Privacy Policy

Your privacy is very important to us. Accordingly, we have developed this Policy in order for you to understand how we collect, use, communicate, disclose, and otherwise process personal information. The following outlines our Privacy Policy.

User data is stored in the United States of America. MailToaster infrastructure is hosted in the United States of America, and user data is stored within our core infrastructure. Personal data may be accessed by authorized personnel located outside the United States solely for the purpose of providing the Services and in accordance with this Privacy Policy.

If you have any questions or concerns about this Privacy Policy or our data practices, you may contact us at [email protected].

1. Respect for Privacy

MailToaster adheres to the following principles to protect user privacy:

  • Before or at the time of collecting personal information, we will identify the purposes for which personal information is collected.
  • We will collect and use personal information solely with the objective of fulfilling those purposes specified by us and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.
  • We will only retain personal information as long as necessary for the fulfillment of those purposes.
  • We will collect personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned.
  • Personal data should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date.
  • We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
  • We will make readily available to customers information about our policies and practices relating to the management of personal information.
  • We may share personal data with service providers who process data on our behalf in accordance with applicable data protection laws, as further described in Section 1.1 below.

1.1 Service Providers

We employ other companies and people to provide services to the visitors and users of the Services, and we may need to share your information with them in order to provide information, products, or services to you. Examples may include:

  • Analyzing data and providing marketing assistance
  • Processing credit card payments
  • Supplementing the information you provide us in order to serve you better
  • Providing customer service and technical support
  • Hosting and maintaining our infrastructure.

In all cases where we share your information with such third parties, we explicitly require the agent to acknowledge and adhere to our privacy and customer data handling policies, including, where applicable, the Data Privacy Framework Principles.

If you have any questions about the third-party service providers we work with, please contact us at [email protected].

2. GDPR Policy

MailToaster complies with the General Data Protection Regulation (GDPR), which is designed to protect personal data and provides individuals with rights to access, modify, delete, and control the collection of their data. 

2.1 Types of Personal Information Collected:

  • Name and email address: We collect your first and last name, email address, postal address, phone number and other similar data.
  • Billing address: We collect your billing address and other information related to your company in order to edit invoices.
  • SMTP credentials : We collect SMTP username, password, host, port and protocol to give MailToaster access to your SMTP. SMTP passwords are stored in encrypted form and are used solely to send emails on your behalf
  • Payment information: We collect data necessary to process your payment such as your credit card, and the security code associated with it. This information is encrypted and handled by our payment service provider Stripe (www.stripe.com) and subscription management system Chargebee (https://www.chargebee.com).
  • Usage of products and services: We collect data about your activity on MailToaster with cookies in order to improve MailToaster service.
  • Device and browser information: We collect your device and browser information to help debugging and the product development.

2.2 Use of Personal Information

In addition to the uses identified elsewhere in this Privacy Policy, we may use your Personal Information to:

  1. improve your browsing experience by personalizing and improving the Services;
  2. send information to you which we think may be of interest to you by post, email, or other means;
  3. send you marketing communications relating to our business or the businesses of carefully-selected third parties which we think may be of interest to you; and
  4. provide other companies with aggregated and non-personally identifiable information about our users — but this information will not be used to identify any individual user.

We may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, we do not transfer your unique Personal Information to the third party.

In addition, we may share data with trusted partners to contact you based on your request to receive such communications, help us perform statistical analysis, or provide customer support. Such third parties are prohibited from using your Personal Information except for these purposes, and they are required to maintain the confidentiality of your information.

We also use information collected through our Services for the following purposes:

  1. to provide the Services (which may include the detection, prevention, and resolution of security and technical issues);
  2. to respond to customer support requests; and
  3. to fulfill the obligations under the MailToaster Terms of Service.

If you do not want us to share your personal information with third parties for the purposes described above, please contact us at [email protected].

2.3 Individual rights:

Users have the following rights with respect to their personal data:

  • Right to be informed: We are transparent about how your personal data is collected and used, as set out in this Privacy Policy.
  • Right of access: You may request access to the personal data we hold about you at any time through the MailToaster service.
  • Right of rectification: If you believe any personal data we hold about you is inaccurate or incomplete, you may contact us at [email protected] and we will process your request promptly.
  • Right of erasure: You may request the deletion of your personal data at any time by contacting us at [email protected]. We will process your request in accordance with applicable law.
  • Right to data portability: You may request an export of your data at any time by contacting us at [email protected].
  • Right to object: You have the right to object to the processing of your personal data in certain circumstances. We will consider and respond to all such requests in accordance with applicable law.

To exercise any of the rights above, please contact us at [email protected].

3. Password privacy

The User is responsible for keeping their login and password secret, and storing them in a secure manner.

4. Connection privacy

Operations between your computer and our servers are authenticated using SSL encryption.

5. Data Privacy Framework Notice

MailToaster complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. MailToaster has certified to the U.S. Department of Commerce that it adheres to the Data Privacy Framework Principles with regard to the processing of personal data received from the European Union, the United Kingdom (and Gibraltar), and Switzerland.

MailToaster’s commitments under the Data Privacy Frameworks apply to personal data other than human resources data transferred from the European Union, the United Kingdom, and Switzerland.

If there is any conflict between the terms in this Privacy Policy and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

With respect to personal data received or transferred pursuant to the Data Privacy Frameworks, MailToaster is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

Individuals have the right to obtain confirmation of whether we maintain personal data relating to them in the United States. Upon request, we will provide access to personal data that we hold and allow individuals to correct, amend, or delete such data.

We will provide individuals with the opportunity to opt out of disclosures of their personal data to third parties or of uses of their personal data for purposes materially different from those for which it was originally collected. For sensitive personal data, we will obtain affirmative express consent (opt-in) before such disclosure or use. To request to limit the use and disclosure of your personal data, please contact us at [email protected].

MailToaster may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

MailToaster remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless MailToaster proves that it is not responsible for the event giving rise to the damage.

In compliance with the Data Privacy Framework Principles, MailToaster commits to resolve complaints about our collection or use of personal information transferred to the United States pursuant to the Data Privacy Frameworks. Individuals with inquiries or complaints should contact us at [email protected].

MailToaster has further committed to refer unresolved privacy complaints to BBB National Programs, an independent dispute resolution mechanism based in the United States. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge.

If your complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration. See  https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction for more information on this process. 

We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained.