Legal

Privacy Policy

Your privacy is important to us. Here’s how we use and protect your data.

Last updated on May 29, 2024

At MailerSend, protecting your privacy and the privacy of anyone receiving your communications is very important to us. The purpose of this Privacy Policy is to make MailerSend safe and appropriate for everyone. Our Privacy Policy applies to your use of MailerSend’s Services and describes the kind of information we process, how it is processed, and why. 

MailerSend is a corporation whose legal name is MailerSend, Inc. (228 Park Ave S, PMB 54955, New York, New York 10003-1502, US, “MailerSend”). MailerSend provides cloud-based transactional email (additionally for U.S.-based customers—transactional and/or marketing SMS (SMS)) services ("Services"). 

To the extent EU data protection law applied to our Processing of information about Customers, we act as the Controller. To the extent EU data protection law applies to our processing of Customer’s Data Subjects data, the Customer serves as the Controller and we serve as the Processor. 

1. Definitions

1.1. "Controller" means an entity that determines the purposes and means of the Processing of Personal Data. 

1.2. "Customer" means a person or entity that is registered with MailerSend to use the Services. 

1.3. "Data Subject" means a natural person whose Personal Data MailerSend is processing. 

1.4. "Data Protection Laws" means all data protection and privacy laws and regulations of the EU, EEA, and their member states, Switzerland and the United Kingdom, applicable to the Processing of Personal Data. 

1.5. "GDPR" means the Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation). 

1.6. "Personal Data" means any information relating to an identified or identifiable natural person. 

1.7. "Processing" means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction. "Process", "Processes" and "Processed" shall be interpreted accordingly. 

1.8. "Processor" means a natural or legal person, public authority, agency, or any other body which Processes Personal Data on behalf of the Controller. 

1.9. "Services" means any product or service provided by MailerSend pursuant to MailerSend’s Terms of Use ("TOU"). 

1.10. “We”, “us”, and “our” refer to MailerSend. 

1.11. "You," "your," and "yours" refer to the user. 

2. Consent

2.1. By accessing our Services, you accept our Privacy Policy and TOU, and you consent to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy. In addition, by using our Services you are accepting the policies and practices described in this Privacy Policy. Each time you visit our website or the Service, and any time you voluntarily provide us with information, you agree that you are consenting to our collection, use, and disclosure of the information that you provide, and you are consenting to receive emails or otherwise be contacted, as described in this Privacy Policy. Whether or not you register or create an account with us, this Privacy Policy applies to all users of the website and the Services. 

3. What information we Process

3.1. MailerSend collects both “Personal Data” and “Non-Personal Data” about you and will Process this data for the duration of the Services, as described in the TOU: 

3.1.1. Personal Data: 

  • Customers information: identification and contact data (legal name, contact details (email), name of the representative; billing information (billing address, PayPal account details, payment information); organization information (name, address, geographic location, area of responsibility, VAT code, registration code), IT information (IP addresses, usage data, cookies data, online navigation data, location data, browser data); and 

  • Data Subject information: email address, IP, location data, phone number, device data, and any other information which Customer will provide to us. 

3.1.1.1. At any time, you may log in and change this information, or remove it. You may decline to provide Personal Data to the Services, however, some of the Personal Data we ask you to provide, for example, an email address, is mandatory for a Service. If you decline to provide it, we may not be able to provide that service to you. 

3.1.1.2. When providing SMS services, MailerSend uses third-party SMS service provider Bandwidth to which MailerSend transfers your data. You may find Bandwidth’s Privacy Notice here

3.1.1.3. Please note, MailerSend does not process or store your credit card information. Once you make a payment, your credit card information is transferred to our third-party payment processor Stripe. Please find their Privacy Policy here.

3.1.1.4. When you have enough credits, you can upload the list of your recipients’ email addresses to MailerSend for email verification purposes. If you upload the list and don’t verify it, the list will be deleted from MailerSend. If you verify the list, it will be stored in MailerSend. You can delete the list at any time. 

3.1.2. Non-Personal Data: 

  • Browser and device information: location, device type, model, number, type of browser or operating system, the time and date of access, browsing activity, screen resolution, plug-ins, add-ons and the version of the Services you are using, and other information that does not personally identify you; and 

  • Information from your use of the Services and information from other sources: we may receive information about how and when you use the Services, store it in log files, or other types of files associated with your account and link it to other information we collect about you. Also, we may obtain information about you or your Data Subjects from third party sources, such as public databases, social media platforms, third-party data providers, and our joint marketing partners. This information may include, for example, time, date, browser used, demographic information, device information (such as device type, model, number, type of browser or operating system, IP addresses), location and online behavioral data (such as information about your use of social media websites, page view information and search results and links), actions you have taken, anonymous usage data, referring/exit pages and URLs, preferences you submit and preferences that are generated based on the data you submit and the number of clicks. 

4. Purposes of collecting and Processing Personal Data

4.1. MailerSend uses collected information for the operation of the Services, to maintain the quality of the Service, to provide general statistics regarding use of the Service, to promote and analyze the Services, to provide customer support and send information about the Services, to protect the rights and safety of Customers, Data Subjects, third-parties and our own, to send customized informational or promotional content and provide suggestions according to marketing preferences, to ensure observance of our TOU and meet the legal requirements, to verify identity and provided information, manage payments, to understand demographics, Customer interests and needs, and other trends among users, and for other business purposes. 

4.2. We may combine Personal Data with other information we Process to customize informational content and enhance our ability to provide Services according to marketing preferences, restrictions or for advertising, targeting purposes or to develop and provide you with more relevant products and features in accordance with this Privacy Policy. 

5. How we collect your information

5.1. Data provided by our Customers: Customers may import into the Services Personal Data they have collected from their Data Subjects or other individuals. We have no direct relationship with Customers’ Data Subjects or any individuals other than our Customers. Our Processing of Personal Data is based on the Data Subject freely given consent and Customers are responsible for making sure they have the necessary permissions for us to Process Personal Data about Data Subjects or other individuals. 

5.2. Tracking technologies: in connection with the performance of the Services, MailerSend uses: 

  • Cookies: cookies are tiny files of data that a website transfers to your computer's hard disk for record-keeping purposes. Most web browsers are set to accept cookies, but you can change this in your browser settings. However, if you do not accept cookies, you may not be able to use all of MailerSend’s functionality. We use cookies to improve your MailerSend experience and by collecting this data, we can store information so that you do not have to re-enter it every time you visit MailerSend. We also use it to monitor visitor metrics to MailerSend such as page views, time on site, number of visitors, etc; 

  • Web beacons: we include single-pixel GIFs (web beacons) in emails we send, which allow us to collect information about when you open the email and your IP address, your browser or email client type, and other similar details. We use the data from those web beacons to create reports about how our emails performed and how we can improve them; and 

  • Unique identifiers and similar tracking technologies: we may use other tracking technologies to administer the Services, track your movements around the Services, analyze trends, track behavior, serve targeted advertisements and gather demographic information, to measure the performance of our email campaigns and to improve our features for specific segments of Customers.  

5.3. Log Data monitoring: we may collect log data whenever you access our tool. This data could include things like an IP address, browser type and version, the pages you visit on MailerSend, and other user statistics. When you access MailerSend with a mobile device, log data may include the type of device, your mobile unique ID, the IP address of your device, mobile operating system, and other mobile statistics. 

5.4. We may use third-party services such as Google Analytics, that collect and analyze log data to help us improve MailerSend, and occasionally to use for targeted online advertising. Our third-party partners may use cookies or other tracking technologies to provide you advertising on other sites based on your browsing activities and interests. You can find more information about these practices, including how to opt-out of receiving targeted advertising here: http://www.aboutads.info/choices/.  

5.5. Our third-party partners may use cookies or other tracking technologies to provide you advertising on other sites based on your browsing activities and interests. You can find more information about these practices, including how to opt-out of receiving targeted advertising here: http://www.aboutads.info/choices/.  

5.6. Based on the requirements of the California Online Privacy Protection Act, MailerSend declares that it does not correspond to Do Not Track browser signals. 

6. Transferring to third-party companies

6.1. We will never sell, rent, or lease your Personal Data to a third party, but we may share collected information for the purposes described in this Privacy Policy with third-parties that help MailerSend provide, improve, promote or support Services, that help with our business operations and assist in the delivery of our Services, or who perform services for us, in order to prevent damage to our property or for safety reasons, for example, payment processors, hosting services, analytics, content delivery services, advertising partners, etc., in a manner that is consistent with this Privacy Policy. We may also share information with third parties if required to do so by law or if you violate our TOU. 

6.2. We may disclose Non-Personal Data for any purpose because this information cannot be used to identify you or another person. 

7. Email communications and opting-out

7.1. From time to time you may receive emails from us related to your use of MailerSend. Based on the Personal Data that you provide us, we may communicate with you in response to your inquiries to provide the Services you request and to manage your account. We may also use your Personal Data to send you updates and other promotional communications. Every email will contain a link to be able to opt-out of receiving it. We may still send important messages regarding administrative matters, updates, disputes, and customer service issues that are required to provide the Services. 

7.2. If a Data Subject no longer wants to be contacted by one of our Customers by email, they should unsubscribe directly from that Customer’s email/or contact the Customer directly to update or delete the data.  

7.3. Every transactional or marketing SMS you send using MailerSend must include clear instructions on how to opt-out by including the sentence: “Reply STOP to unsubscribe” at the end of the initial message sent to the consumer, or “reply STOP to cancel”. Once they opt-out, you must stop sending them SMS. 

8. Safety of your information

8.1. MailerSend takes reasonable precautions, technical and organizational security measures to ensure a level of security appropriate to the risk, follows industry best practices in order to protect your Personal Data from any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Personal Data and to preserve the security and confidentiality of the data. However, these measures do not guarantee that your information will not be accessed, disclosed, altered, or destroyed by breach of such precautions. By using our Service, you acknowledge that you understand and agree to assume these risks. 

8.2. The Customer is responsible for reviewing the information made available by MailerSend relating to its data security and making an independent determination as to whether the Services meet Customer’s requirements and legal obligations under Data Protection Laws. Also, the Customer is responsible for its secure use of the Services, including securing its account authentication credentials, protecting the security of Personal Data when in transit to and from the Services, and taking any appropriate steps to securely encrypt or backup any Personal Data uploaded to the Services. 

9. Protecting Data Subject’s emails, phone numbers and data

9.1. We reserve the right to monitor your emails, content and response data from time to time to make sure they comply with our TOU, we will never share, sell or rent your data to anyone for any reason. 

9.2. We reserve the right to monitor your SMS, content and response data from time to time to make sure they comply with our TOU. We will never share, sell or rent your data to anyone for any reason. 

9.3. Our data storage centers are in the European Union and have an information storage security certificate (ISO 27001) as well as a certificate of IT service management (ISO 20000) so you can rest assured that your Data Subject’s data is safe with us. 

10. Customers’ rights

10.1. You have the following rights regarding your Personal Data:

  • Right to Access. You have the right to request disclosure of the specific pieces of your Personal Data we have collected about you in a portable and, where technically feasible, readily usable format.

  • Right to Know. You have the right to verify if we have collected Personal Data about you and to know the details of it.

  • Right to Deletion. You may request the deletion of your Personal Data in accordance with Clause 11 of this Privacy Policy.

  • Right to Opt-Out. You have the right to opt-out of sharing your Personal Data for cross-context behavioral advertising to third parties. You can exercise this right by visiting our Cookie Settings and disabling functional, performance, and targeting cookies.

  • Right to object to the processing of your Personal Data. You have the right to object to the processing of your Personal Data, including profiling.

  • Right to correct your Personal Data. You have the right to update inaccurate information that we process about you by amending it to your MailerSend account.

  • Right to exercise rights without discrimination. You have the right not to receive discriminatory treatment if you exercise the rights conferred to you by applicable privacy law.

10.2. Please be aware that these rights may be limited by applicable laws and depend on technical feasibility.

10.3. If you are not able to exercise these rights through your MaileSend account, please contact us via email at info@mailersend.com. We may require additional information or identifying documents from you to verify your identity and process your request. 

10.4. If you are a resident of California and you want to implement your rights under the California Consumer Privacy Act, please refer to Clause 15 of this Privacy Policy.

11. Data retention

11.1. Unless you specifically request that we delete your Personal Data, we will keep it for as long as we need to meet our TOU, give you Services, and maintain the effective operation of our business. In case you request the deletion of your Personal Data, it will be effective within the next 30 days, after this 30-day period the data is deleted permanently and there will be no option for data recovery. If you wish to reverse deletion of the data in the 30-day period, you should contact us directly with such a request. 

11.2. If you ask us to delete your Personal Data, we may still be obliged to retain some personal records for the following purposes: (i) to follow the law or rules (like maintaining transaction records), (ii) to deal with legal issues or defend ourselves in legal claims, and (iii) to protect against fraud or abuse on our Service. This implies that different types of Personal Data may be kept for different amounts of time.

11.3. Sometimes, we might not be able to delete, make anonymous, or hide your Personal Data right away because of technical, legal, or operational reasons. In these situations, we will take reasonable measures to securely isolate your Personal Data from any further Processing until we can properly delete, make anonymous, or de-identify it.

11.4. If your account is inactive for 6 months or more, MailerSend reserves the right to permanently delete your account with all its data, including your templates, activity records, suppressions lists, list of recipients emails, their phone numbers if you sent SMS, and your content such as emails and/or SMS. If MailerSend decides to delete your account, you will be informed via email notifications giving you time to export your data or reactivate your account, such notifications will be sent 30 days, 7 days, and 1 day before the permanent deletion of your data. Please note that once the data is permanently deleted, there will be no option for data recovery.

12. Links to other websites

12.1. As part of the Service, we may provide links to or compatibility with other websites or applications. However, we are not responsible for the privacy practices employed by those websites or the information or content they contain. This Privacy Policy applies solely to information collected by us through the Service. Therefore, this Privacy Policy does not apply to your use of a third-party website accessed by selecting a link via our Service. To the extent that you access or use the Service through or on another website or application, then the privacy policy of that other website or application will apply to your access or use of that site or application. We encourage our users to read the privacy statements of other websites before proceeding to use them. 

13. Data Processing Addendum

13.1. We created our Data Processing Addendum to cover the GDPR requirements as they relate to cloud-based transactional communications software services and we encourage all our Customers to review it and agree with the terms of the Data Processing Addendum. 

14. Age of consent

13.1. By using the Service, you represent that you are at least 18 years of age. 

15. California Privacy Rights 

15.1. This section applies exclusively to individuals residing in California (“California Customers”). It delineates our procedures for collecting, using, and sharing Personal Data of California Customers in our capacity as a business according to the California Consumer Privacy Act ("CCPA"), along with the associated rights regarding such Personal Data. For the purposes of this clause, "Personal Data" refers to the definition of “Personal Information” as it is outlined in the CCPA.

15.2. California Customers have the ability to exercise the subsequent rights regarding their Personal Data, but these rights are not unconditional, and there may be instances where we are authorized to reject your request according to CCPA:

  • Right to Know: You can request details about our collection and usage of your Personal Data, including categories of collected data, purposes, third-party sharing, and specific pieces collected. MailerSend will respond to a maximum of two (2) requests within a twelve (12) month period.

  • Right to Access: You are able to access all Personal Data transferred to us in your MailerSend account. You can also request details regarding how we have collected and used your Personal Data over the past twelve (12) months, and MailerSend will respond to a maximum of two (2) requests. Please note that there may be legal restrictions preventing us from disclosing certain Personal Data if it poses a substantial risk to the security of the information, our systems, or your account.

  • Right to Correct: If you find any inaccuracies in your Personal Data that we hold, or if your Personal Data changes, you can make respective changes in your MailerSend account or you can notify us and we will promptly update our records to ensure they reflect the accurate information.

  • Right to Deletion: You can request the deletion of your Personal Data as per Clause 11 of this Privacy Policy. MailerSend may delete, de-identify, or aggregate your data upon such a request, confirming the information before deletion.

  • Opt-out of Sharing: MailerSend uses services to deliver personalized ads to you. Under the CCPA, our utilization of some of these services may be tagged as sharing your Personal Data with the advertising partners who provide these services. You have the option to opt-out of the sharing of your Personal Data by visiting our Cookie Settings and disabling functional, performance, and targeting cookies.

  • No Selling of Personal Data: If you have activated the opt-out feature, you will automatically be excluded from any sharing when engaging with our Services. MailerSend adheres to CCPA regulations by not selling your Personal Data.

  • Limited Processing of Sensitive Personal Data: We don’t collect any sensitive Personal Data. However, we cannot control whether our Customers use or disclose sensitive Personal Data of their Subscribers. If you are a Subscriber of our Customers, please contact them directly for queries regarding your sensitive Personal Data.

  • Right to Nondiscrimination. We will not engage in discrimination against you for exercising any of your CCPA rights.

15.3.  If you are not able to exercise these rights through your MailerSend’s account, California Customers may exercise these rights over their Personal Data by contacting us via email at info@mailersend.com.

15.4. MailerSend in terms of CCPA acts as a service provider and we process Personal Data on our Customers behalf. Please direct any requests for access or deletion of your Personal Data to our Customers with whom you have a direct relationship.

16. Data Privacy Framework

16.1. MailerSend, Inc. has certified to the Department of Commerce that it adheres to the Data Privacy Framework Principles. When providing Services to Customers outside the European Economic Area (EEA), United Kingdom, and Switzerland, MailerSend, Inc. operates in accordance with the EU-U.S. and Swiss-U.S. Data Privacy Frameworks ('DPF'), as well as the UK Extension to the EU-U.S. DPF, as stipulated by the US Department of Commerce. This adherence extends to the collection, processing, utilization, and retention of Personal Data from these regions.  If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF principles and/or the Swiss-U.S. DPF principles, the principles shall govern. For further information regarding the DPF and to access our certification, please visit the DPF website here.

16.2 MailerSend, Inc. falls under the regulatory authority of the US Federal Trade Commission, which possesses investigatory and enforcement powers. Additionally, you have the option to file a complaint with your local data protection authority, and we will collaborate with them to address your concerns. Under specific conditions, as outlined in Annex I to the DPF Principles, the DPF provides the right to pursue binding arbitration to resolve complaints that remain unresolved through other channels.

16.3. In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, MailerSend, Inc. commits to resolve DPF Principles-related complaints about our collection and use of your Personal Data. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact MailerSend, Inc. via email at info@mailersend.com.

16.4. In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, MailerSend, Inc. commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of Personal Data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.

16.5. We remain responsible for all the personal information we receive under the DPF and that we subsequently transfer to third parties acting as agents on our behalf if they process personal information in a manner inconsistent with the DPF principles.

17. Merger or acquisition

17.1. In the event we undergo a business transaction such as a merger, acquisition by another company, or sale of all or a portion of our assets, your Personal Data may be among the assets transferred. You acknowledge and consent that such transfers may occur and are permitted by this Privacy Policy, and that any acquirer of our assets may continue to Process your Personal Data as set forth in this Privacy Policy. 

18. MailerSend as a Controller

18.1. MailerSend acts as a Controller of Personal Data of the Customer, its employees, contractors, candidates, affiliates, and other third parties that are not considered as a Customer. MailerSend undertakes to comply with legal requirements when processing Personal Data as a Controller and implements appropriate technical and organizational measures to ensure a level of security of Personal Data as required under GDPR and applicable Data Protection Laws. 

19. Changes

19.1. MailerSend reserves the right to change this Privacy Policy at any time. If we decide to change this Privacy Policy, we will post these changes on this page so that you are always aware of what information we collect, how we use it, and under what circumstances we disclose it. All changes are effective immediately upon posting and we suggest that you check this Privacy Policy periodically if you are concerned about how your information is used. 

20. Contacting MailerSend

20.1. Please contact us at any time via email at info@mailersend.com if you: 

  • Would like to request access to the information we hold about you, correct, modify, delete or update Personal Data that you have provided to us; or 

  • Have any questions regarding this Privacy Policy or the practices of this site, wish to withdraw your consent for the continued collection, would like to object to your Personal Data being used, or have any additional questions.