Effective 3/31/2014. Last reviewed and updated 8/12/2016.
- We included AWS as a third party hosting provider.
In order to offer our Services to you, we must collect certain information about you. Because we respect your privacy, we have documented our policies regarding this information here, and we will not collect or use information about you except in the ways we describe.
We collect two types of information about you: Personally Identifiable Information and Non-personally Identifiable Information.
“Personally Identifiable Information” is information that lets us know who you are, specifically. Information in this category includes the information you use when registering to use the Platform, like your name, company name, email address, postal address, other contact information, associated domain name and credit card information. Your login credentials are also Personally Identifiable Information. Finally, this category includes information tied to your identity that you provide us through other means, such as emails to our support service and comments on our blog.
“Non-personally Identifiable Information” is information that doesn’t let us determine your identity. This generally comes from your use of the Services after registering. For instance, our web server logs may show us that someone with a certain Internet Protocol (“IP”) address visited the Site using a certain web browser, but we can’t use that information alone to say whether the visitor was you or someone else. Non-personally Identifiable Information also includes information that could personally identify you in its original form, but that we have modified to remove or hide (for instance, by aggregation) any Personally Identifiable Information. This collection of information occurs automatically when you use the Services.
Information we collect by automated means. Each time you visit the Site, view a Mailgun advertisement on a third party-owned website, or read our marketing email, we may automatically collect information about you via cookies, web beacons and other similar technologies. These are small files associated with information that your browser or our servers will save and return as part of your use of the Site and the Services for purposes such as saving your login session between visits, remembering your display preferences and tracking your use of the Site. Such information includes standard information from your web browser (such as browser type and browser language), your IP address, and your activities on the Site (such as the web pages viewed and the links clicked, number of visits, access time), the URL of the site from which you came and the site to which you are going when you leave the Site.
Your use of the Services is subject to the Mailgun Terms of Service. We do not permanently store the content of emails you send and receive with the Platform and we do not mine your messages for contextual advertising. We do temporarily store emails if you are using our store() action through Routes. In addition, we temporarily store emails for purposes of our outbound reputation systems, ensuring they comply with our Terms of Service, re-attempting the delivery of emails that were previously unsuccessfully delivered and for providing log data. If you are using our Email Validation service, we do not store those email addresses. While you should keep in mind that email, by its nature, is not a reliably private means of communication, we support TLS and SSL to limit these risks.
We use the information we collect about you to provide the Services to you. As part of that purpose, we may use your Personally Identifiable Information and Non-personally Identifiable Information:
- to create and maintain your Platform account, and to control access to it;
- to provide you with real-time logs of your use of the Platform;
- to respond to any requests you may submit for support or sales information, or similar communications;
- to communicate with you (for example through newsletters, marketing emails, announcements or special offers) about the Services;
- to measure interest in the Site and our advertising campaigns;
- for billing and collection purposes, if you have subscribed to one of our paid plans;
- to help promote compliance with our Terms of Service or any other agreements between us;
- to enable third parties to provide services to us;
- for customers that request allocated dedicated IP addresses, for the purposes of assigning the dedicated IP address to that customer;
- to carry out other purposes that are disclosed to you and to which you consent;
- to comply with the law.
We may use your Non-personally Identifiable Information to enhance the Services, for instance through web analytics or troubleshooting. We may also use aggregated or depersonalized information to promote our Services, such as by citing usage statistics.
We may also use your information in the ways described above through a third-party contractor rather than in-house. If we do, we’ll require our contractors to protect your data on terms at least as strict as those in this Policy.
Except for the limited circumstances described in this Policy or your applicable agreement / terms of service, we do not provide your information to third parties. When we need to provide your Personally Identifiable Information to third parties, we will only share it to the extent reasonably necessary. We may also share your Personally Identifiable Information as required or permitted by law and as described below.
We host the Site and operate the Platform using third parties, including AWS®, SoftLayer® and Rackspace® (the “Hosting Providers”). The Hosting Providers will host your Platform from its data centers throughout the United States.
We use a third party, Stripe®, to process subscription payments, and therefore provide them with the Personally Identifiable Information required to charge your credit card.
We may use third-party services either embedded into our Site (such as Tumblr®, Disqus®, Mixpanel™, VWO®, Intercom®, KISSMetrics™, Moz™, Segment™ and Google® Analytics) or outside of it (such as GitHub® and Twitter®) to communicate with you or to enhance the function of the Site and the Services.
We use third-party service providers and platforms for customer engagement, customer chat, product feedback and customer support ticketing.
We may share your contact information with ARIN (American Registry for Internet Numbers) for the purposes of fulfilling your request to re-assign the dedicated IP address to the customer.
While we provide these third parties with no more information than is necessary to enable these third-parties to provide the services to us, any information that you provide these services independently is subject to their respective privacy policies and practices.
We may be required by law or court order to provide Personally Identifiable Information or Non-personally Identifiable Information to government authorities or private parties. We fully cooperate with law enforcement agencies in identifying those who use the Services for illegal activities, and we may report to law enforcement any activities that we believe in good faith are unlawful. We may need to release the information we collect to third parties when we believe it is appropriate to comply with the law, to enforce our legal rights, to protect the rights, safety or property of our business and others, or to assist with industry efforts to control fraud, spam or other undesirable conduct and as needed to support auditing, compliance, and corporate governance functions.
Additionally, we will provide information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
You may opt out from any future communications from us (and/or our partners) by emailing us at email@example.com. We will honor your opt-out within 30 days. Please note that you cannot unsubscribe from service-related messages. If you would like us to cease all of the described uses of your Personally Identifiable Information, you may delete your account at any time by emailing us at firstname.lastname@example.org. This will delete your Personally Identifiable Information from our records, and we will make no further use of it. We may, however, retain copies of your Personally Identifiable Information in backups. Please note that we may be required to retain certain information by law and/or for own legitimate business purposes.
You can choose not to provide certain information when using the Site and the Services, but this may prevent you from being able to take full advantage of the functions available online and it may prevent us from being able to provide you with the Services.
You may request a copy of any or all of your Personally Identifiable Information in our possession, and we will honor your request within 30 days. If we must incur expenses to comply with your request, we may charge you a reasonable fee to cover these expenses if permitted by law. If you believe any of the Personally Identifiable Information we have collected from you is inaccurate, you can email email@example.com with a request to update this information. We will honor your request within 30 days.
We recognize how important your information is to you, so we maintain safeguards to protect it. We maintain a written internal security policy for our employees and restrict access to your Personally Identifiable Information to only those employees who need it. Our third-party payment processor uses a number of security technologies to safeguard your information. While we cannot guarantee that these measures will prevent every hacking attempt, we will notify you if we discover that the security of any of your Personally Identifiable Information has been materially breached.
Remember, though, that some parts of the Services are public and that email, by its nature, is not a reliably private means of communication. If you voluntarily provide Personally Identifiable Information in our blog or another public area of the Site, unrelated parties online will be able to view it and collect it. If you don’t want to make this information publicly available, you shouldn’t post it.
We are committed to following applicable laws that protect your privacy. As a U.S.-based service provider, we participate in the U.S.-EU and U.S.-Swiss Safe Harbor Framework and their binding principles as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. We have certified that we adhere to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement for Personally Identifiable Information we collect. To learn more about the Safe Harbor program, and to view our certification page, please visit http://www.export.gov/safeharbor. We periodically self-verify our continued adherence to these commitments.
In compliance with the US-EU and US-Swiss Safe Harbor Principles, Mailgun commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss citizens with inquiries or complaints regarding this Policy should first contact Mailgun at:
Attn: General Counsel,
1 Fanatical Place, City of Windcrest,
San Antonio, Texas 78218
by email: firstname.lastname@example.org
Mailgun has further committed to refer unresolved privacy complaints under the US-EU and US-Swiss Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureau. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Mailgun, please visit the BBB EU SAFE HARBOR web site at www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint. Please note that the BBB EU SAFE HARBOR cannot handle all privacy complaints, but only those related to alleged violations of the Safe Harbor Privacy Principles.
We may need to modify this Policy to address new issues or changes to our policies. We will post changes here, so you should check this page regularly. If we make significant changes to this Policy, we may notify you in other ways (for instance, by email or with a banner on the Site). Any changes we make will take effect 30 days after the update date noted above. If you object to the changes, email us at email@example.com before the new effective date to delete your information from our records, and we will do so. Your continued use of the Services after the new effective date will constitute your acceptance of the changed Policy.
The Services are only intended for adults, and use by children under thirteen years old is forbidden. We will never intentionally collect Personally Identifiable Information from children under thirteen years old.
If we elect to transfer ownership or control of the Services, whether in whole or in part, to a third party (for instance through a merger or sale), that third party will take over this Policy and abide by its terms. We may notify you of any such transfer, but we won’t require your consent to transfer this Policy or your information to such a third party.
Global Rackspace Privacy Statement is available on the Rackspace Privacy Center at http://www.rackspace.com/information/legal/privacystatement.
If you have questions about this Policy, or if you’re concerned that we are using your information improperly, please contact us by mail:
Attn: General Counsel,
1 Fanatical Place, City of Windcrest,
San Antonio, Texas 78218
by email: firstname.lastname@example.org