Mailbrew Privacy Policy

Subscription to Services

Newsletters, sometimes referred to as “Brews”, created with the use of our Services can be subscribed to directly or indirectly. Individuals can directly subscribe via signup forms or plugins. Indirect subscription is possible through manual import. Indirect subscription is only allowed with the individuals’ consent. Mailbrew instructs the platform users to collect valid consent for subscription. However, ensuring the validity of subscribers’ consent is the responsibility of each Mailbrew user. Newsletters sent via our platform always contain a possibility to opt-out.

Mailbrew users are solely responsible for complying with any laws and regulations that apply to the subscribed users information. Mailbrew Inc. is not liable for Mailbrew users relationship with their subscribers.

Identity & access

The website is protected by reCAPTCHA, so the Google Privacy Policy and Terms of Service apply.

When you sign up for Mailbrew, we ask for your name and email address. That’s just so you can personalize your new account, and we can send you updates and other essential information. We’ll never sell your personal info to third parties, and we won’t use your name in marketing statements without your permission, either.

When you pay for Mailbrew, we ask for your credit card and billing address. That’s so we can charge you for service, calculate taxes due, and send you invoices. Your credit card is passed directly to our payment processor and doesn’t ever go through our servers. We store a record of the payment transaction, including the last 4 digits of the credit card number, for account history, invoicing, and billing support. We store your billing address to calculate any sales tax due in the United States, to detect fraudulent credit card transactions, and to print on your invoices.

When you write to us with a question or to ask for help, we’ll keep that correspondence, and the email address, for future reference. When you browse our pages, we’ll track that for statistical purposes (like conversion rates and to test new designs). We also store any information you volunteer, like surveys, for as long as it makes sense.

The only times we’ll ever share your info:

• To provide products or services you’ve requested, with your permission.
• To investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.
• If Mailbrew is acquired by or merged with another company — we don’t plan on that, but if it happens — we’ll notify you well before any info about you is transferred and becomes subject to a different privacy policy.

Mailbrew uses third party services, such as cloud computing providers and customer support software, to provide our services. These are the services:

• Amazon Web Services. Cloud services provider.
• Stripe. Payment processing services.
• Mixpanel. Analytics and Email messaging.
• Crisp. In-app messaging and customer support.
• Render. Cloud services provider.
• Heroku. Cloud services provider.
• Email Octopus. Email newsletter service.
• Sentry. Error reporting software.

By using our sources, you agree to the terms of service and privacy policies of the providers of those services:

• YouTube & Calendar: Google Privacy Policy — we use the YouTube and Google Calendar API Services.
• Twitter: Twitter Privacy Policy.
• Reddit: Reddit Privacy Policy.
• Hacker News: Y Combinator Privacy Policy.

When using our Calendar source, you grant us read-only access to your calendars hosted on Google Calendar. We take your privacy very seriously and securely store the access tokens on our server and only use them to generate your digests.

Your Rights With Respect to Your Information

You may have heard about the General Data Protection Regulation (“GDPR”) in Europe. GDPR gives people under its protection certain rights with respect to their personal information collected by us on the Site. Accordingly, Mailbrew recognizes and will comply with GDPR and those rights, except as limited by applicable law. The rights under GDPR include:

• Right of Access. This includes your right to access the personal information we gather about you, and your right to obtain information about the sharing, storage, security and processing of that information.
• Right to Correction. This is your right to request correction of your personal information.
• Right to Erasure. This is your right to request, subject to certain limitations under applicable law, that your personal information be erased from our possession (also known as the “Right to be forgotten”). However, if applicable law requires us to comply with your request to delete your information, fulfillment of your request may prevent you from using Mailbrew services and may result in closing your account.
• Right to Complain. You have the right to make a complaint regarding our handling of your personal information with the appropriate supervisory authority.
• Right to Restrict Processing. This is your right to request restriction of how and why your personal information is used or processed.
• Right to Object. This is your right, in certain situations, to object to how or why your personal information is processed.
• Right to Portability. This is your right to receive the personal information we have about you and the right to transmit it to another party.
• Right to not be subject to Automated Decision-Making. This is your right to object and prevent any decision that could have a legal, or similarly significant, effect on you from being made solely based on automated processes. This right is limited, however, if the decision is necessary for performance of any contract between you and us, is allowed by applicable European law, or is based on your explicit consent.

Many of these rights can be exercised by signing in and directly updating your account information. If you have questions about exercising these rights or need assistance, please contact us at hello@mailbrew.com.

Processors we use

As part of the services we provide, and only to the extent necessary, we may use certain third party processors to process some or all of your personal information. For identification of these processors, and where they are located, please see our external services list mentioned above.

Law enforcement

Mailbrew won’t hand your data over to law enforcement unless a court order says we have to, and unless we’re legally prevented from it, we’ll always inform you when such requests are made.

Security & Encryption

All data is encrypted via SSL/TLS when transmitted from our servers to your browser. The database backups are also encrypted. Data isn’t encrypted while it’s live in our database (since it needs to be ready to send to you when you need it), but we go to great lengths to secure your data at rest.

Deleted data

When you cancel your account, we’ll ensure that nothing is stored on our servers past 30 days. Anything you delete on your account while it’s active will also be purged within 30 days.

Location of Site and Data

This Site is operated in the United States. If you are located in the European Union or elsewhere outside of the United States, please be aware that any information you provide to us will be transferred to the United States. By using our Site, participating in any of our services and/or providing us with your information, you consent to this transfer.

Changes & questions

Mailbrew may update this policy once in a blue moon — we’ll notify you about significant changes by emailing the account owner or by placing a prominent notice on our site. You can access, change or delete your personal information at any time by contacting us at hello@mailbrew.com.