Tutanota, you still have the option to send them end-to-end encrypted with a shared password. You only need to choose a password for a recipient once, without having to set a password for each email that you send to the same contact.
Your Tutanota account also includes the world’s first zero-knowledge, end-to-end encrypted calendar. All the data, including event participants and other details, are E2E (end-to-end) encrypted. Event reminders are handled locally to make sure our servers are not involved so we don’t even know when your events are taking place.
The most secure calendar helps you protect your private information or confidential details about business meetings. All our paid plans allow you to create an unlimited number of calendars, send calendar invites to anyone and share entire encrypted calendars with other Tutanota users.
Find out more about the types of data we encrypt and how.
With end-to-end encryption, two-factor authentication, open source code, and our zero-knowledge architecture we ensure that your data is secure and private, whether you use Tutanota as your business email of choice or as a private user.
Tutanota encrypts all data by default: Email, calendars, contacts. The end-to-end encryption provided by Tutanota ensures that your data is secure and private, even if it falls into the wrong hands.
We follow the concept of “security first”. Security must be baked into the code so that you can easily add usability on top of that - not the other way around. All our tech stack is either developed in-house, even our captcha and our push notification service for Android, and the few third-party integrations that we do use are open source, so everyone - as well as ourselves - can verify that your data is secured to the maximum.
Our servers only store encrypted data, which we – as the provider – are unable to decrypt. Additionally, we own our servers, hosted in ISO 27001 certified data centers in Germany, a country with some of the strictest privacy protection laws in the world. No one has access to our servers except our permanent administrators, who need to pass multiple-factor-authentication before gaining access. All productive systems are monitored 24/7 for unauthorized access and extraordinary activity.
We enable you to protect your password to the maximum extent by providing two-factor authentication (2FA) for an extra layer of security. To secure your login credentials, you can use TOTP or U2F. The best option is using U2F with a hardware security key. Tutanota never transmits your password to the server, but only sends a hash. Tutanota also enables you to monitor and close sessions remotely (for example if you lose your phone but are still signed in), as an opt-in feature. Closed sessions are automatically deleted after one week. IP addresses of open and closed sessions are always stored encrypted and can only be checked by the user. By default, Tutanota does not log IP addresses when you login or when you send an email.
Other privacy and security features of Tutanota include: stripping the IP addresses of emails sent from the mail headers so that your location remains unknown, blocking images or any other external content from loading by default, and warning you when the technical sender differs from the from sender.
Find out more about everything that makes Tutanota the most secure email service.
All our email clients are open source since 2014. And while other email providers rely on closed-source services for captcha, push notifications, desktop clients and analytics, we’ve built our own solutions for these tasks, making Tutanota the best open source email service all-around and the first email provider to release the Android app on F-Droid.
Before the public release, all our apps have been audited by independent security experts. Nevertheless, we feel open source is crucial for any security application as everyone must have the opportunity to look at the code and check that we can’t hide any backdoors. Being open source also means that any possible flaws will be quickly detected and fixed, faster and more efficiently than with closed-source services.
Additionally, open source Tutanota apps enable other projects like F-Droid to build the Tutanota app themselves making the need to trust us redundant.
Our team is made up of open source enthusiasts and we want to give back to the community, by offering premium Tutanota features for free to non-commercial open source project teams.
Our focus on open source and encryption combined with our deep respect for your right to privacy, make Tutanota the best secure email service. Find out more about our commitment to open source software.
Respect for our users’ privacy is at the core of Tutanota. We only collect as little data as possible to provide the email and calendar service, and all your data is stored encrypted on our servers. We only release individual mailboxes if presented with a valid German court order for this particular mailbox.
While German law does not allow gag orders, we want to give you peace of mind by publishing a warrant canary in our Transparency report.
From sustainability, to a fair and transparent salary model, to our fight for privacy, our mission is to make the web a better place. This is why all our servers are powered by 100% renewable energy. Additionally, even our offices' electricity comes from a renewable energy provider that actively invests into building new facilities for producing renewable energy.
Just as it is crucial for us to protect your privacy and security, it’s equally important to protect our environment, now and in the future. We want the most secure email service to also be the most ethical option as well as the easiest to use, so that more people choose to protect their data and the environment at the same time.
Find out more about our sustainability journey.
Our Community is the most amazing thing about Tutanota! We are deeply thankful for your amazing support: You have enabled us to maintain our independence and ethics without having to rely on venture capital funding and be beholden to that type of investors. At the same time, our paying subscribers are helping us release more features in shorter time frames and keep the basic service available for free for everyone with no compromise on security.
But upgrading to a paid plan is not the only way to support our mission: For those who don’t want to or can’t afford to pay for Tutanota, but love our free service, they can still contribute with feedback, code reviews and translations, and we are immensely grateful to all of them!
Even if you’re just spreading the word about Tutanota and the importance of end-to-end encryption and data privacy, you’re already helping make the internet a better place. But if you want to do more, check out our Community page!