A short, plain privacy policy.
We collect what we need to run the product, nothing else. We do not sell data, we do not enrich your contacts, and we delete things when you ask.
This Privacy Policy describes how Mail Brand SAS (“Mail Brand”, “we”, “us”) collects, uses and shares information when you use our website, dashboard and API. By using the service, you agree to this policy.
1. What we collect
- Account data — name, email, company, password hash.
- Signature content — templates, fields and assets you create.
- Directory data — when you sync from AD/Okta/Google Workspace, only attributes you map.
- Usage data — anonymized page views, performance metrics, error reports.
- Billing data — handled by Stripe; we never see card numbers.
2. How we use it
To run the service, support customers, prevent abuse and improve the product. We do not use customer content to train AI models.
3. Sub-processors
We use a small list of vetted vendors: AWS (hosting), Stripe (billing), Postmark (transactional email), Sentry (error tracking). The full, current list lives at /dpa.
4. Retention
Active account data is kept for the lifetime of your subscription. On cancellation we delete signature and directory data within 30 days unless you explicitly request earlier deletion.
5. Your rights
Under GDPR/CCPA you may request access, correction, deletion or export of your data. Submit a request through our contact page and we will respond within 30 days.
6. International transfers
We host primary infrastructure in the EU (Ireland) and US (Virginia). Cross-border transfers are governed by Standard Contractual Clauses.
7. Contact
Mail Brand SAS, 12 rue de la Brand, 75002 Paris, France. To reach our Data Protection Officer, use the contact page and select “Customer support”.