Star now comes with 50 GB instead of 15, and the price is the same. Use code for 30% off your first 3 months - limited to the first 10 people. Get started
Blog
EngineeringPrivacySecurityProduct UpdatesCompany News
Get Aster free
Company News

Sustainability Commitments

Findley Lucas
Findley Lucas
Share:

If a private email service disappears, then it is worse than having no private email service at all. When a privacy company ends up shutting down and migrating its users to a competitor, or gets acquired, the consequences are not just an inconvenience. They are a breach of trust at a structural level.

This document lays out how Aster is funded, structured, and operated so that this does not happen. It is written to be held against us in the future.

Our claim

Aster is built to exist in 10 years and beyond. We are not just confident that we will grow fast, but the way we are funded, structured, and operated does not require fast growth to survive.

Financial

Aster is funded completely by its users. There are four plans: Free, Star, Nova, and Supernova. Paid subscribers and storage add-ons cover the cost of running the service. That is the entire business model.

We will never sell advertising or user data. We have not taken venture capital and are currently not seeking it. Our company is completely bootstrapped and self-funded.

This implication matters. A company that depends on its advertisers has an incentive to learn about its users. A company that depends on investors has an incentive to exit. A company that depends only on its customers has an incentive to serve them for as long as possible. That is why we have picked the third option.

Operational

Aster is run by a small team, and we plan to keep it this way in the future. Our infrastructure is optimized for cost rather than convention. Our mail servers run on Hetzner in Falkenstein, Germany, not on a hyperscale cloud provider such as AWS. Our cash burn rate is low so that modest subscription revenue can sustain the service through periods without any price increases, emergency investor funding, or pivots.

Technical

Aster is open source. The cryptography code that encrypts your mail, handles your keys, and runs your account is on our public GitHub organization under the GNU Affero General Public License v3. This means anybody can go in and audit it, fork it, and anybody can submit a pull request.

Our cryptography is based on industry standards. We use OpenPGP with RSA-4096 keys that are completely portable. They work in any PGP client, including GPG, Thunderbird, and any other compatible clients. Your keys are yours, not ours. They are not a proprietary format that will vendor-lock you into us.

For Aster-to-Aster mail we use ML-KEM-768 inside of X3DH and Double Ratchet protocols on top of everything else to ensure post-quantum safety and forward secrecy. We make this clear to the user, and it will not change your keys’ portability.

If Aster were to ever cease operation, your keys and encrypted archives would remain fully usable. You would not be stuck and unable to recover your mail.

Governance

Aster Communications Inc. is a Delaware C Corporation. We are not organized around an acquisition of the company. We have not signed any agreements that require us to sell the company under specified conditions. We have not structured equity in a way that will force a liquidity event.

We are a real company, not a side project. Our corporate structure allows us to sign contracts, protect intellectual property, employ people, and enter into legal commitments like this one. It is not for us a path to an exit.

Community

Our users and community are our customers. This holds us accountable to them. They are never the product, they are not the inventory, and they are not the audience for someone else’s advertising.

This has a practical consequence. Whenever we make decisions about features, pricing, or company direction, the people we are accountable to are the people paying for the service, not advertisers, not investors, and especially not a board optimizing for a sale.

Environmental

Hetzner’s Falkenstein data centers run on renewable electricity. This is a real fact and a verifiable claim, not a marketing stunt. The infrastructure we have chosen for cost reasons also happens to be among the more energy-responsible options available.

We do not claim carbon neutrality offsets or a net zero status. We have not purchased certificates, but we run lean infrastructure in an efficient data center.

Commitments

The following are commitments that readers may hold us to. They are stated plainly because plain language is harder to walk back from.

  • We will not sell, rent, or otherwise transfer user data to third parties for any purpose other than delivering the service.
  • We will not introduce advertising to any Aster services or products.
  • We will not introduce tracking, behavioral profiling, or analytics that identify individual users.
  • We will not weaken encryption, add backdoors, or build mechanisms designed to give ourselves, law enforcement, or any third party access to user content or data.
  • We will keep the Aster Mail client open source under a free software license.
  • We will keep user keys in standards-compatible formats that work outside Aster.
  • We will publish a warrant canary and update it on a regular cadence. Its absence or modification should be read as significant.
  • If Aster Privacy is ever acquired, wound down, or transferred, we will give users meaningful advance notice and the means to export their data and keys before service changes.
  • If we ever break one of these commitments, we will say so in writing, dated, on this site.

Closing

A privacy company’s most valuable asset is the belief that it will still be here in the future, functioning the same way in 5 years. We do not take that belief for granted, and we are not asking for it on faith. This document is an attempt to show the work.

Share:
Findley Lucas
Findley Lucas

Founder and CEO of Aster Privacy.

Related posts

Is Aster Safe If It's Based in the US?
Company News

Is Aster Safe If It's Based in the US?

Aster is a U.S.-based end-to-end encrypted email provider with our servers located in Germany. In this blog post, we explain exactly what the U.S. could and could not force us to hand over, and why client-side encryption and key control make all the difference.
Company News

Introducing Aster Mail: the world's most private email

Aster Mail is now available. Free, open source, end-to-end encrypted email with zero-access architecture, post-quantum protection, and no compromises on privacy.
How our warrant canary and transparency report work
Privacy

How our warrant canary and transparency report work

What our warrant canary actually proves, what our transparency report shows, and how to verify both yourself.