Summary: The PRIVA SCORE evaluates the data protection features of email providers. Protonmail, Tutanota and Posteo achieve the highest scores and offer strong data protection measures such as end-to-end encryption and no data sharing with third parties. Providers such as Outlook, iCloud, GMX/Web.de and T-Online offer GDPR compliance, but some data is passed on to third parties. Gmail and Yahoo rank last and should be avoided.
The PRIVA SCORE can receive a maximum of 294 points due to the calculation when evaluating email providers.
As always, the PRIVA SCORE evaluates how well apps/services Data protection features fulfill.
When evaluating email providers Protonmail, Tutanota and Posteo perform best. They have the highest level of data protection (294, 294 and 274 out of a possible 294 points) of the apps compared here. They store and offer End-to-end encryption, give Data not to third parties further, enable anonymous use, the Servers are located in the EU, have a clean business modelthat is not based on the sale of your data. Only Posteo is in contrast to Protonmail and Tutanota not Open-Source.
The midfield (Outlook, iCloud, GMX/Web.de and T-Online) is characterized by Compliance with the GDPR and in the case of German providers, with the use of German servers. However, since there is still some Data outflow to third parties takes place, which is also reflected in the business model, this is not a recommendation.
In keeping with tradition, Google has Gmail, this time together with Yahoo, secured the last place. Here only the partial use European server still be taken into account. Avoid at all costs!!
Explanation of data protection features
End-to-end encryption: This feature ensures that only the sender and recipient can read the contents of the emails. It is crucial to ensure the confidentiality of communications and protect against unauthorized access.
No data transfer to third parties: Email providers should not share personal data with third parties without the user's explicit consent. This is important to protect user privacy and prevent misuse of data.
anonymity: Some providers offer the possibility to create email accounts without providing personal data, which increases the anonymity of users.
Compliance with data protection laws: This privacy feature refers to how well a provider complies with applicable data protection laws and regulations to ensure the privacy and protection of its users' personal data. For European users, this applies to GDPR compliance.
Server location: This refers to the physical location of the servers on which a service's data is stored and processed. This aspect is important because data protection laws and regulations vary from country to country.
Business model: The data protection function business model refers to how a company monetizes its services or products and what impact this has on user data protection. For example, data-based monetization works on the collection and use of user data to generate revenue - for example through personalized advertising. This usually compromises user privacy because extensive data analysis and storage is necessary.
Open-Source: If the source code of an app is openly accessible, this means that the program's compliance with data protection standards can be independently verified.
EN 
DE_DE