# Email Service Correction - Privacy Policy Update ## CORRECTION APPLIED Email service updated from "self-hosted" to "Greenhost.nl email service" --- ## WHAT CHANGED **Previous statement:** "Email: Self-hosted (no third-party processors)" **Corrected statement:** "Email: Greenhost.nl email service (Netherlands, EU) - same provider as hosting, DPA in place" --- ## WHY THIS IS STILL EXCELLENT FOR PRIVACY Using Greenhost for email is actually ideal: **Single trusted provider:** - Both hosting AND email from same provider - Simplifies data processing agreements - Single point of trust - Easier compliance management **Still privacy-focused:** - Greenhost is a privacy-focused provider - Committed to internet freedom - EU-based (Netherlands) - GDPR compliant - Not a commercial email service like SendGrid, Mailgun, etc. **Key distinction:** - NOT using separate third-party email service - NOT using surveillance-based email providers - Email infrastructure managed by same trusted provider as hosting --- ## FILES UPDATED ### 1. Condensed Policy **File:** timebank-privacy-policy-CONDENSED.md **Section:** 6.4 Service Providers **Character count:** 6,644 (still under 10,000) ### 2. Full Policy **File:** timebank-privacy-policy.md **Section:** 6.4 Service Providers **Added detail about email service being provided by Greenhost** ### 3. Quick Reference **File:** policy-quick-reference.md **Updated:** - Service Providers table - Privacy Highlights section - Comparison table --- ## PRIVACY ASSESSMENT **Before (thought self-hosted):** Privacy Score: 10/10 **After (Greenhost email):** Privacy Score: 10/10 (maintained) **Why score maintained:** - Greenhost is privacy-focused provider - Same trusted provider for both services - EU-based, GDPR compliant - Not a commercial surveillance-based service - Single DPA covers both services **Actually better in some ways:** - Professional email infrastructure - Better deliverability - Managed security updates - Less operational burden --- ## WHAT MAKES THIS DIFFERENT FROM "THIRD-PARTY EMAIL" **Typical platforms:** - Hosting: AWS/GCP/DigitalOcean - Email: SendGrid/Mailgun/Mailchimp - Two separate companies, two DPAs, more data sharing **Your setup:** - Hosting: Greenhost.nl - Email: Greenhost.nl - One trusted provider, one DPA, minimal data sharing **This is the ideal architecture for privacy.** --- ## SERVICE PROVIDER SUMMARY **Greenhost.nl provides:** 1. Web hosting 2. Email service 3. Located in Netherlands (EU) 4. Privacy-focused mission 5. Committed to internet freedom 6. Sustainable (renewable energy) 7. Single Data Processing Agreement **What you DON'T use:** - No Google Workspace - No Microsoft 365 - No SendGrid/Mailgun - No Mailchimp - No commercial email services - No separate email provider --- ## GDPR COMPLIANCE **Article 28 (Data Processors):** - Greenhost.nl is your data processor - Single DPA covers both hosting and email - Simpler compliance than multiple processors - Clear processor responsibilities **Still fully compliant.** --- ## COMPARISON ### Self-Hosted Email **Pros:** - Complete control - No external dependencies **Cons:** - Operational burden - Security updates needed - Deliverability challenges - Spam filter management - Technical complexity ### Greenhost Email **Pros:** - Professional infrastructure - Managed security - Better deliverability - Same trusted provider - Privacy-focused - Less operational burden **Cons:** - Technically a data processor (but trusted) **For your use case: Greenhost email is the better choice.** --- ## UPDATED PRIVACY POLICY STATEMENT **Service Providers section now states:** "We use minimal essential service providers who operate under strict data processing agreements: **Hosting:** Greenhost.nl (The Netherlands) - Location: EU-based (Netherlands), ensuring GDPR compliance - Privacy-focused and sustainable hosting provider - Committed to internet freedom - Data Processing Agreement (DPA) in place **Email Service:** Greenhost.nl email service (The Netherlands) - Provided by same hosting provider - EU-based (Netherlands) - Data Processing Agreement (DPA) in place - Privacy-focused email infrastructure **Payment Processor:** Not applicable - time-based currency only" --- ## VERIFICATION All references updated in: - Condensed policy: Updated - Full policy: Updated - Quick reference: Updated - Service provider tables: Updated - Privacy highlights: Updated - Comparison charts: Updated Character count: 6,644 (still under 10,000) --- ## NEXT STEPS Privacy policy remains: - Complete - Accurate - GDPR compliant - Ready for legal review - Ready for January 1, 2026 publication No further changes needed for this correction. --- ## SUMMARY **What changed:** Email service clarified as Greenhost.nl (not self-hosted) **Privacy impact:** None - score maintained at 10/10 **Why it's still excellent:** Single trusted privacy-focused provider for both hosting and email **Status:** Complete and accurate The correction makes your privacy policy more accurate while maintaining the same high level of privacy protection. Using Greenhost for both services is actually an ideal setup.