Growth October 16, 2020

Privacy-first email automation

Ben @IndieHacker32232

Hey all,

I've found plenty of email automation services, but am yet to find one that promises to respect the users' privacy. Essentially what I'm looking for is what Fathom is to Google Analytics, for email automation. I'm building a privacy-focused service, so my entire stack needs to adhere to strict privacy standards.


  1. 1

    I've also thought about launching a privacy first email service... PGP though has been around for 20+ years, so I personally think people don't care

    1. 1

      I think people do care, but the technology isn't there. It's either too complicated, requires technical knowledge, or too inconvenient. We shouldn't have to ask the average person to set up PGP. It should just be done for us, transparently. That's why messaging platforms that are encrypted by default like Telegram and Signal are so popular.

  2. 1

    The primary selling point of Fathom is that it doesn't collect any personal data. As email by its very nature is personal data, it's gonna be a struggle if you're using a hosted platform.

    There are numerous platforms out there who allow you to disable open/click tracking, though, but unless you roll/host your own the personal data of your users will always be held by a 3rd party processor.

    1. 1

      It might not be fair for consumers and even privacy specialists to ask for a world where 100% of a company's software is self-hosted. This would create major inefficiencies. However I don't think it's too much to ask that every service a company uses, every part of the stack, abides by high data privacy standards.

      Good point on being able to disable open/click tracking, although I don't actually want to disable it; I want it to be anonymized.

      1. 1

        Got it. Disabling click/open tracking is simple – completely anonymised at source data is a technically much more difficult than on the web due to the way email mailbox providers work.

        Let's look at how they cache their images. (Images are what is used for open tracking.)

        Gmail cache any images across all clients. So if you were to serve a single image to 1,000 people then it would only show as a single open. Even if 1,000 people opened it.

        Therefore the only way to do it is to serve a different image to each email address (which of course is PII). If you're serving and sending a different image to each email address, this could then (under most circumstances) be linked back to a unique email address, and is not truly anonymised.

        1. 1

          That's a great point! Wonder how we could go around this...

  3. 1

    I think the concept of privacy lies in how you actually the platform, you can use whichever platform and be compliant with everything, or you can abuse the system and these tools will allow you to

    1. 0

      I agree, that's a big part of it. There are a few elements that are in the platform's control though, like for instance where their servers are located, how they handle logs, whether they rely on cookies, whether they process personally identifiable events. As a business owner I might decide not to use the profile data built up by my marketing software, but as a user and privacy advocate, the fact that the data was collected in the first place and is now stored somewhere on the internet is a concern.

      1. 1

        yeah absolutely, agreed

  4. 1

    Hi, can you share what type of service are you building?

    1. 1

      There are two answers to that question: 1) I don't know yet, and this is why I have 2) which is a 7-day email course/newsletter, teaching people how to up their personal online privacy (I asked for feedback on it here).

      I'm offering a free newsletter, hoping to learn more about the target audience. I'm looking for an email automation service that will allow me to send one email every 24 hours after people sign up. Then ideally it would also have newsletter-type capabilities once the course is over. I don't need to track individual usage, but anonymized open/click statistics would be useful.

      1. 1

        You can probably use plausible for analytics. also a privacy-focused service.

        1. 1

          Right, but what about for email automation?

Recommended Posts