Frequently Asked Questions

General questions

Polycred is an email alias creation and management service with a browser extension. Polycred was designed with the goal of increasing email privacy, email security and stopping email spam. The email aliases that you create with Polycred will act as relays to your personal email inbox. This means that you can use your regular email inbox (Gmail, Yahoo, etc) as you normally would, while also securing your identity online.

Polycred accomplishes this by forwarding the emails that are sent to your generated email aliases to your personal email address, ensuring that nobody ever sees your personal email address. This keeps your email address safe and confidential, so that it cannot be sold to marketers or leaked on the web. Pro members can seamlessly reply to emails from their regular email inbox, and Polycred will relay the emails back to the original sender without ever revealing your personal email address.

Companies often sell our personal information to third parties for profit. Your email address might also be scraped from public websites that are in the bad habit of exposing your email address.

By concealing your real email address, and only ever using generated email aliases, nobody can ever find out your real personal email address. If your email aliases get leaked, you just delete or disable them, create new ones, and continue onwards spam-free. By using a unique alias for each website you sign up to, you can stop all spammers associated to that particular website or leak of personal information without affecting the flow of your other emails. Polycred is also a useful tool to determine which companies are selling or leaking your personal information.

Yes it does! By concealing your real e-mail address which quite often has some personal information in it such as [email protected] With that small amount of information someone can start building a profile on you for identity theft or other malicious social engineering attacks. For example, by signing up to multiple services using the same email address, if someone were to discover your email address they may attempt to impersonate you to your banking service and gain access to your accounts. By using a unique Polycred email alias on each website you sign up to you can be confident that attackers will not be successful in their efforts.

Another real world example where Polycred protects your privacy is in the scenario of data leaks from services. Quite often the email addresses leaked specifically from financial services will become targets of phishing email scams and attackers will send you fraudulent emails attempting to steal your login information for other websites and services, or your financial data. By using Polycred, if your email alias is ever leaked in one of these scenarios, you can simply delete that alias and prevent all phishing scams from reaching you.

The (+) trick, also known as email subaddressing, is an option in certain inboxes such as Gmail, which allows you to extend your email address to identify where an email is coming from. For example, if signing up to Facebook I could add "+facebook" to my email like so: "[email protected]", and I will still receive the emails in my regular inbox.

This is a practical trick, however it is not useful for security or privacy for a variety of reasons:

  • Using the (+) trick doesn't protect your privacy. Anyone who obtains your email, including the service you're signing up to, can simply remove the (+) section to reveal your personal email address.
  • You cannot reply from a (+) email address, the recipient will see your real email address.
  • If your email is leaked in a data breach, spammers will automatically remove the (+) segment to obtain your real email address.
  • Advertisers can piece together your (+) segments from various data leaks to determine your browsing habits, because they're all appended to your real personal email address.

Polycred aliases are the solution to all of these weaknesses. The plus trick is not a viable alternative for spam, security or privacy protection.

Yes it does. Polycred is transparent to email providers and uses advanced anti-spam compliance methods to ensure your emails are not detected as spam by your email provider.

By default Polycred handles all of your incoming emails, as well as replies to those incoming emails. But what do you do if you want to compose a new email to someone that you don't already have an existing email chain for? That's where Compose Addresses come into play.

By using the Compose Address feature in the addon, you can select an alias, and provide an email address of a person you would like to send a new email to. Once you have created the Compose Address, every time you send an email to that Compose Address from the inbox that belongs to the alias, the recipient will receive that email from your alias instead of from your personal inbox. This allows you to send new emails to people on behalf of your aliases without exposing your personal email address, directly from your favorite inbox. The benefit of doing it this way is that you can also send attachments and maintain your email history.

If someone replies to the email you sent through your Compose Address, it will go through the alias like all of your other emails and you'll be able to continue to reply to that person as you normally would.

Our primary objective at Polycred is to build trust with you, and increase your email privacy and security. We go to great lengths to ensure the security of our service, including keeping our systems up to date and applying the latest security patches as they are released, maintaining our software and adhering to high security standards and practices, using well-respected and secure programming languages and open source software, offering bug bounties for responsible disclosure of bugs or vulnerabilities, and using the latest and greatest platforms for hosting our services such as Amazon AWS cloud hosting, and Stripe's checkout dashboard for payments.

Our browser extensions all pass manual approval processes and vetting by the teams at Microsft, Firefox and Google before they become available to the public for download, and they adhere to the security requirements of these companies.

Whilst Polycred is not open-source so that we can protect our intellectual property, we as the founders are personally active in the open source community and have contributed and maintain many widely used and respect open source libraries. You can find us on Github here.

Polycred is a registered business, and is registered in Canada under Volatile Technologies Inc under the CRA Business Number 701901928.

We as the founders of Polycred use it personally for all of our own emails, so in the unlikely event that Polycred was to go out of business it would remain available for existing users, and new user signups would be closed off. We want to reiterate that this is a very unlikely event and we are confident that this service will be running indefinitely.

It's also worth noting that if this is a serious concern to you, if you're using a custom domain it is trivial to migrate your aliases to another provider, so you won't have an issue with vendor lock-in.

Our revenue comes strictly from Pro subscriptions. Polycred will remain forever ad-free. We do not, and never will, sell user data.

Disposable email and temporary email services provide you with a temporary email inbox that is automatically deleted after a short period of time, where as Polycred aliases are permanent and route mail to the personal email inbox you already use, such as your Gmail or Outlook mailbox.

Due to the nature of providing an inbox for you, these services have to store logs of your emails, which can be a privacy concern, especially if your emails contain confidential information or can be used for resetting your passwords on websites. This is in contrast to Polycred, which does not store logs of your emails, it only forwards them along and then they are gone from the Polycred mail server forever.

Quite often these inboxes can also be accessed by anyone with your temp mail URL or email address, and is generally not considered to be a secure strategy for handling email.

We're really happy to hear that you love the service! The best thing you can do to support us is leave a review on the Google Chrome, Mozilla Firefox and/or Microsoft Edge extension stores.

Beyond that, if would like to give us a shout out on your socials we appreciate all the support we receive.

Tech questions

Free users can have a maximum of 20 aliases in their account. Pro users can generate up to 40 email aliases per day and have an unlimited number of aliases in their account. Pro users can send up to 100 emails per day from their list of generated aliases.

Pro users can send emails with attachments of up to 25MB. If you'd like to send attachments larger than this you should use a file sharing service like Google Drive or Dropbox.

These limits are in place to prevent abuse. If you need an adjusted limit please contact support.

You can purchase a new domain or bring your existing domain to Polycred. A domain is the last portion of your email address, example if your email is "[email protected]", your domain is "sailor.com". Adding your domain to Polycred is as simple as adding a few DNS records and only takes seconds to do. One DNS record for verification, and the others for pointing your domain to the Polycred mail servers. If you host a website on this domain already this will not affect your website. This can be done for all email providers, not just GSuite.

If you already use your domain with another mail host (such as Google Suite), and do not want to lose access to this account, you can create aliases under a subdomain. For example, if you're using GSuite on your domain sailor.com, and also want to create aliases for the sailor.com domain, you can configure a subdomain to point to Polycred mail servers so that aliases are created under x.sailor.com, where x can be anything. Quite often users will do [email protected] for example.

Polycred does not store logs of emails processed through the platform. Once the email has been processed by our mail server queue it is irrevocably cleared and cannot be recovered. We do not analyze emails, and the only processing we do on an email is to remove headers that may leak your identity, and adjust headers to ensure deliverability of emails.

Polycred will never disclose any information that can lead back to your personal email address.

It's important to note that email clients or email signatures can insert information into replies that can compromise your identity, so please be mindful about the content of your emails. Polycred also takes efforts to strip out any potentially identifying information automatically and will scan the email headers to make sure your personal email address is removed from them.

Polycred caches your aliases and settings so that you can load the extension and generate without lengthy page load times. This can result in data becoming out of sync if you frequently generate or change settings across multiple devices.

To resync your data you can press the Polycred logo in the dropdown on any website. When hovering over the Polycred logo you will see a "Resync" button appear.

You can also resync on the Emails page or the Generate page of the extension popup window by pressing the resync icon in the top right corner, opposite the Back button.

If you restart your browser, or log out and then in again, your settings and aliases list will also be resynced.

The most common cause of not receiving an email is because there is an SSL certificate problem for the receiving mailbox. If you have sent a test email to your email and you're using a self-hosted mail server instead of a service like Gmail or Outlook, please make sure your mail server's SSL certificates are not expired, and not self-signed. Polycred does not support sending email to mail servers with self-signed certificates to protect all of our customers, because they are insecure. Please purchase an SSL certificate for your mail server that is signed by a trusted authority to resolve this issue. Receiving mail servers must also support StartTLS, which is widely supported and comes by default on almost all mail servers today.

If you are not receiving email and it's not related to SSL certificates, please make sure you've checked your junkmail. If you find that your emails are constantly appearing in your junkmail instead of your main inbox please notify support.

If you still haven't received your email and the above doesn't resolve the issue, contact support with the alias you're sending from, and the destination inbox.

The most common cause of StartTLS or SSL errors in your mail server logs is either an expired SSL certificate for your mailserver, or your mail server is using a self-signed certificate. Polycred does not support sending email to mail servers with self-signed certificates to protect all of our customers, because they are insecure and it could indicate that your domain has been hijacked. Please purchase an SSL certificate for your business that is signed by a trusted authority to resolve this issue.

Please also note that your mail server must support StartTLS, which is widely supported and comes by default on almost all mail servers today.

Plans & pricing questions

If you cancel your Pro subscription you will keep any aliases created during that period, including aliases that were created against custom domains. If your subscription is cancelled before your next billing date you will retain Pro user services until that date, at which point no further payments will be made and your Pro status will be removed.

Once you are back on a free account all of the free account restrictions will take effect, and you will not be able to reply to emails (existing or otherwise), compose new emails, create additional aliases against any custom domains you have on your account, or use a destination mailbox other than your primary mailbox. You will only be able to create new aliases up to the maximum allowed for free users and you will lose unlimited alias creation capabilities.

Free users can only have 20 aliases in their account at any one time. You can delete older aliases to create new aliases up to 20 again. Emails sent to deleted aliases will not reach you.

We offer discounts or free Pro memberships for:

  • Professors
  • Journalists
  • Charity organizations
  • Social media figures & influencers

Please contact us for more info.

Polyced partners with Stripe to handle payments. We use Stripe's secure payment portal for making payments and managing subscriptions. Stripe accepts the following payment methods:

  • Visa
  • Mastercard
  • American Express
  • JCB
  • Apple Pay
  • Google Pay

We offer refunds within 7 days of purchase under certain conditions. You can read our refund terms and conditions on our Refunds Policy page.

If you own an organization and would like your employees to use Polycred and share access to domains and destination mailboxes please contact us and we can discuss discounts for your Polycred accounts. The more accounts you would like, the bigger the discount.

Polycred is particularly good for businesses because it can save you costs on services like GSuite and having to create a new email address for every employee. Instead, they can create an alias (or multiple aliases) like [email protected] This will also help to secure your business communications and accounts.