GDPR Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR).

Last updated: February 02, 2026 Version 1.0

1. Data Controller

MailSpaceAI ("we," "our," or "us") is the data controller responsible for your personal data. You can contact us at:

Email: legal@mailspaceai.com

2. What Data We Collect

We collect and process the following types of personal data:

Account Information

  • Google account email address
  • Full name (if provided)
  • Profile picture (from Google account)
  • Account preferences and settings

Email Tracking Data

  • Email addresses of recipients
  • Email open timestamps and locations
  • Link click data and timestamps
  • Email content metadata (subject lines, send times)
  • Device and browser information

Contact Information

  • Contact names and email addresses
  • Contact lists and tags
  • Consent status and preferences
  • Communication history

Technical Data

  • IP addresses
  • Browser type and version
  • Operating system
  • Usage analytics and performance data

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Consent (Article 6(1)(a) GDPR)

For email tracking and marketing communications, we rely on your explicit consent.

Legitimate Interest (Article 6(1)(f) GDPR)

For service improvement, security, and analytics purposes.

Contract Performance (Article 6(1)(b) GDPR)

To provide our email tracking and campaign management services.

4. How We Use Your Data

We use your personal data for the following purposes:

  • Providing email tracking and analytics services
  • Managing your account and preferences
  • Sending service-related notifications
  • Improving our services and user experience
  • Ensuring security and preventing fraud
  • Complying with legal obligations

5. Data Sharing and Third Parties

We may share your data with:

We do not sell your personal data to third parties.

6. Your Rights Under GDPR

You have the following rights regarding your personal data:

Right to Access

Request a copy of your personal data we hold.

Right to Rectification

Correct inaccurate or incomplete data.

Right to Erasure

Request deletion of your personal data.

Right to Restrict Processing

Limit how we process your data.

Right to Data Portability

Receive your data in a portable format.

Right to Object

Object to processing based on legitimate interests.

How to Exercise Your Rights

To exercise any of these rights, please:

We will respond to your request within 30 days.

7. Data Retention

We retain your personal data for the following periods:

Data Type Retention Period Reason
Account Data Until account deletion Service provision
Email Tracking Data 2 years or until deletion request Analytics and reporting
Contact Information Until removal or account deletion Contact management
Technical Logs 90 days Security and troubleshooting

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit and at rest
  • Access controls and authentication
  • Regular security audits and updates
  • Staff training on data protection
  • Incident response procedures

9. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Other appropriate safeguards as required by GDPR

10. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential website functionality
  • User authentication and session management
  • Analytics and performance monitoring
  • Email tracking pixels (with consent)

You can manage cookie preferences in your browser settings.

11. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe we have collected such data, please contact us immediately.

12. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by:

  • Email notification to your registered address
  • Prominent notice on our website
  • In-app notifications

Continued use of our services after changes constitutes acceptance of the updated policy.

13. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have not complied with GDPR requirements. You can contact:

  • Your local data protection authority
  • The supervisory authority in your country of residence
  • The supervisory authority where the alleged infringement occurred

14. Contact Information

For any questions about this privacy policy or our data practices, please contact us:

Email

legal@mailspaceai.com

Website

Contact Form

Contact Us
Home Privacy Policy Terms & Conditions Contact