Honest take on a privacy-first email service that’s been fighting for encryption since before Snowden.

TL;DR

What it is: Encrypted email, calendar, and contacts service with end-to-end encryption baked in by default — including subject lines and attachments. Not self-hostable: only the client apps are open source (GPL-3.0), the server is closed [4].
Who it’s for: Privacy-conscious founders, journalists, activists, and small teams who want to escape Gmail and Outlook surveillance without paying Microsoft 365 prices. Also anyone who’s been burned by Proton Mail’s Swiss pricing and wants a German alternative.
Cost savings: Gmail is free but monetizes your inbox. Microsoft 365 Business Basic runs $6/user/month. Tuta’s paid plans start at €3/mo — and the free tier with 1 GB is genuinely functional, not artificially crippled [1].
Key strength: End-to-end encryption of subject lines, body, attachments, calendar, and contacts — including quantum-resistant algorithms. PGP-based services like Proton Mail don’t encrypt subject lines by default [1][2].
Key weakness: The server code is not open source, despite years of “open-source email” marketing — only client apps are GPL-3.0 [4]. Not self-hostable. No PGP compatibility means you can’t use an existing keychain or external clients [1].

What is Tuta

Tuta is an encrypted email service built by a small team in Hanover, Germany. It launched as Tutanota in March 2011 — notably, before Edward Snowden’s 2013 NSA leaks put mass surveillance on the front page — and rebranded to Tuta in November 2023 to get a shorter, more memorable domain [3]. The name change didn’t change the product: it’s still end-to-end encrypted email with an encrypted calendar and contacts, running on 100% renewable energy, with no ads and no data selling.

The pitch is simple: your emails, calendar events, and contacts are encrypted on your device before leaving it. Tuta holds zero keys. They can’t read your data, and neither can a government that subpoenas their servers — because there’s nothing readable to hand over [1][2].

What sets Tuta apart from the other encrypted email players is three things. First, subject lines are encrypted — PGP, which underpins ProtonMail and most other secure email services, encrypts only the message body. The subject travels in plaintext. Tuta uses its own encryption scheme (AES + ECC, now with quantum-resistant Kyber and CRYSTALS-Dilithium algorithms added) that covers the entire message including subject [1]. Second, the free tier is real. One gigabyte of storage, fully functional email, calendar, and contacts — no artificial limitations to force you into a paid plan [1]. Third, it strips IP addresses from outgoing emails, so your physical location and ISP aren’t embedded in your message headers [1].

The GitHub repository (7,391 stars) contains the client applications — web, desktop, Android, iOS. The Android app is also available on F-Droid, meaning you can run it completely without Google Play or any Google services [1][README].

Why people choose it

Reviews converge on a consistent set of reasons people switch to Tuta.

Escaping Gmail’s surveillance model. The case against Gmail isn’t subtle: Google scans your inbox to build advertising profiles. Multiple reviewers on Tuta’s homepage summarize the math: “free” email has a real cost paid in data. One user put it directly: “You also know that free isn’t really free, the price is for tech companies to get your info.” [homepage testimonials] The anger is real and Tuta’s marketing leans into it hard — their blog post on private email services [2] is essentially a 2,000-word brief against Gmail, Outlook, and Yahoo Mail, each of which they describe as scanning inboxes for ad profiling.

Subject line encryption matters more than people realize. Most people assume “encrypted email” means no one can read their messages. With PGP-based services, that’s partially true — but the subject line is still visible to the email provider and any intermediary. “Tuta also encrypts the subject line of messages. This is a noteworthy difference from some other secure email services,” notes the cyberinsider.com review [1]. If you’re emailing a lawyer, a journalist, or communicating anything sensitive, “Re: meeting with accountant about offshore accounts” leaking in plaintext is a problem.

The Germany jurisdiction argument. Tuta is headquartered in Germany, which has some of the strongest data protection laws in the EU (Bundesdatenschutzgesetz + GDPR). Two German court cases have confirmed that Tuta is not subject to ISP-level data retention laws [1]. Reviewers who compare it favorably to ProtonMail (Swiss jurisdiction) often cite the EU legal track record. There’s a counterpoint worth naming: Germany is part of the 14 Eyes intelligence sharing alliance. Tuta publishes transparency reports to address this, but it’s not a knock-down advantage over Swiss-based ProtonMail [1].

Quantum-resistant encryption as a real differentiator. Most encrypted email services use elliptic curve cryptography, which quantum computers — if they ever reach the scale needed — could theoretically break via Shor’s algorithm. Tuta has shipped post-quantum algorithms (Kyber for key encapsulation, CRYSTALS-Dilithium for signatures) ahead of most competitors [1][homepage]. For most users today this is theoretical. For governments and intelligence agencies archiving encrypted traffic now to decrypt later (“harvest now, decrypt later”), it matters.

Green energy and values alignment. Tuta runs on 100% renewable energy. Reviewers who mention this aren’t being naive — for a privacy service, the ethics of the company behind it matter. Jeremiah’s review quoted on the homepage: “Thanks for being a solid company, I’m very happy to have switched from Proton since Tuta handles several things (green energy, fdroid app, linux app) way better.” [homepage]

Features

Based on the product website and the cyberinsider.com review [1]:

Email:

End-to-end encrypted subject, body, and attachments (AES + ECC + post-quantum)
Encrypted contact book and inbox rules
Encrypted full-text search (the search index is encrypted client-side) [1]
Anonymous signup — no phone number or personal info required [1]
Send encrypted messages to non-Tuta users (they receive a link with a shared password) [1]
IP address stripping from outgoing email headers [1]
Aliases and custom domains (on paid plans)
Inbox rules and spam filtering [1]
Import from other email services — currently gated to Legend plan and all business plans [1]

Calendar:

Zero-knowledge encrypted calendar — events are encrypted before leaving your device [homepage]
Calendar push notifications on Android without Google services (no FCM dependency) [homepage]
Email-based meeting invites [homepage]

Apps:

Web app at app.tuta.com
Desktop apps: Windows, macOS, Linux [1]
Mobile: iOS (App Store), Android (Play Store + F-Droid APK direct download) [README][1]
Dark and light themes [1]

Security extras:

Two-factor authentication (2FA) [1]
Key verification between contacts [1]
Regular transparency reports [1]

What’s missing or gated:

No PGP compatibility — you cannot import an existing PGP keychain or use Thunderbird with Enigmail [1]
No IMAP/SMTP — Tuta uses a proprietary protocol, meaning standard email clients can’t connect. You’re tied to their apps.
Email import only on Legend and business plans [1]
Whitelabel (branded) accounts and Secure Connect feature cost extra [1]

Pricing: SaaS math

Tuta’s tiers:

Free: 1 GB storage, 1 email address, fully functional email + calendar + contacts [1]
Revolutionary: starts around €3/mo — adds custom domain, more aliases, more storage [1]
Legend: higher storage tier, email import, all features unlocked [1]
Business plans: team management, admin console, whitelabel

Exact pricing changes; check tuta.com/pricing for current rates. The cyberinsider review [1] shows storage going up to 1,000 GB on high-end plans.

What you’re comparing against:

Gmail: $0, but Google scans your inbox and builds an ad profile. Business Workspace is $6/user/mo.
Microsoft 365 Business Basic: $6/user/mo — gets you Outlook, Teams, 1 TB OneDrive. Email goes through Microsoft’s servers, no E2EE by default.
ProtonMail: Free tier with 500 MB, Proton Unlimited at roughly $9.99/mo (often billed annually). Swiss jurisdiction, PGP-based.
Mailbox.org: €3/mo, Berlin-based, also privacy-focused, but less extreme on encryption [5].

The math for a small team of 3:

Microsoft 365 Business Basic: $6 × 3 = $18/mo ($216/year)
Proton Unlimited (family): €9.99/mo for up to 6 members (~$120/year)
Tuta paid plan for team: approximately €3–6/user/mo — €9–18/mo for 3 users

Tuta isn’t the obvious winner on price alone. Proton’s family plan is competitive. Where Tuta wins is the free tier (1 GB vs ProtonMail’s 500 MB) and the subject-line encryption argument. For a solo founder or a small team not ready to pay, the free tier is more functional than most competitors.

The self-hosting question: You cannot self-host Tuta. The client apps (web, desktop, mobile) are GPL-3.0 on GitHub, but the server that handles encryption key management, email routing, and storage is proprietary and closed. The isitreallyfoss.com audit [4] documents this directly: “The service provided is not open source, or source available, but just the email clients provided are provided under a GPLv3 license, not the service itself.” Tuta has stated intentions to open-source the server side, but as of June 2025, this has not happened — more than 6 years after first mentioning it [4]. If self-hosting is a requirement, Tuta is not the right tool. Look at Stalwart Mail or Maddy instead.

Deployment reality check

There is no deployment. Tuta is a managed service. You create an account at tuta.com, download an app, and use it. The “open source” label applies to the apps you run, not the infrastructure.

What account setup actually involves:

Anonymous signup (no phone, no credit card for free tier)
Potential delay for account approval — the cyberinsider review flags this as a documented con [1]. Some accounts are reviewed manually before activation, which can take hours.
Setting up custom domains requires a paid plan and involves adding DNS records — standard process, takes 15–30 minutes if you know what you’re doing, a couple of hours if not.
2FA setup is straightforward.

What you give up by not using IMAP: Tuta uses a proprietary encryption protocol. You cannot point Thunderbird, Outlook, or Apple Mail at it. Every device needs the official Tuta app. This is a meaningful constraint: if Tuta’s app has a bug or the company disappears, your email is inaccessible until you export it. The apps are cross-platform and actively maintained, but the lock-in is real.

Pros and cons

Pros

Subject line encryption. No other mainstream encrypted email service encrypts the subject by default. If this matters to your threat model, it’s a genuine differentiator [1].
Quantum-resistant algorithms. Post-quantum encryption is live, not roadmap. Most competitors are still on classical elliptic curve [1][homepage].
Functional free tier. 1 GB, full feature access, no artificial limitations. ProtonMail offers 500 MB free; Gmail gives more storage but monetizes you [1].
Anonymous signup. No phone number, no real name required [1].
F-Droid Android app. Fully Google-free for users who degoogled their Android [1][README].
IP stripping. Your IP address doesn’t appear in outgoing email headers [1].
German legal track record. Court-affirmed protection from ISP-level data retention laws; regular transparency reports [1].
Green energy. 100% renewable — relevant if you’re choosing based on company values [homepage].
Client code is auditable. The apps are GPL-3.0 with 7,391 stars on GitHub. Bugs in encryption implementation are catchable [4][README].

Cons

Server is not open source. Despite years of “open-source email service” marketing, only the clients are GPL. The server handling your encrypted data is proprietary [4]. This is the most important fact to understand before trusting Tuta.
No PGP compatibility. Can’t use Thunderbird + Enigmail. Can’t import existing PGP keys. Can’t communicate with the standard encrypted email ecosystem outside Tuta [1].
No IMAP/SMTP. Locked to official apps. Standard email clients won’t work.
Account approval delays. New accounts can be held for manual review before activation [1].
Email import gated to high-tier plans. Moving a large archive from Gmail into Tuta requires the Legend plan or a business account [1].
Germany is in 14 Eyes. The jurisdiction argument isn’t as clean as ProtonMail’s Swiss position [1].
Not self-hostable. If server-side sovereignty matters, this is a non-starter [4].
EU encryption law risk. The cyberinsider review [1] notes Tuta “can be affected by EU’s schizophrenic stance on encryption” — proposals to mandate backdoors in encrypted services remain active political debates in Brussels.

Who should use this / who shouldn’t

Use Tuta if:

You want to stop using Gmail or Outlook and need a functional, low-cost privacy email that works on every device.
Subject line encryption or quantum-resistant encryption is part of your threat model (journalists, activists, legal professionals).
You want a Google-free Android setup — Tuta’s F-Droid app runs without any Google services.
You want an encrypted calendar and contacts baked into the same service, with a free tier that doesn’t expire.
A €3/mo starting price beats the $9.99/mo of Proton for your budget.

Skip it (use ProtonMail) if:

You need PGP compatibility — communicating with external PGP users, using Thunderbird + Enigmail, or importing an existing key. ProtonMail supports PGP; Tuta doesn’t [1].
You want Swiss jurisdiction instead of German. Both are good, but Switzerland isn’t in the 14 Eyes.
You need IMAP access to connect your own email client.

Skip it (use Stalwart Mail or self-host) if:

Server-side sovereignty is required. You want to run the mail server, not just trust a vendor’s server. Tuta’s server is closed; you can’t host it yourself [4].

Skip it (stay on Gmail) if:

You have no privacy concerns and are comfortable with Google’s data model. Tuta’s free tier is genuinely useful but there’s a learning curve switching, and you lose IMAP, third-party client access, and seamless Google Docs integration.

Alternatives worth considering

ProtonMail — Swiss jurisdiction, PGP-compatible, IMAP bridge available on paid plans. The most direct comparison. Proton’s ecosystem (VPN, Drive, Calendar) is more mature. Costs more for the full suite (~$9.99/mo vs Tuta’s ~€3/mo).
Mailbox.org — Berlin-based, €3/mo, supports IMAP and CalDAV. Less focused on encryption purity, more on being a full email suite. Listed alongside Tuta by Privacy Guides [5].
Fastmail — Australian jurisdiction, strong IMAP support, no E2EE. For people who want privacy from advertising but aren’t worried about government subpoenas.
Stalwart Mail — Fully open-source, self-hostable SMTP/IMAP/JMAP server. If you want to actually run your own mail server, this is the current best option. No encryption-by-default like Tuta, but you control everything.
SimpleLogin / addy.io — Email aliasing services. Not a full replacement but useful alongside a private email provider to protect your primary address.

Bottom line

Tuta does what it says: end-to-end encrypted email, including subject lines, with a free tier that’s actually usable. The quantum-resistant encryption is real, the German legal track record is solid, and the green energy/ethics story is genuine. For a non-technical founder switching from Gmail to something that doesn’t monetize their inbox, Tuta at free or €3/mo is a reasonable choice.

The important caveat — and you should know this before trusting them — is that “open source” in Tuta’s marketing means the apps, not the server. The code handling your encrypted data in their data centers is proprietary and has been for over 6 years despite promises otherwise [4]. You’re trusting a German company not to misuse the encrypted blobs they hold, not verifying an open-source server. For most users that’s fine — same model as ProtonMail. For users with genuine self-sovereignty requirements, it’s not enough.

If your email problem is “I’m paying $18/mo for Microsoft 365 and hate it” or “I want to stop Google from reading my inbox,” Tuta solves it cleanly. If your email problem is “I need to run my own mail server that I fully control,” Tuta doesn’t address it at all.

Sources

CyberInsider — “Tuta Mail Review 2026 – Is it the most secure email?” (Alex Lekander, April 9, 2026). https://cyberinsider.com/email/reviews/tuta-mail/
Tuta Blog — “10 best private email services in 2026”. https://tuta.com/blog/best-private-email-service
Podential.de — “Tutanota ist jetzt Tuta” (November 15, 2023). https://podential.de/blog/2023/11/15/tutanota-ist-jetzt-tuta/
IsItReallyFOSS — “Tuta Mail: Is it really foss?” (Last reviewed: June 10, 2025). https://isitreallyfoss.com/projects/tuta/
Privacy Guides — Privacy Tools (email providers section). https://www.privacyguides.org/nl/tools/

Primary sources:

GitHub repository: https://github.com/tutao/tutanota (7,391 stars, GPL-3.0 client apps)
Official website: https://tuta.com
Tuta roadmap: https://tuta.com/roadmap/

Features

Mobile & Desktop

Mobile App

Replaces

Related Security & Authentication Tools

View all 159 →

Ghidra

66K

A free, open-source software reverse engineering framework created by the NSA — disassemble, decompile, and analyze compiled code on any platform.

security Apache-2.0

PocketBase

58K

Open-source backend in a single 12 MB binary — realtime database, auth, file storage, and admin dashboard. No Docker, no Postgres, just run it.

security MIT Easy to deploy

Vaultwarden

57K

Lightweight, self-hosted Bitwarden-compatible password manager written in Rust. Uses 10x less RAM than the official server and works with all Bitwarden clients.

security AGPL-3.0

Zen Browser

41K

Zen Browser is a privacy-focused, beautifully designed Firefox fork with a unique sidebar tab layout, split views, and built-in content blocking — no telemetry, no tracking.

security MPL-2.0