STAY PRIVATE

Verification

Why do I need to provide an email address?

I accept StayPrivate's terms of use.

Your information is 100% secure.

stayprivate.com

Verify your email

We've sent a 6-digit verification code to your email address. Please be patient, it may take a few moments to arrive.

name@company.com

If you can't find the email, check your spam folder.

Your information is 100% secure.

Account already exists Confirm setup

You already have a StayPrivate account linked to this email address. Either log in using the button below, or set up a new StayPrivate account using this email address as a recovery email address. Click 'BUSINESS SIGN UP' to set up the domain on a 7‑day free trial of StayPrivate for business.

Or to sign up for the free individual version of StayPrivate, click 'INDIVIDUAL SIGN UP'. Click 'BUSINESS SIGN UP' to set up the domain on a 7-day free trial of StayPrivate for business. Or to log into your existing individual StayPrivate account, click 'INDIVIDUAL LOG IN'. Or to set up a new StayPrivate account using this email address as a recovery email address, click 'SET UP NEW ACCOUNT'. The domain is already set up on StayPrivate. To manage the domain settings, click 'MANAGE DOMAIN'. Or to set up a free individual StayPrivate account, click 'INDIVIDUAL SET UP'. The domain is already set up on StayPrivate. To manage the domain settings, click 'MANAGE DOMAIN'. To log into your StayPrivate account, click 'INDIVIDUAL LOG IN'. Or to set up a new StayPrivate account using this email address as a recovery email address, click 'SET UP NEW ACCOUNT'.

EXISTING ACCOUNT

FOR BUSINESS

NEW ACCOUNT

Existing Account

For Individuals

Your information is 100% secure.

Confirm choice

You will need administrator access to configure the mail server to integrate seamlessly with StayPrivate.

If you do not have admin access, you can sign up as an individual and upgrade to the business package later.

Your information is 100% secure.

Confirm choice

You are signing up to the individual version of StayPrivate using a business email account.

This is absolutely fine, but to get the full seamless StayPrivate business experience you should sign up to the business version.

Your information is 100% secure.

Your details

This username is taken, please try again.

Your information is 100% secure.

Your details

Your information is 100% secure.

Choose where to store your data

Select data storage location:

If not sure, we recommend choosing the location closest to your home country.

Your information is 100% secure.

Choose whether to link email accounts

By default, email@gmail.com is simply the recovery email address for email@spmail.com.

But you can also choose to link your two email accounts, so that email@spmail.com acts as the private inbox for email@gmail.com.

I'm not sure. What should I do?

Your information is 100% secure.

Finally, set your PIN

Your information is 100% secure.

Choose service level

GBP

PROFESSIONAL

£25 per month

Branding

Unlimited emails

Includes 5 users

Includes 10GB storage

Each extra user: £2 per month

Extra units of 10GB storage: £5 per month

PROFESSIONAL PLUS

£75 per month

Branding

Electronic document signing

Auto-deleting emails

Unlimited emails

Includes 10 users

Includes 20GB storage

Each extra user: £4 per month

Extra units of 10GB storage: £5 per month

PROFESSIONAL

£25 per month

Branding

Unlimited emails

Includes 5 users

Includes 10GB storage

Each extra user: £2 per month

Extra units of 10GB storage: £5 per month

PROFESSIONAL PLUS

£75 per month

Branding

Electronic document signing

Auto-deleting emails

Unlimited emails

Includes 10 users

Includes 20GB storage

Each extra user: £4 per month

Extra units of 10GB storage: £5 per month

Your information is 100% secure.

Security mode & location

Select security setting:

I'm not sure. What should I choose?

Set a keyword:

#stayprivate

Select data storage location:

If not sure, we recommend choosing the location closest to your home country.

Your information is 100% secure.

Congratulations!

You are set up on StayPrivate.

Download the App

We'll also send you an email with your account details, so you have them for future reference.

Your information is 100% secure.

Configure mail server

Everything is ready at our end!

The final step is to update your mail server settings to support StayPrivate. We can do this automatically, but if you prefer, you can do it by hand yourself.

Your information is 100% secure.

Configure mail server

Everything is ready at our end!

The final step is to configure your mail server to work with StayPrivate. Click the button below and follow the step-by-step instructions.

Your information is 100% secure.

Configure mail server

Everything is ready at our end!

The final step is to configure your mail server to work with StayPrivate. Click the button below and follow the step-by-step instructions.

Your information is 100% secure.

Server configuration

Copy the access code below and enter it in the pop-up window to grant temporary access to update your Microsoft mail server settings.

These updates will not affect your existing mail service.

If you can't see the pop-up window, please use the following link: https://microsoft.com/devicelogin

Waiting

Once you have authenticated, please do not refresh the page. It can take up to 30 seconds for the Microsoft authentication process to complete.

Configuration in progress...

Mail server configuration usually takes a couple of minutes to complete.

Your information is 100% secure.

Congratulations!

You are set up on StayPrivate.

Your information is 100% secure.

Mail server configuration

Access

Host

Outbound

Inbound

Replies

You require administrator access to your Google mail server in order to configure it to work with StayPrivate:

Log into the Google Admin console at: https://admin.google.com

Select 'Apps'.

Select 'Google Workspace' and from the list, click on 'Gmail'.

If you do not have administrator access to your email server, please send the following link to your IT administrator and ask them to complete the setup: https://stayprivate.com/server-configuration/?config=google

To send encrypted emails, StayPrivate needs to be first added as a host:

Click on 'Hosts'.

Click on 'ADD ROUTE' to add a new mail route.

Enter the name: StayPrivate

In the 'Enter host name or IP' field enter sendsecure.stayprivate.com and in the numeric field next to it, enter the port number: 587

Click 'Save'.

The next step is to add a rule so that the email server can identify which emails to send via the StayPrivate host.

Go back to the Gmail settings page by clicking on 'Settings for Gmail' near the top.

Scroll down to near the bottom and click on 'Compliance'. Then scroll down to 'Content compliance' and click 'CONFIGURE' (or if you already have a rule specified, click 'ADD ANOTHER RULE').

Under 'Content compliance' enter the text: Identify messages to send via StayPrivate

Under '1. Email messages to affect' select 'Outbound'.

Under '2. Add expressions that describe...' select 'If ALL of the following match the message'. Then click on 'ADD'.

Click on 'Simple content match' and select 'Advanced content match'. Then under 'Location' select 'Full Headers'.

Under 'Match type' select 'Not contains text'.

Under 'Content' enter the text: x-stayprivate-processed: true

Click 'SAVE'.

In '3. If the above expressions match, do the following' under 'Route' select 'Change the route'.

Click on 'Normal routing' and select 'StayPrivate'.

Then under 'Spam' select 'Bypass the spam filter for this message'.

Click on 'SAVE' bottom right.

After processing, StayPrivate sends encrypted emails back to your corporate email server for delivering onto the recipient. The email server needs to be configured to accept and relay encrypted emails sent by StayPrivate:

Go back to the Gmail settings page by clicking on 'Settings for Gmail' near the top.

Scroll down to the bottom and click on 'Routing'. Under 'Routing' scroll down and under 'SMTP relay service' click 'CONFIGURE' (or if you already have a rule specified, click 'ADD ANOTHER RULE').

Under 'SMTP relay service' enter the text Receive from StayPrivate.

Under '2. Authentication' select 'Only accept mail from the specified IP addresses'. Then click 'ADD'.

Under 'Description' enter the text StayPrivate and under 'Enter IP address/range' enter the text: 18.130.40.2

Click 'SAVE'.

Under '3. Encryption' select 'Require TLS encryption',

Click on 'SAVE' bottom right.

To ensure that direct replies from secure corporate domains are included in StayPrivate, incoming secure replies are identified and blind copied to server@stayprivatemail.com. This is achieved by adding a further compliance rule:

Go to the Gmail settings page by clicking on 'Settings for Gmail' near the top.

Scroll down to near the bottom and select 'Compliance'. Under 'Content compliance' click 'ADD ANOTHER RULE'.

Under 'Content compliance' enter: Send secure replies to StayPrivate

Under '1. Email messages to affect' select 'Inbound'.

Under '2. Add expressions that...' select 'ADD'.

Click on 'Simple content match' and select 'Advanced content match'. Then under 'Location' select 'Body'.

Under 'Content' enter #stayprivate-secure-reply then click 'SAVE'.

In '3. If the above expressions match, do the following' under 'Route' select 'Modify message'.

Under 'Also deliver to' select 'Add more recipients' then select 'ADD'.

Under 'Recipient address:' enter: server@stayprivatemail.com

Select 'SAVE'.

Finally, click on 'SAVE' bottom right. This is important - otherwise your changes may be lost.

Congratulations!

is set up on StayPrivate.

Mail server configuration

Access

Outbound

Inbound

Replies

You require administrator access to your mail server in order to configure it to work with StayPrivate.

If you do not have administrator access to your mail server, please send the following link to your IT administrator and ask them to complete the setup: https://stayprivate.com/server-configuration/?config=other

To connect with StayPrivate, outgoing secure emails need to be identified and relayed to https://sendsecure.stayprivate.com. For most email servers this means:

adding https://sendsecure.stayprivate.com as a host or connector;

creating a conditional routing rule to route emails to this host if the email has an external recipient and is not sent from the IP address 18.130.40.2.

If you are not able add the external recipient condition, you can simply route all emails through StayPrivate. StayPrivate will automatically ignore internal emails.

StayPrivate sends secure emails back to the corporate email server for delivering onto the recipient. The corporate email server therefore needs to be configured to accept and relay secure emails sent by StayPrivate. You can identify secure emails in either of two ways:

by the sender IP address: 18.130.40.2; or

by the certificate used to sign the emails: *.stayprivate.com.

For alternative setup options, log into the admin dashboard at https://dashboard.stayprivate.com.

To ensure that secure replies from secure corporate domains are included in StayPrivate, incoming secure replies should be identified and blind copied to server@stayprivatemail.com. For most email servers this is achieved by adding a compliance rule to add the above address to the 'bcc' field if an incoming email contains the text #stayprivate-secure-reply.

Congratulations!

is set up on StayPrivate.

Mail server configuration

Access

Host

Outbound

Inbound

Replies

Enable

You require administrator access to your Microsoft 365 account or mail server in order to configure it to work with StayPrivate:

From the Office 365 home page, in the left-hand menu, select 'Admin'.

In the left-hand menu, select 'Show all'.

Scroll down and under 'Admin centers' select 'Exchange'.

We recommend that you use the latest version of the Microsoft Exchange Admin Center. If you are using the 'Classic' Exchange Admin Center you can still follow the instructions below, but please be aware that there are one or two slight differences in wording and layout.

Instead of using the Admin Center, you can configure the email server directly using Exchange Online PowerShell. Click here to display the PowerShell instructions.

Exchange Online PowerShell Instructions

Firstly, connect to the tenancy, using the script below and replacing example.com with the corporate domain:


                  
                    Connect-ExchangeOnline -Device -DelegatedOrganization example.com

Secondly, add a connector to send messages to StayPrivate:


                  
                    New-OutboundConnector -Name "Send to StayPrivate" -UseMxRecord $false -SmartHosts sendsecure.stayprivate.com -IsTransportRuleScoped $true

Then add a connector to accept messages back from StayPrivate, using the script below and replacing example.com with the corporate domain:


                  
                    New-InboundConnector -Name "Receive from StayPrivate" -SenderDomains *.example.com -ConnectorType OnPremises -CloudServicesMailEnabled $true -RestrictDomainsToCertificate $true -RequireTls $true -TlsSenderCertificateName *.stayprivate.com

Now add a rule to identify messages to send to StayPrivate, replacing example.com with the corporate domain:


                  
                    New-TransportRule "Identify messages to send via StayPrivate" -SentToScope "NotInOrganization" -SenderDomainIs "example.com" -ExceptIfSenderIpRanges "18.130.40.2" -ExceptIfHeaderMatchesMessageHeader "x-stayprivate-processed" -ExceptIfHeaderMatchesPatterns "true"  -RouteMessageOutboundConnector "Send to StayPrivate"

And add a rule to ensure secure corporate replies are recorded in StayPrivate, again replacing example.com with the corporate domain:


                  
                    New-TransportRule "Send secure replies to StayPrivate" -SubjectOrBodyMatchesPatterns "#stayprivate-secure-reply" -ExceptIfSenderDomainIs "example.com" -ExceptIfSenderIpRanges "18.130.40.2" -BlindCopyTo server@stayprivatemail.com

Finally, add a rule to ensure StayPrivate emails are not flagged as spam:


                  
                    New-TransportRule "StayPrivate Allow" -SenderIpRanges "18.130.40.2" -SetSCL "-1"

To hide the Exchange Online PowerShell instructions above, click here.

The first step is to add a secure connector to the StayPrivate relay server:

In the left-hand menu, select 'Mail flow'. Then select 'Connectors'.

Click on '+ Add a connector'.

Under 'Connection from' select 'Office 365'. Under 'Connection to' select 'Partner organization'. Then click 'Next'.

Enter the name: Send to StayPrivate and ensure 'Turn it on' is selected. Then click 'Next'.

Select 'Only when I have a transport rule set up that redirects messages to this connector'. Then click 'Next'.

Select 'Route email through these smart hosts'. Then enter the domain name: sendsecure.stayprivate.com and click '+'. Then click 'Next'.

Ensure that 'Always use Transport Layer Security...' and 'Issued by a trusted certificate authority (CA)' are selected. Click 'Next'.

To validate the connector, enter the test email address support@stayprivate.com and click '+'.

Click 'Validate'. Office 365 will validate the new connector. This may take a minute or so. When it has finished, click 'Next'.

Click 'Create connector'.

Click 'Done'.

Next add a secure connector to allow StayPrivate to send secure emails back to your corporate email server for delivering to the recipient.

In the left-hand menu, select 'Mail flow'. Then select 'Connectors'.

Click on '+ Add a connector'.

Under 'Connection from' select 'Your organization's email server'. Then click 'Next'.

Enter the name: Receive from StayPrivate

Ensure that 'Turn it on' is selected and click 'Next'.

Select 'By verifying that the subject name on the certificate….'. Then enter the text: *.stayprivate.com

Click 'Next'.

Click 'Create connector'.

Click 'Done'.

The next step is to add a rule so that the mail server can identify which emails to send to StayPrivate:

In 'Mail flow', select 'Rules'.

Select '+ Add a rule' and 'Create a new rule'.

Enter the name: Identify messages to send via StayPrivate

Under 'Apply this rule if' select 'The recipient'.

Then, to the right, select 'is external/internal'. Then choose 'Outside the organization' and click 'Save'.

Under 'Do the following' select 'Redirect the message to'. Then, to the right, select 'the following connector'. Select 'Send to StayPrivate' and click 'Save'.

Under 'Except if' select 'The sender'. Then, to the right, select 'IP address is in any of these ranges or exactly matches'. Enter 18.130.40.2 in the box.

Click 'Add'.

Tick the box next to 18.130.40.2. Click 'Save'.

Click 'Next'.

Ensure that 'Enforce' is selected, then click 'Next'.

Click 'Finish'. It may take a few seconds for the new rule to save.

Click 'Done'.

Next add a rule to ensure that secure emails are not incorrectly identified as spam:

In 'Mail flow', select 'Rules'.

Select '+ Add a rule' and then 'Bypass spam filtering'.

Enter the name: StayPrivate Allow

Under 'Apply this rule if' select 'The sender'. Then, to the right, select 'IP address is in any of these ranges or exactly matches'.

Enter 18.130.40.2 in the box. Then click 'Add'.

Tick the box next to 18.130.40.2. Then click 'Save'.

Click 'Next'.

Ensure that 'Enforce' is selected, then click 'Next'.

Click 'Finish'. It may take a few seconds for the new rule to save.

Click 'Done'.

To ensure that direct replies from secure corporate domains are included in StayPrivate channels, incoming secure replies are identified and blind copied to server@stayprivatemail.com. Firstly, set up a new contact:

In the left-hand menu, select 'Recipients' then select 'Contacts'.

Select 'Add a mail contact'.

Under Contact type select 'Mail contact'.

Under 'Display name' enter: StayPrivateServer

Under 'Alias' enter: StayPrivateServer

Under 'External email address' enter: server@stayprivatemail.com

Click 'Next'.

Click 'Next' again, then click 'Create'.

Click 'Done'.

Now add a rule to ensure that secure emails are copied to server@stayprivatemail.com:

In the left-hand menu, select 'Mail flow' and select 'Rules'.

Select '+ Add a rule' and 'Create a new rule'.

Enter the name: Send secure replies to StayPrivate

Under 'Apply this rule if' select 'The subject or body'.

Then select 'subject or body matches these text patterns' and enter: #stayprivate-secure-reply

Click 'Add'.

Tick the box next to #stayprivate-secure-reply. Then click 'Save'.

Under 'Do the following' select 'Add Recipients' then, to the right, select 'to the Bcc box'.

Find 'StayPrivateServer' in the list and tick the box next to it. Click 'Save'.

Under 'Except if' select 'The sender' then, to the right, select 'domain is'. Enter your email domain (for example, mycompany.com) in the box.

Tick the box next to your domain. Then click 'Save'.

Click the blue '+' next to the box with the text 'domain is'.

Under 'And' select 'The sender'. Then, to the right, select 'IP address is in any of these ranges or exactly matches'.

Enter 18.130.40.2 in the box. Then click 'Add'.

Tick the box next to 18.130.40.2. Then click 'Save'.

Click 'Next'.

Check that 'Enforce' is selected, then click 'Next'.

Click 'Finish'. It may take a few seconds for the rule to be saved.

Click 'Done'.

The final step is to enable the rules:

In the left-hand menu, select 'Rules'.

Find the rule called 'Identify messages to send via StayPrivate'. Click on the word 'Disabled' next to the rule.

Click on the switch under 'Enable or disable rule' to enable the rule.

Click on the 'X' close button top right. It will take a few seconds for the rule to enable and the page to update.

Find the rule called 'StayPrivate Allow'. Click on the word 'Disabled' next to the rule.

Click on the switch under 'Enable or disable rule' to enable the rule.

Click on the 'X' close button top right. It will take a few seconds for the rule to enable and the page to update.

Find the rule called 'Send secure replies to StayPrivate'. Click on the word 'Disabled' next to the rule.

Click on the switch under 'Enable or disable rule' to enable the rule.

Click on the 'X' close button top right. It will take a few seconds for the rule to enable and the page to update.

Congratulations!

is set up on StayPrivate.