Personally Identifiable Information (PII) Redaction for Webhook Payloads

Mailgun now supports opt-in redaction of personally identifiable information from webhook payloads.

May 6, 2026

Personally Identifiable Information (PII) redaction is now available as an opt-in setting in Mailgun. When enabled, sensitive data, including recipient addresses, is redacted from webhook payloads before they’re sent. No post-processing is required on your end.

The setting lives at the account level and cascades automatically to all associated domains and subaccounts.

Why does this matter?

Reduce your exposure surface — Sensitive recipient data won’t travel through your webhook pipeline, cutting down the number of places PII can end up at rest or in logs.

Simplify compliance — Whether you’re working toward GDPR, CCPA, or internal data minimization policies, this gives you a cleaner path to limiting what gets stored and where.

One setting, full coverage — Configure it once at the account level and every domain and subaccount inherits it. No domain-by-domain setup required.

To turn on PII redaction, go to Webhooks/Configurations tab to enable or disable the PII redaction feature.

Send out an email blast today

Standing out from competitors requires more than a lengthy email list and clever email campaigns. You need an email marketing tool that can help you land in people’s inboxes and stay in constant contact with customers.