In order to offer our Services to you, we must collect certain information about you. Because we respect your privacy, we have documented our policies regarding this information here, and we will not collect or use information about you except in the ways we describe.
We collect two types of information about you: Personally Identifiable Information and Non-personally Identifiable Information.
“Personally Identifiable Information” is information that lets us know who you are, specifically. Information in this category includes the information you use when registering to use the Platform, like your name, email address, associated domain name and credit card information. Your login credentials are also Personally Identifiable Information. Finally, this category includes information tied to your identity that you provide us through other means, such as emails to our support service and comments on our blog.
“Non-personally Identifiable Information” is information that doesn’t let us determine your identity. This generally comes from your use of the Services after registering. For instance, our web server logs may show us that someone with a certain IP address visited the Site using a certain web browser, but we can’t use that information alone to say whether the visitor was you or someone else. Non-personally Identifiable Information also includes information that could personally identify you in its original form, but that we have modified to remove or hide (for instance, by aggregation) any Personally Identifiable Information. This collection of information occurs automatically when you use the Services.
We do not permanently store the content of emails you send and receive with the Platform (unless you store emails in Mailboxes) and we do not mine your messages for contextual advertising. We do temporarily store emails if you are using our store() action through Routes. In addition, we temporarily store emails for purposes of our outbound reputation systems, ensuring they comply with our Terms of Service, re-attempting the delivery of emails that were previously unsuccessfully delivered and for providing log data. If you are using our Email Validation service, we do not store those email addresses. While you should keep in mind that email, by its nature, is not a reliably private means of communication, we support TLS and SSL to limit these risks.
We use the information we collect about you to provide the Services to you. As part of that purpose, we may use your Personally Identifiable Information and Non-personally Identifiable Information:
We may use your Non-personally Identifiable Information to enhance the Services, for instance through web analytics or troubleshooting. We may also use aggregated or depersonalized information to promote our Services, such as by citing usage statistics.
We may also use your information in the ways described above through a third-party contractor rather than in-house. If we do, we’ll require our contractors to protect your data on terms at least as strict as those in this policy.
Except for the limited circumstances described in this policy, we do not provide your information to third parties.
We host the Site and operate the Platform using third parties, including SoftLayer® and Rackspace® (the “hosting providers”). For this reason, we will provide the information we collect to Hosting Providers, and the Hosting Providers will serve it from its data centers throughout the United States.
We use a third party, Stripe®, to process subscription payments, and therefore provide them with the Personally Identifiable Information required to charge your credit card.
We may use third-party services either embedded into our Site (such as Tumblr®, Disqus®, Mixpanel™ and Google® Analytics) or outside of it (such as GitHub® and Twitter®) to communicate with you or to enhance the function of the Services. While we provide these third parties with no more information than is necessary to enable their use, any information that you provide these services independently is subject to their respective privacy policies and practices. We may in the future add additional third-party services or stop using some that we currently use, and we may not update this policy to reflect these changes.
Finally, we may be required by law or court order to provide Personally Identifiable Information or Non-personally Identifiable Information to government authorities or private parties. We fully cooperate with law enforcement agencies in identifying those who use the Services for illegal activities, and we may report to law enforcement any activities that we believe in good faith are unlawful.
You may opt out from any future communications from us (and/or our partners) by emailing us at firstname.lastname@example.org. We will honor your opt-out within 30 days. If you would like us to cease all of the described uses of your Personally Identifiable Information, you may delete your account at any time by emailing us at email@example.com. This will delete your Personally Identifiable Information from our records, and we will make no further use of it. We may, however, retain copies of your Personally Identifiable Information in backups.
You may request a copy of any or all of your Personally Identifiable Information in our possession, and we will honor your request within 30 days. (If we must incur expenses to comply with your request, we may charge you a reasonable fee to cover these expenses if permitted by law.) If you believe any of the Personally Identifiable Information we have collected from you is inaccurate, you can email firstname.lastname@example.org with a request to update this information. We will honor your request within 30 days.
We recognize how important your information is to you, so we maintain safeguards to protect it. We maintain a written internal security policy for our employees and restrict access to your Personally Identifiable Information to only those employees who need it. Our Hosting Providers, provide safeguards to protect your information as well: http://www.softlayer.com/legal/privacy. Our third-party payment processor uses a number of security technologies to safeguard your information. While we cannot guarantee that these measures will prevent every hacking attempt, we will notify you if we discover that the security of any of your Personally Identifiable Information has been materially breached.
Remember, though, that some parts of the Services are public. If you voluntarily provide Personally Identifiable Information in our blog or another public area of the Site, unrelated parties online will be able to view it and collect it. If you don’t want to make this information publicly available, you shouldn’t post it.
We are committed to following applicable laws that protect your privacy. In particular, we follow California’s privacy rules for online service providers. As a U.S.-based service provider, we comply with the U.S.-EU and U.S.-Swiss Safe Harbor Framework and their binding principles as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. We have certified that we adhere to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view our certification page, please visit http://www.export.gov/safeharbor/. We periodically self-verify our continued adherence to these commitments.
Mailgun, Inc. Attn: Privacy Officer 620 Folsom St, Ste 100 San Francisco, CA 94107
Mailgun has further committed to refer unresolved privacy complaints under the US-EU and US-Swiss Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Mailgun, please visit the BBB EU SAFE HARBOR web site at www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint. Please note that the BBB EU SAFE HARBOR can not handle all privacy complaints, but only those related to alleged violations of the Safe Harbor Privacy Principles.
We may need to modify this policy to address new issues or changes to our policies. We will post changes here, so you should check this page regularly. If we make significant changes to this policy, we may notify you in other ways (for instance, by email or with a banner on the Site). Any changes we make will take effect as of the effective date indicated above, which will be at least 30 days after we post them. If you object to the changes, email us at email@example.com before the new effective date to delete your information from our records, and we will do so. Your continued use of the Services after the new effective date will constitute your acceptance of the changed policy.
The Services are only intended for adults, and use by children under thirteen years old is forbidden. We will never intentionally collect Personally Identifiable Information from children under thirteen years old.
If we elect to transfer ownership or control of the Services, whether in whole or in part, to a third party (for instance through a merger or sale), that third party will take over this policy and abide by its terms. We may notify you of any such transfer, but we won’t require your consent to transfer this policy or your information to such a third party.
If you have questions about this policy, or if you’re concerned that we are using your information improperly, please contact us by mail:
Mailgun, Inc. Attn: Privacy Officer 620 Folsom St, Ste 100 San Francisco, CA 94107
by email: firstname.lastname@example.org