mailfra
Back to Home

Privacy Policy

Last updated: December 24, 2024

Introduction

At Mailfra ("we", "our", or "us"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cold email platform and related services (collectively, the "Services").

By using Mailfra, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Services. This policy applies to all users of our Services, including visitors, registered users, and subscribers.

We operate in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant privacy regulations. This Privacy Policy should be read in conjunction with our Terms of Service.

Information We Collect

We collect several types of information to provide and improve our Services. The information we collect falls into the following categories:

Personal Information

Information that identifies you as an individual or relates to an identifiable individual:

  • Full name and email address
  • Company name, job title, and business information
  • Billing information including credit card details and billing address
  • Phone number and other contact details (optional)
  • Profile information including profile picture and bio
  • Account credentials including username and encrypted password
  • Communication preferences and notification settings

Usage Data

Information automatically collected about how you interact with our Services:

  • Email campaign performance metrics including send rates, delivery rates, and bounce rates
  • Login and access times, session duration, and frequency of use
  • Features used, actions taken within the platform, and user preferences
  • Device information including type, operating system, and unique device identifiers
  • Browser type, version, language settings, and time zone
  • IP address, location data, and network information
  • Referring and exit pages, clickstream data, and navigation paths
  • Error logs, diagnostic data, and performance metrics

Email Data

Information related to your email campaigns and outreach activities:

  • Email content, subject lines, and templates you create
  • Recipient email addresses, names, and contact information
  • Email engagement data including opens, clicks, replies, and bounces
  • Email sending schedules, automation rules, and sequence configurations
  • Custom fields, tags, and segments you create for organizing contacts
  • Email metadata including timestamps, sender information, and delivery status

Third-Party Authentication Data

When you connect third-party services to Mailfra:

  • OAuth tokens and refresh tokens for connected accounts
  • Account identifiers from third-party services
  • Permission scopes granted to our application
  • Profile information shared by the third-party service

Payment Information

Financial information necessary to process your subscription:

  • Credit card number, expiration date, and CVV (processed securely by our payment processor)
  • Billing address and payment method details
  • Transaction history and payment receipts
  • Tax identification numbers if required by law

Communications

Information from your interactions with us:

  • Customer support inquiries and correspondence
  • Feedback, survey responses, and product reviews
  • Marketing communications preferences
  • Participation in contests, promotions, or events

SMTP Data Usage and Disclosure

When you connect your email account to Mailfra through SMTP, we access specific data to provide our email outreach automation services. This section explains in detail how we handle your email data.

Important Notice About Email Data

By connecting your email account via SMTP, you authorize Mailfra to access and send emails as described in this section. Your email usage through Mailfra is protected by industry-standard security protocols and encryption standards.

SMTP Data We Access

We access the following email data through SMTP protocol:

  • Email Sending Capabilities: Allows us to send emails on your behalf as part of your outreach campaigns. This is the core functionality that enables automated email sequences.
  • Email Recipient Information: We receive and store recipient addresses and basic delivery status to track campaign performance.
  • Delivery Status and Bounce Information: Provides delivery confirmations, bounce notifications, and basic engagement metrics for your campaigns.
  • Email Metadata: Allows us to track email sending timestamps, sender information, and delivery details. This helps you track campaign performance.

How We Use SMTP Data

We use your SMTP data solely and exclusively to provide our email outreach automation services. Specifically:

  • Sending Campaign Emails: We send personalized outreach emails to prospects you have added to your campaigns. Each email is sent from your email account using your authenticated credentials, maintaining your sender reputation and email deliverability.
  • Delivery Tracking: We monitor delivery status and bounce notifications to automatically track which emails were successfully delivered, which bounced, and other delivery metrics.
  • Campaign Management: We track email sending records to help you organize and manage your outreach efforts, including campaign status and performance metrics.
  • Performance Analytics: We aggregate delivery data to provide you with performance insights and help optimize your campaigns.

SMTP Data Storage and Security

We take the security and privacy of your email data seriously:

  • Minimal Data Storage: We store only the essential metadata necessary for campaign tracking, such as recipient, subject line, timestamps, and delivery status. We do not store full email content unnecessarily.
  • Encrypted Credential Storage: Your SMTP credentials are encrypted using AES-256 encryption and stored securely in our database. Credentials are never exposed to unauthorized parties.
  • Secure Data Transmission: All communication between Mailfra and email servers uses industry-standard TLS/SSL encryption to protect your data in transit.
  • Limited Access: Only authorized Mailfra systems and personnel with legitimate need have access to email credentials, and all access is logged and monitored.

Data Sharing and Third-Party Access

Your email data is treated with the highest level of confidentiality:

  • No Selling or Renting: We will never sell, rent, or trade your email data to third parties under any circumstances.
  • No Advertising Use: We do not use your email data for advertising purposes, either on our platform or for third-party advertising networks.
  • No Third-Party Applications: We do not allow third-party applications or services to access your email data through our platform.
  • Service Provider Access: The only exception is our infrastructure providers (e.g., cloud hosting, database services) who may have technical access to encrypted data as part of providing core infrastructure services. These providers are bound by strict confidentiality agreements and data protection obligations.

Data Retention for Email Data

We retain email-related data according to the following policies:

  • Active Account: SMTP credentials are retained as long as your Mailfra account is active and you have not revoked email access.
  • Campaign Metadata: Email metadata (recipient, subject, timestamps, delivery metrics) is retained for up to 24 months after campaign completion for analytics and reporting purposes.
  • Upon Revocation: When you revoke email access, we immediately stop accessing your email and delete all stored credentials within 24 hours.
  • Account Deletion: When you delete your Mailfra account, all email-related data including credentials and campaign metadata is permanently deleted within 30 days.

Your Control Over Email Data

You maintain complete control over your email data at all times:

  • Revoke Access Anytime: You can disconnect your email account from Mailfra at any time through your account settings.
  • Data Export: You can request an export of your campaign data, including metadata about emails sent through Mailfra, by contacting our support team.
  • Data Deletion: You can request deletion of all your email-related data by contacting privacy@mailfra.com. We will process your request within 30 days.

Security Measures for Email Data

We implement comprehensive security measures for email data protection:

  • Encrypted Transmission: All SMTP communications use TLS 1.3 encryption to protect data in transit.
  • Encrypted Credential Storage: SMTP credentials are encrypted using AES-256 encryption before storage in our database.
  • Regular Security Audits: We conduct regular security audits and vulnerability assessments of our SMTP integration.
  • Access Controls: Only authorized personnel have access to systems handling email credentials.

How We Use Your Information

We use the information we collect for various purposes, including:

  • Providing, operating, and maintaining our Services
  • Improving and personalizing your experience
  • Processing transactions and sending related information
  • Sending marketing and promotional communications (with your consent)
  • Responding to your inquiries and providing customer support
  • Analyzing usage patterns and trends to improve our Services
  • Detecting, preventing, and addressing fraud, abuse, and security issues
  • Complying with applicable laws and regulations

Data Sharing

We may share your information with third parties in the following circumstances:

  • Service Providers: We share information with service providers who assist us in operating our website, conducting our business, or providing services to you.
  • Legal Requirements: We may disclose your information if required by law or if we believe in good faith that disclosure is necessary to comply with legal obligations.
  • Business Transfers: If Mailfra is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction.
  • With Your Consent: We may share your information with third parties when we have your explicit consent to do so.

Data Retention

We retain your personal information for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy. The retention period may vary depending on the type of information and the purpose for which we use it:

  • Account Information: Retained while your account is active and for a reasonable period afterward for backup and legal purposes.
  • Campaign Data: Retained for up to 24 months after campaign completion for analytics purposes.
  • Payment Information: Retained for the duration of your subscription and as required by law for tax and accounting purposes.
  • Marketing Data: Retained until you unsubscribe from our communications.

Your Rights

Depending on your location and applicable laws, you may have the following rights regarding your personal information:

  • Right to Access: You have the right to request and obtain a copy of the personal information we hold about you.
  • Right to Correction: You have the right to request that we correct or update inaccurate personal information.
  • Right to Deletion: You have the right to request deletion of your personal information under certain circumstances.
  • Right to Portability: You have the right to obtain your personal information in a structured, commonly used format and transfer it to another service.
  • Right to Object: You have the right to object to processing of your personal information for certain purposes.

Security

We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest using industry-standard protocols
  • Secure access controls and authentication mechanisms
  • Regular security audits and vulnerability assessments
  • Employee access controls and confidentiality agreements
  • Incident response procedures for data breaches

While we implement strong security measures, no system is 100% secure. We cannot guarantee absolute security of your information. However, we are committed to maintaining reasonable and appropriate security practices.

Cookies

We use cookies and similar tracking technologies to enhance your experience on our Services. Cookies are small text files stored on your device that allow us to recognize you and remember your preferences.

Types of Cookies We Use:

  • Essential Cookies: Required for the functionality of our Services
  • Performance Cookies: Help us analyze how you use our Services
  • Functionality Cookies: Remember your preferences and settings
  • Marketing Cookies: Track your activity for marketing purposes

You can control cookie preferences through your browser settings or by opting out of certain cookies through our cookie consent tool.

International Data Transfers

Our Services may be accessed from various countries. Your information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have data protection laws that differ from your home country.

When we transfer information internationally, we implement appropriate safeguards such as Standard Contractual Clauses and other mechanisms required by applicable data protection laws to ensure your information remains protected.

Children's Privacy

Our Services are not directed to children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will take steps to delete such information promptly.

If you believe we have collected information from a child without parental consent, please contact us immediately at privacy@mailfra.com.

California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to know what personal information is collected, used, and shared
  • Right to delete personal information collected from you
  • Right to opt-out of the sale or sharing of your personal information
  • Right to limit use and disclosure of sensitive personal information
  • Right to non-discrimination for exercising your rights

To exercise these rights, please contact us at privacy@mailfra.com or through your account settings.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by updating the "Last Updated" date at the top of this policy and, if necessary, by providing additional notice (such as through email or a prominent announcement on our website).

Your continued use of our Services after any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically to stay informed about how we protect your information.

Contact Us

If you have questions about this Privacy Policy, our privacy practices, or how we handle your personal information, please contact us at:

Mailing Address

Mailfra, Inc.
Privacy Department

Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer at privacy@mailfra.com

We will respond to your inquiry within 30 days or as required by applicable law.