Privacy Policy

We are MailAgent.ai - this policy describes how we protect your privacy.
 
What we Collect – How, Why and When
Here follows a description of all data we may collect from you and how we process it.
 
User Creation
When you create a user we collect your email address and mail credentials.
Legal basis: Legitimate Interests
Retention: If you have not been logged in for the past 18 month your account will be deleted.
 
Contact Form
When you reach out to us using our on-page contact form we collect your name, your email and the message you enter.
Legal basis: Legitimate Interests
Retention: Once we have concluded our correspondence or dialogue, we will remove your name, email and message from our records.
 
Newsletter
When you sign up to our newsletter you give us your email.
Legal basis: Consent
Retention: As long as you stay subscribed to our newsletter, we will retain your email. You are however always at liberty to unsubscribe, after which we will immediately cease to hold your email for this purpose.
 
Log Files
We collect log events containing information about each request made to our platform. These events contain the parameters of each request, the requesting IP address and browser information. The collection of these log events are necessary to maintain the integrity and security of our systems – the data is only collected and processed for this purpose.
Legal basis: Legitimate Interests
Retention: For security reasons we do not disclose the retention period for log events. But rest assured this data is deleted on a regular basis.
 
Marketing Analytics Data
If you consent, we collect detailed marketing analytics data on how you interact with the platform.
Legal basis: Consent
Retention: 12 months.
 
Third Party Service Providers
We use a few well established third party service providers to deliver our service to you.
 
Amazon Web Services
MailAgent.ai is hosted in Amazon Web Services on servers that are physically located in Ireland.
Data Processing Addendum: https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf
 
ChatGPT
When you receive an email in your inbox we use the ChatGPT API to assess emails and to generate drafts responses. Unlike OpenAI's consumer facing platform, the API does not retain or use customer data for training their models. Their servers are physically located in the United States.
Data processing addendum: https://openai.com/policies/data-processing-addendum
 
Brevo
When you sign up for a newsletter or reach out to us through our contact form, this happens through Brevo. Their servers are physically located in France.
Data Processor Clause: https://www.brevo.com/legal/termsofuse/
 
Google Analytics
We use Google analytics to collect marketing analytics for our platform. IP addresses are used solely for geo-location and immediately discarded for EU traffic. All IP lookups happen on EU servers before data is sent to Analytics servers in the United States.
Data Processing Amendment: https://www.google.com/analytics/terms/dpa/dataprocessingamendment_20130906.html
 
Your Rights
The European General Data Protection Regulation (GDPR) gives you certain rights in relation to the collection and processing of your data.
 
The Right to be Informed
You have a right to be informed about the kind of data we collect about you and how we process said data. You may find all information about when, how and why we collect data here.
 
The Right of Access
You have the right to know exactly what information we have collected about you and how we are storing and processing that data.
 
The Right to Rectification
You have have the right to have incomplete data made complete and to have incorrect data corrected.
 
The Right to Erasure
You have the right to have your data erased, also known as the right to be forgotten. We can only refuse a request for data erasure if we have legitimate interest in collecting or processing the data that outweighs your rights to have the data erased. We may also refuse to erase your data if retention of said is required to meet legal obligations.
 
The Right to Restrict Processing
You have the right to have the processing of your personal data restricted. This may be because you take issue with the content of the information that is being processed or you take issue with the processing itself.
 
The Right to Data Portability
You have the right to obtain and reuse your personal data. You can request that we send your personal data electronically to third parties in a commonly used and machine-readable format.
 
The Right to Object
You have right to object to processing of your personal data, this right may be used at any time, your object may relate to all of the personal data we hold about you or only to certain information. It may also relate to a particular purpose for which we are processing your data.
 
The Right to not be Subject to Automated Decision Making
You have the right to not be subject to automated decisions. Such decisions could be made by algorithms or artificial intelligence. We are required to inform you if you will be subject to automated decision making so you can choose to opt out.
 
Our Obligations
MailAgent.ai is subject to the European General Data Protection Regulation (GDPR).
 
Lawfulness, Fairness and Transparency
When we collect personal data, we are required to collect it in such a way that the collection is lawful, fair and transparent.
For the collection and processing of personal data to be lawful it must comply with at least one of the following conditions:
  • The person has opted in to having their data collected by giving explicit consent.
  • The person is in a contractual or pre-contractual relationship with MailAgent.ai.
  • There is a legal obligation to which MailAgent.ai is subject.
  • The collection or processing is in the vital interest of the person, generally only applies to matters of life and death.
  • The collection and processing is justifiably in the interest of the public. In this case, the processing must have its basis in EU or national law.
  • MailAgent.ai has a legitimate interest in collecting and processing specific personal data. This applies either in cases where the person may reasonably expect such collection and processing and the privacy impact is minimal, or where there is a compelling justification for the processing, such as fraud prevention, IT security and platform stability.
For the collection of personal data to be fair it must be in the best interest of the person whose data is being collected, furthermore the scope of the collection and processing can be reasonably expected by that person.
For the collection of personal data to be transparent we are required to clearly communicate what data we collect, how we collect it and why.
 
Purpose Limitation
The personal data collected must only be processed in accordance with the purpose it was originally collected for.
 
Data Minimization
Were not allowed to collect any personal data more than what is needed to effectively deliver our service.
 
Accuracy
The collected personal data is accurate.
 
Storage Limitation
The personal data is deleted when it is no longer needed for the purpose it was collected for.
 
Integrity and Confidentiality
The personal data is stored in a way the ensures its confidentiality and integrity.
 
Accountability
We are accountable under these principles and are able to document compliance.