Privacy Policy

Mailor B.V. ("Mailor," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy describes our practices regarding the collection, use, and disclosure of information we receive through our services.

This policy applies to all users of Mailor's email services, website, and related applications. By using our services, you consent to the data practices described in this policy.

Information You Provide Directly:

• Account Information: Name, email address, password (encrypted), phone number (optional)
• Profile Information: Avatar, display name, time zone, language preferences
• Payment Information: Billing address, payment method details (processed securely through our payment processors)
• Communications: Email content, attachments, contacts, and metadata when you use our services
• Support Information: Information provided when contacting customer support

Information Collected Automatically:

• Usage Data: Features used, actions taken, time spent, frequency of use
• Device Information: IP address, browser type, operating system, device identifiers
• Log Data: Access times, pages viewed, app crashes, system activity
• Location Information: Approximate location based on IP address (not precise GPS location)
• Cookie Data: Session cookies, preference cookies, security cookies

Information from Third Parties:

• OAuth information when you connect third-party services
• Contact information when others send emails to your Mailor address
• Public information for spam and security filtering

We use the information we collect for the following purposes:

• Service Provision: To provide, maintain, and improve our email services
• Account Management: To create and manage your account, process transactions
• Communication: To send service updates, security alerts, and support messages
• Security: To detect, prevent, and address fraud, abuse, and security issues
• Analytics: To understand usage patterns and improve our services
• Legal Compliance: To comply with legal obligations and protect our rights
• Personalization: To customize your experience and provide relevant features

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

We share your information only in the following circumstances:

• With Your Consent: When you explicitly agree to share information
• Service Providers: With trusted third parties who assist in operating our services (under strict confidentiality agreements)
• Legal Requirements: When required by law, subpoena, or government request
• Protection of Rights: To protect the rights, property, or safety of Mailor, our users, or the public
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)
• Aggregated Data: Non-identifiable aggregate data for analytics and research

We implement comprehensive security measures to protect your data:

• Encryption: End-to-end encryption for emails, TLS 1.3 for data in transit, AES-256 for data at rest
• Access Controls: Role-based access, multi-factor authentication, regular access reviews
• Infrastructure: Secure data centers, firewalls, intrusion detection systems
• Monitoring: 24/7 security monitoring, automated threat detection
• Auditing: Regular security audits, penetration testing, SOC 2 Type II compliance
• Incident Response: Dedicated security team, breach notification procedures

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

We retain your information for as long as necessary to provide our services and fulfill the purposes outlined in this policy:

• Active Account Data: Retained while your account is active
• Deleted Emails: Permanently deleted after 30 days from trash
• Backup Data: Retained in secure backups for up to 90 days
• Legal Hold: Retained as required by legal obligations
• Deactivated Accounts: Anonymized or deleted after 2 years of inactivity

You can request deletion of your account and associated data at any time through your account settings.

You have the following rights regarding your personal information:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data
• Portability: Export your data in a machine-readable format
• Restriction: Limit how we process your information
• Objection: Object to certain processing activities
• Withdrawal: Withdraw consent for data processing

To exercise these rights, contact our Data Protection Officer at privacy@mailor.com or use the tools in your account settings.

We use cookies and similar technologies to enhance your experience:

• Essential Cookies: Required for service functionality and security
• Performance Cookies: Help us understand service usage and performance
• Functionality Cookies: Remember your preferences and settings
• Analytics Cookies: Collect anonymous usage statistics

You can manage cookie preferences through your browser settings. Disabling certain cookies may limit service functionality.

We do not use advertising cookies or share data with advertising networks.

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place:

• EU Standard Contractual Clauses for transfers outside the EEA
• Privacy Shield framework compliance where applicable
• Adequacy decisions by relevant data protection authorities
• Binding corporate rules for intra-group transfers

All data transfers comply with applicable data protection laws and regulations.

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information.

If you believe we have collected information from a child, please contact us immediately at privacy@mailor.com.

European Economic Area (GDPR):

Users in the EEA have additional rights under the General Data Protection Regulation, including the right to lodge a complaint with supervisory authorities.

California (CCPA/CPRA):

California residents have specific rights under the California Consumer Privacy Act, including the right to know, delete, and opt-out of the sale of personal information (which we do not sell).

Other Jurisdictions:

We comply with applicable privacy laws in all jurisdictions where we operate, including Brazil (LGPD), Canada (PIPEDA), and others.

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new policy on this page
• Updating the "Last Updated" date
• Sending an email notification for significant changes
• Obtaining consent where required by law

Your continued use of our services after changes constitutes acceptance of the updated policy.

For privacy-related questions or concerns, please contact:

Data Protection Officer
Mailor B.V.
Herengracht 501
1017 BV Amsterdam
Netherlands
Email: privacy@mailor.com
Phone: +31 20 123 4567

EU Representative:
Mailor EU Data Representative
Dublin, Ireland
Email: eu-privacy@mailor.com