Most people have dozens of online accounts they signed up for and forgot about — old logins that still hold personal data. AccountTrace helps you find them, list them, and reclaim your digital footprint. The Gmail scan runs in your browser, we never store passwords, and we never send anything in your name — you stay in full control.
Curious about Pro? See plans & pricing →
Find, visualize, and remove accounts—with full transparency and no data mining.
Smart Pattern Discovery. Our engine performs a local text analysis of your inbox to identify "Welcome" and "Signup" notifications, tracing accounts you've forgotten existed years ago.
Your Digital Footprint, Visualized. See all your accounts in one clean dashboard. No more guessing where your data is stored.
Generate a clear, ready-to-send data access or deletion request email — you copy it and send it yourself.
Get started in minutes with our simple 4-step process
Securely connect Gmail, or any IMAP mailbox (including Outlook via IMAP). Your credentials are used once for the scan and never stored.
We scan your emails to find welcome emails, receipts, and account notifications. With the Gmail browser scan this happens in your browser; with IMAP it runs on our server for that session only.
Review discovered accounts, edit details, and organize them by status. Only encrypted data is stored in the database.
Generate ready-to-send data deletion requests, export your data, or manage accounts all in one place.
Experience the power of our dashboard with a live preview of your account management
Everything you need to know about AccountTrace
It depends on the scan, and we're precise about it. With the Gmail browser scan, your email content is analysed in your browser and never sent to our servers — by design, we can't read it. With IMAP, the scan runs on our server for that one session only: your inbox is read once to find account-related emails, your credentials are used once and never stored, and we don't keep your email content. In neither case do we store your messages.
AccountTrace scans your emails to find welcome emails, purchase receipts, password reset notifications, and other account-related emails. We use pattern matching to identify services and extract account information. With the Gmail browser scan this runs in your browser; with IMAP the scan runs on our server for that one session only.
Your account data is encrypted at rest with AES-256-GCM, so it's never stored in plaintext, and access to your account list is restricted to you when signed in. To be clear: this is not zero-knowledge encryption — the encryption key is held server-side, so we technically could decrypt your account list to operate the service. We don't read it for any other purpose, and we never sell or share it. The full technical detail — which fields are encrypted, the AES-256-GCM parameters and the key model — is documented in our security & privacy architecture overview (published in the open-source repository).
No. AccountTrace generates a ready-to-send data access or deletion request — including a German DSGVO template — and you copy it and send it yourself from your own mailbox. We never act in your name. It's a tool, not an agent. We do help you keep track afterwards: we derive the statutory response deadline (Art. 12(3) GDPR) and flag overdue requests.
No, never. AccountTrace is privacy-first by design. There is no analytics or tracking pixel on this site, we don't profile users, and we don't sell data. Your data belongs to you, period.