Their privacy policy states the obvious, and repeats what’s in the SMTP RFC (821). I can only guess this is because of transparency.
All email providers have access to that information. I would actually argue for them that they are better at letting people know which kind of data they do and don’t have access to.
Every (email) service is bound to the law of the country they reside or operate in. Proton has part of its offerings in Switzerland, part in EU (Germany if I recall well). Swiss FADP is very close to GDPR. Also when it comes to privacy protection. Every company bound to GDPR (or FADP) has to abide to the law, and when law enforcement has a good reason to check out user data, and the judge agrees, any company has to provide evidence.
Even non-EU based companies offering services in EU.
With their transparency report they are providing a tool to their users to know and understand what happens to their data in a lawful manner. And I see that as a win for transparency.
But this is just my opinion, and it is ok to not agree with how I see the world.
When Big Tech sets its own rules, Europe has failed
Brussels is apparently prepared to make far-reaching concessions to Trump. This means the idea of digital sovereignty and Europe’s digital decade is over

Donald Trump wants simpler rules for US companies - and is returning the favour for generous campaign donations. Brussels threatens to buckle.
The big digital companies should have a say in which rules apply to them in future, at least that is what is currently being discussed behind closed doors. It’s like letting the tobacco companies run a lung clinic. Or putting the oil lobby in charge of protecting coastal waters. In Brussels, the dog should watch the sausage. Even the EU Commission’s first ideas for appeasing Trump’s anger were hair-raising. After all, the Digital Markets Act (DMA), the centrepiece of Europe’s digital decade and part of a whole series of sister regulations, could be softened if Washington so wished.
This is why it’s important to make backups.
If, by any chance you printed your disk configuration before the gpt operation, you want to copy it into a notepad NOW.
You can use that to try and recreate your original partition layout after converting the disk back to MBR.
Chances are nothing is wiped, except for your disk configuration.
No guarantees, though…
Whatever you do, don’t format anything, as that WILL overwrite your data.
I would copy the existing system onto a new system:
Update system to the latest packages
Create a new base system using the same distro
Check which packages are not on the new system, add them to your playbook
Install packages on new system
This will take some time. Run a find of all files and pass them to md5sum or sha512sum to get a list of files with their checksum. Compare the list from the old system to the new system.
Update your playbook with these findings. Template is probably the way to go, Lineinfile might be good as well, use copy if nothimg else works.
Check firewall settings and update your playbook.
Anyhow this will take some iterations, but while you have a copy of your ‘production’ system, you can test on your ‘test’ machine until you have the same functionality.
Their privacy policy states the obvious, and repeats what’s in the SMTP RFC (821). I can only guess this is because of transparency. All email providers have access to that information. I would actually argue for them that they are better at letting people know which kind of data they do and don’t have access to.
Every (email) service is bound to the law of the country they reside or operate in. Proton has part of its offerings in Switzerland, part in EU (Germany if I recall well). Swiss FADP is very close to GDPR. Also when it comes to privacy protection. Every company bound to GDPR (or FADP) has to abide to the law, and when law enforcement has a good reason to check out user data, and the judge agrees, any company has to provide evidence. Even non-EU based companies offering services in EU. With their transparency report they are providing a tool to their users to know and understand what happens to their data in a lawful manner. And I see that as a win for transparency.
But this is just my opinion, and it is ok to not agree with how I see the world.