Last revised and updated 08/31/2017. Click here to see the latest version.
- We added more distinctions between Mailgun users and website visitors to make it clearer which policies apply to each group.
- We included information on what data we collect, how we use it, and the rights that you have in relation to this data.
- We added details about the third-party partners we use to facilitate business functions and explained how we work with them.
- We updated our policy to remove references to the U.S.-Swiss Safe Harbor Framework.
- We made changes to reflect improvements to our Services’ email validation functionality.
In order to offer our Services to you, we must collect certain information about you. Because we respect your privacy, we have documented our policies regarding this information here, and we will not collect or use information about you except in the ways we describe.
1. What information we collect
We collect two types of information about you: Personally Identifiable Information and Non-personally Identifiable Information.
“Personally Identifiable Information” is information that lets us know who you are, specifically. Information in this category includes the information you use when registering to use the Platform, like your name, company name, email address, postal address, other contact information, associated domain name and credit card information. Your login credentials are also Personally Identifiable Information. Finally, this category includes information tied to your identity that you provide us through other means, such as emails to our support service and comments on our blog.
“Non-personally Identifiable Information” is information that doesn’t let us determine your identity. This generally comes from your use of the Services after registering. For instance, our web server logs may show us that someone with a certain Internet Protocol (“IP”) address visited the Site using a certain web browser, but we can’t use that information alone to say whether the visitor was you or someone else. Non-personally Identifiable Information also includes information that could personally identify you in its original form, but that we have modified to remove or hide (for instance, by aggregation) any Personally Identifiable Information. This collection of information occurs automatically when you use the Services.
Information we collect by automated means. Each time you visit the Site, view a Mailgun advertisement on a third party-owned website, or read our marketing email, we may automatically collect information about you via cookies, web beacons and other similar technologies. These are small files associated with information that your browser or our servers will save and return as part of your use of the Site and the Services for purposes such as saving your login session between visits, remembering your display preferences and tracking your use of the Site. Such information includes standard information from your web browser (such as browser type and browser language), your IP address, and your activities on the Site (such as the web pages viewed and the links clicked, number of visits, access time), the URL of the site from which you came and the site to which you are going when you leave the Site.
2. Your use of the Services
Your use of the Services is subject to the Mailgun Terms of Service. We do not permanently store the content of emails you send and receive with the Platform and we do not mine your messages for contextual advertising. We do temporarily store emails if you are using our store() action through Routes. In addition, we temporarily store emails for purposes of our outbound reputation systems, ensuring they comply with our Terms of Service, re-attempting the delivery of emails that were previously unsuccessfully delivered and for providing log data. While you should keep in mind that email, by its nature, is not a reliably private means of communication, we support TLS and SSL to limit these risks.
3. How we use your information
We use the information we collect about you to provide the Services to you. As part of that purpose, we may use your Personally Identifiable Information and Non-personally Identifiable Information:
- to create and maintain your Platform account, and to control access to it;
- to provide you with real-time logs of your use of the Platform;
- to respond to any requests you may submit for support or sales information, or similar communications;
- to communicate with you (for example through newsletters, marketing emails, announcements or special offers) about the Services;
- to measure interest in the Site and our advertising campaigns;
- for billing and collection purposes, if you have subscribed to one of our paid plans;
- to help promote compliance with our Terms of Service or any other agreements between us;
- to enable third parties to provide services to us;
- for customers that request allocated dedicated IP addresses, for the purposes of assigning the dedicated IP address to that customer;
- to carry out other purposes that are disclosed to you and to which you consent; and
- to comply with the law.
We may use your Non-personally Identifiable Information to enhance the Services, for instance through web analytics or troubleshooting. We may also use aggregated or depersonalized information to promote our Services, such as by citing usage statistics.
We may also use your information in the ways described above through a third-party contractor rather than in-house. If we do, we’ll require our contractors to protect your data on terms at least as strict as those in this Policy.
4. Third parties
Except for the limited circumstances described in this Policy or your applicable agreement / terms of service, we do not provide your information to third parties. When we need to provide your Personally Identifiable Information to third parties, we will only share it to the extent reasonably necessary. We may also share your Personally Identifiable Information as required or permitted by law and as described below.
We host the Site and operate the Platform using third parties, including AWS®, SoftLayer® and Rackspace® (the “Hosting Providers”). The Hosting Providers will host your Platform from its data centers throughout the United States.
We use a third party, Stripe®, to process subscription payments, and therefore provide them with the Personally Identifiable Information required to charge your credit card.
We may use third-party services either embedded into our Site (such as Disqus®, Mixpanel™, VWO®, Intercom®, KISSMetrics™, Moz™, Segment™ and Google® Analytics) or outside of it (such as GitHub® and Twitter®) to communicate with you or to enhance the function of the Site and the Services.
We use third-party service providers and platforms for customer engagement, customer chat, product feedback and customer support ticketing.
We may share your contact information with ARIN (American Registry for Internet Numbers) for the purposes of fulfilling your request to re-assign the dedicated IP address to the customer.
While we provide these third parties with no more information than is necessary to enable these third-parties to provide the services to us, any information that you provide these services independently is subject to their respective privacy policies and practices.
In certain situations, Mailgun may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We may be required by law or court order to provide Personally Identifiable Information or Non-personally Identifiable Information to government authorities or private parties. We fully cooperate with law enforcement agencies in identifying those who use the Services for illegal activities, and we may report to law enforcement any activities that we believe in good faith are unlawful. We may need to release the information we collect to third parties when we believe it is appropriate to comply with the law, to enforce our legal rights, to protect the rights, safety or property of our business and others, or to assist with industry efforts to control fraud, spam or other undesirable conduct and as needed to support auditing, compliance, and corporate governance functions.
Additionally, we will provide information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
5. Your choices
You may opt out from any future communications from us (and/or our partners) by emailing us at firstname.lastname@example.org. We will honor your opt-out within 10 days. Please note that you cannot unsubscribe from service-related messages. If you would like us to cease all of the described uses of your Personally Identifiable Information, you may delete your account at any time by emailing us at email@example.com. This will delete your Personally Identifiable Information from our records, and we will make no further use of it. We may, however, retain copies of your Personally Identifiable Information in backups. Please note that we may be required to retain certain information by law and/or for own legitimate business purposes.
You can choose not to provide certain information when using the Site and the Services, but this may prevent you from being able to take full advantage of the functions available online and it may prevent us from being able to provide you with the Services.
Upon request Mailgun will provide you with information about whether we hold any of your personal information. To request this information please contact us at firstname.lastname@example.org.
An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to Mailgun’s customer (the data controller). If requested to remove data we will respond within a reasonable timeframe.
You may access, correct, request deletion or request a copy of any or all of your Personally Identifiable Information in our possession by emailing us at email@example.com or updating your account settings, and we will honor your request within 30 days. If we must incur expenses to comply with your request, we may charge you a reasonable fee to cover these expenses if permitted by law. If you believe any of the Personally Identifiable Information we have collected from you is inaccurate, you can email firstname.lastname@example.org a request to update this information. We will honor your requests within reasonable timeframe.
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal information, you can contact us at email@example.com.
Remember, though, that some parts of the Services are public and that email, by its nature, is not a reliably private means of communication. If you voluntarily provide Personally Identifiable Information in our blog or another public area of the Site, unrelated parties online will be able to view it and collect it. If you don’t want to make this information publicly available, you shouldn’t post it.
7. EU-U.S. Privacy Shield
Mailgun participates and has certified its compliance with the EU-U.S. Privacy Shield Framework. Mailgun is committed to subjecting all personal data received from the European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List https://www.privacyshield.gov/list
Mailgun is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Mailgun complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Mailgun is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
Under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
European Union citizens with inquiries or complaints regarding this Policy should first contact Mailgun at:
Mailgun Technologies, Inc.
535 Mission St.
San Francisco, CA 94105
by email: firstname.lastname@example.org
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
We may need to modify this Policy to address new issues or changes to our policies. We will post changes here, so you should check this page regularly. If we make significant changes to this Policy, we may notify you in other ways (for instance, by email or with a banner on the Site) prior to the change becoming effective. Any changes we make will take effect 30 days after the update date noted above. If you object to the changes, email us at email@example.com before the new effective date to delete your information from our records, and we will do so. Your continued use of the Services after the new effective date will constitute your acceptance of the changed Policy.
The Services are only intended for adults, and use by children under thirteen years old is forbidden. We will never intentionally collect Personally Identifiable Information from children under thirteen years old.
If we elect to transfer ownership or control of the Services, whether in whole or in part, to a third party (for instance through a merger or sale), that third party will take over this Policy and abide by its terms. We may notify you of any such transfer, but we won’t require your consent to transfer this Policy or your information to such a third party.
Mailgun provides its Services under the direction of its customers, and has no direct relationship with the individuals whose personal data it processes. If you are a customer of one of our customers and would no longer like to be contacted by one of our customer that use our service, please contact the customer that you interact with directly. Transfers to subsequent third parties are covered by the service agreements with our customers.
We will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Client. Mailgun will retain the personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If you have questions about this Policy, or if you’re concerned that we are using your information improperly, please contact us by mail:
Mailgun Technologies, Inc. 535 Mission St. San Francisco, CA 94105 by email: