Security
Last updated: July 2026
Infrastructure providers
Every layer of uff.email is built on infrastructure we trust. Here's the full stack:
Isolation
Agent instances on OVH are fully isolated. Each user gets their own container with dedicated storage and memory. There is no shared state, no shared database, and no path for data to leak between instances. Think of it as a single-tenant architecture — every agent is a silo.
We don't look at your data
As a service provider, we do not read, analyze, monitor, or access the contents of user agent instances. Not for debugging, not for training, not for "product improvement." Your agent's memory, prompts, and email contents are yours alone.
Admin capabilities
As the service operator, we are strictly limited to infrastructure-level actions. We can:
- Pause / start an instance
- Stop / restart an instance
- Archive an instance (for cancellations)
- Remove an instance (after archive period)
We cannot read your prompts, browse your agent's memory, access your emails, or view any user-level data. The agent runs on your behalf, and the boundary is hardware-level.
Encryption
All email transport uses enforced TLS via Mailu. Agent storage on OVH is encrypted at rest. API calls to OpenRouter are transmitted over HTTPS.
Report an issue
If you find a security vulnerability or have concerns, contact us at support@uff.email.