Privacy Policy

Last Updated: 1st October 2025

This Privacy Policy describes how Maileroo Group Pty Ltd (ACN 691 482 836) ("Maileroo", "we", "us", or "our") collects, uses, stores, shares, and protects your personal information when you use our website, Email API, SMTP relay services, email marketing platform, and related services (collectively, the "Services").

Our registered office is located at:

Level 10, 440 Collins Street
Melbourne VIC 3000
Australia

By accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our data practices as described in this Privacy Policy, please do not use the Services.

Questions or concerns? If you have any questions about this Privacy Policy or our data practices, please contact us at [email protected].

1. INFORMATION WE COLLECT

We collect various types of information in connection with the Services, including:

1.1 Information You Provide to Us

We collect personal information that you voluntarily provide to us when you:

  • Register for an account
  • Use our Services to send emails
  • Subscribe to our newsletter or marketing communications
  • Participate in surveys or provide feedback
  • Contact our customer support
  • Apply for our affiliate program
  • Otherwise communicate with us

The personal information we collect may include:

Account Information:
  • Full name
  • Email address
  • Username and password
  • Company name and business information
  • Phone number (optional)
  • Physical address
Billing Information:
  • Payment card details (processed through third-party payment processors)
  • Billing address
  • Tax identification numbers (where required)
  • Transaction history
Email Content and Metadata:
  • Email addresses of senders and recipients
  • Email subject lines and content
  • Email headers and metadata
  • Attachments
  • IP addresses of email senders
  • Email delivery status and analytics
Communications:
  • Support ticket content and correspondence
  • Survey responses and feedback
  • Any other information you choose to provide

Accuracy of Information: You represent that all information you provide is true, complete, and accurate, and you agree to notify us promptly of any changes to such information.

1.2 Information Automatically Collected

When you access or use the Services, we automatically collect certain information about your device and usage patterns, including:

Device and Browser Information:
  • IP address
  • Browser type and version
  • Operating system
  • Device type and identifiers
  • Screen resolution
  • Language preferences
Usage Information:
  • Pages visited and features used
  • Time and date of access
  • Time spent on pages
  • Referring website addresses
  • Click-through data
  • API usage patterns and frequency
Email Tracking Information:
  • Email open rates
  • Click-through rates
  • Bounce rates and bounce types
  • Unsubscribe rates
  • Spam complaints
  • Geographic location of recipients (derived from IP addresses)

This information is collected through cookies, web beacons, log files, and similar technologies. For more information about our use of cookies, please see Section 5 below.

1.3 Information from Third Parties

We may receive information about you from third-party sources, including:

  • Payment Processors: Transaction confirmation and payment status from Paddle, PayPal, or NOWPayments.io
  • Authentication Services: If you use social login features (e.g., Google, GitHub), we may receive profile information such as your name, email address, and profile picture
  • Email Deliverability Services: Information about email reputation, blacklist status, and delivery metrics
  • Business Partners: Information from affiliates or referral partners (with your consent)
1.4 Sensitive Information

We do not knowingly collect or process sensitive personal information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning sexual orientation, except where required by law or with your explicit consent.

2. HOW WE USE YOUR INFORMATION

We use the information we collect for the following purposes:

2.1 To Provide and Maintain the Services
  • Process and deliver emails through our API and SMTP relay
  • Manage your account and authenticate your identity
  • Process payments and maintain billing records
  • Provide customer support and respond to inquiries
  • Monitor and analyze email deliverability and performance
  • Generate analytics and reports on your email campaigns
2.2 To Improve and Optimize the Services
  • Analyze usage patterns and trends
  • Conduct research and development
  • Test new features and functionality
  • Improve our algorithms and infrastructure
  • Optimize email deliverability rates
  • Enhance user experience
2.3 To Communicate with You
  • Send transactional emails (e.g., account confirmations, password resets, billing notifications)
  • Provide important updates about the Services
  • Send marketing communications (with your consent, where required)
  • Respond to your comments, questions, and requests
  • Send newsletters and promotional materials (you may opt out at any time)
2.4 For Security and Compliance
  • Detect, prevent, and address fraud, spam, and abuse
  • Monitor compliance with our Terms and Conditions and Acceptable Use Policy
  • Enforce our legal rights and protect against legal liability
  • Comply with applicable laws, regulations, and legal processes
  • Protect the security and integrity of our Services and infrastructure
  • Investigate and prevent violations of our policies
2.5 For Business Operations
  • Manage our affiliate program and process referral commissions
  • Conduct business transactions, including mergers or acquisitions
  • Maintain business records and analytics
  • Exercise and defend our legal rights
2.6 With Your Consent

We may use your information for other purposes with your explicit consent, which you may withdraw at any time by contacting us at [email protected].

3. LEGAL BASIS FOR PROCESSING (EEA, UK, AND SWITZERLAND)

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, we process your personal information based on the following legal grounds:

  • Contractual Necessity: Processing is necessary to perform our contract with you (i.e., to provide the Services)
  • Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our Services, preventing fraud, and ensuring security
  • Legal Obligation: Processing is necessary to comply with applicable laws and regulations
  • Consent: You have given explicit consent for specific processing activities (e.g., marketing communications)
4. HOW WE SHARE YOUR INFORMATION

We may share your personal information in the following circumstances:

4.1 Service Providers and Business Partners

We share information with third-party service providers who perform services on our behalf, including:

Payment Processing:
  • Paddle.com Market Limited (subscription billing)
  • PayPal (annual payments)
  • NOWPayments.io (cryptocurrency payments)
Infrastructure and Hosting:
  • Cloud hosting providers (servers located in Germany)
  • Content delivery networks
  • Database management services
Analytics and Monitoring:
  • Website analytics providers
  • Performance monitoring tools
  • Error tracking services
Email Deliverability:
  • IP reputation monitoring services
  • Spam filter testing tools
  • Email validation services
Customer Support:
  • Help desk and ticketing systems
  • Live chat providers

These service providers are contractually obligated to protect your information and use it only for the purposes for which it was disclosed.

4.2 Affiliates and Subsidiaries

We may share information with our parent company, subsidiaries, affiliates, and related entities, all of whom are required to treat your information in accordance with this Privacy Policy.

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the successor entity. We will notify you of any such change and any choices you may have regarding your information.

4.4 Legal Requirements and Protection

We may disclose your information if required to do so by law or if we believe in good faith that such disclosure is necessary to:

  • Comply with legal obligations, court orders, or government requests
  • Enforce our Terms and Conditions or other agreements
  • Protect our rights, property, or safety, or that of our users or the public
  • Detect, prevent, or address fraud, security, or technical issues
  • Respond to claims that content violates the rights of third parties
4.5 With Your Consent

We may share your information for other purposes with your explicit consent or at your direction.

4.6 Aggregated and Anonymized Data

We may share aggregated or anonymized information that cannot reasonably be used to identify you for research, marketing, analytics, or other purposes.

5. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar tracking technologies to collect and store information about your interactions with the Services.

5.1 What Are Cookies?

Cookies are small text files stored on your device that help us recognize you, remember your preferences, and improve your experience. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device until deleted).

5.2 Types of Cookies We Use
Essential Cookies:

Required for the Services to function properly. These cookies enable core functionality such as security, authentication, and session management. You cannot opt out of these cookies.

Functionality Cookies:

Remember your preferences and settings to enhance your experience.

Analytics Cookies:

Help us understand how visitors use the Services so we can improve performance and user experience.

Marketing Cookies:

Used to track visitors across websites to display relevant advertisements and measure campaign effectiveness.

5.3 Managing Cookies

Most web browsers automatically accept cookies, but you can modify your browser settings to decline cookies if you prefer. However, disabling cookies may limit your ability to use certain features of the Services.

You can manage cookies through:

  • Your browser settings (consult your browser's help documentation)
  • Our cookie consent tool (where available)
  • Opt-out tools provided by advertising networks
5.4 Email Tracking

When you use our Services to send emails, we may use tracking pixels and other technologies to track email opens, clicks, and other engagement metrics. This information is used to provide analytics and improve deliverability.

6. THIRD-PARTY SOCIAL LOGIN

Our Services may offer you the ability to register or log in using third-party social media accounts (e.g., Google, GitHub, Facebook). When you use this feature:

  • We receive certain profile information from the social media provider, which may include your name, email address, profile picture, and other information you've made public
  • The specific information we receive depends on your privacy settings with the social media provider
  • We use this information only for the purposes described in this Privacy Policy

We recommend reviewing the privacy policies of these social media providers to understand how they collect, use, and share your information.

7. INTERNATIONAL DATA TRANSFERS

Our servers are located in Germany. If you access the Services from outside Germany, your information will be transferred to, stored in, and processed in Germany and potentially other countries where our service providers operate.

These countries may have data protection laws that differ from those of your country of residence. However, we take appropriate measures to ensure that your personal information remains protected in accordance with this Privacy Policy and applicable law.

7.1 European Economic Area, UK, and Switzerland

For data transfers from the EEA, UK, or Switzerland, we rely on:

  • European Commission-approved Standard Contractual Clauses
  • Adequacy decisions by the European Commission
  • Other legally approved transfer mechanisms
7.2 Australian Privacy Principles

As an Australian company, we comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). When transferring personal information overseas, we take reasonable steps to ensure the recipient complies with the APPs or is subject to similar privacy protections.

8. DATA RETENTION

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

8.1 Retention Periods
Account Information:

Retained for the duration of your account plus a reasonable period thereafter for business and legal purposes.

Email Content and Logs:

Email content may be retained for up to 90 days for troubleshooting and support purposes. Email metadata and analytics may be retained longer for performance analysis and deliverability monitoring.

Billing Records:

Retained for at least 7 years to comply with tax and accounting regulations.

Marketing Data:

Retained until you opt out or request deletion.

Support Communications:

Retained for a reasonable period to provide ongoing support and improve our services.

8.2 Deletion and Anonymization

When we no longer have a legitimate business need to process your information, we will either delete or anonymize it. If deletion is not possible (e.g., because data has been stored in backup archives), we will securely store your information and isolate it from further processing until deletion becomes possible.

9. DATA SECURITY

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Regular security assessments and vulnerability testing
  • Access controls and authentication requirements
  • Employee training on data protection and security
  • Secure data centers with physical access controls
  • Regular backups and disaster recovery procedures
  • Monitoring and logging of system access

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

10. CHILDREN'S PRIVACY

The Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18 years of age.

If you are under 18, you may not use the Services or provide any information to us. By using the Services, you represent that you are at least 18 years old.

If we become aware that we have collected personal information from a child under 18 without verification of parental consent, we will take steps to delete that information promptly. If you believe we have collected information from a child under 18, please contact us immediately at [email protected].

11. YOUR PRIVACY RIGHTS

Depending on your location, you may have certain rights regarding your personal information:

11.1 General Rights
  • Access: Request access to the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal exceptions)
  • Portability: Request a copy of your information in a structured, machine-readable format
  • Objection: Object to our processing of your information for certain purposes
  • Restriction: Request restriction of processing in certain circumstances
  • Withdraw Consent: Withdraw your consent where processing is based on consent
11.2 European Economic Area, UK, and Switzerland Rights

If you are located in the EEA, UK, or Switzerland, you have additional rights under the GDPR and UK GDPR, including:

  • The right to lodge a complaint with your local supervisory authority
  • The right to object to automated decision-making and profiling
  • The right to receive information about data breach notifications
11.3 Australian Privacy Rights

If you are located in Australia, you have rights under the Privacy Act 1988 (Cth), including:

  • The right to access your personal information
  • The right to correct inaccurate information
  • The right to complain to the Office of the Australian Information Commissioner (OAIC)
11.4 California Privacy Rights

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including:

  • The right to know what personal information we collect, use, disclose, and sell
  • The right to delete your personal information
  • The right to opt-out of the sale of your personal information (we do not sell personal information)
  • The right to non-discrimination for exercising your privacy rights
11.5 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within the timeframe required by applicable law (typically 30 days).

You can also manage certain information through your account dashboard, including:

  • Updating your profile information
  • Changing your password and security settings
  • Managing email preferences and notifications
  • Downloading your data
  • Deleting your account

We may request specific information from you to verify your identity before processing your request.

12. MARKETING COMMUNICATIONS

With your consent (where required by law), we may send you marketing communications about our Services, new features, promotions, and related information.

12.1 Opting Out

You may opt out of marketing communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email
  • Updating your email preferences in your account settings
  • Contacting us at [email protected]

Please note that opting out of marketing communications does not affect transactional or service-related emails (e.g., account notifications, billing statements, security alerts).

13. DO-NOT-TRACK SIGNALS

Some web browsers have a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activities tracked. At this time, there is no universally accepted standard for how to respond to DNT signals.

We do not currently respond to DNT browser signals. If a standard for responding to DNT signals is established in the future, we will update this Privacy Policy accordingly.

14. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Post the revised policy on our website
  • Notify you via email or through the Services if the changes are material

We encourage you to review this Privacy Policy periodically. Your continued use of the Services after we post changes constitutes your acceptance of the updated policy.

15. CONTACT INFORMATION AND COMPLAINTS

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:

Maileroo Group Pty Ltd
ACN 691 482 836
Level 10, 440 Collins Street
Melbourne VIC 3000
Australia

Email: [email protected]

Data Protection Officer

For privacy-related inquiries, you may also contact our Data Protection Officer at: [email protected]

Supervisory Authorities

If you are located in the EEA, UK, or Switzerland and are unsatisfied with our response to your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

If you are located in Australia and are unsatisfied with our response, you may lodge a complaint with:

Office of the Australian Information Commissioner (OAIC)
GPO Box 5218
Sydney NSW 2001
Australia
Phone: 1300 363 992
Website: www.oaic.gov.au

16. ADDITIONAL INFORMATION FOR SPECIFIC JURISDICTIONS
16.1 Australian Users

For Australian users, we comply with the Australian Privacy Principles under the Privacy Act 1988 (Cth). You have the right to access and correct your personal information and to complain about breaches of privacy. We will respond to access requests within 30 days.

16.2 European Users

For users in the EEA, UK, and Switzerland, we process your data in accordance with the GDPR and UK GDPR. You have enhanced rights as described in Section 11.2 above.

16.3 California Users

California residents may contact the California Department of Consumer Affairs Complaint Assistance Unit at:

1625 North Market Blvd., Suite N 112
Sacramento, California 95834
Phone: (800) 952-5210
Website: www.dca.ca.gov

This Privacy Policy was last updated on 1st October 2025. We encourage you to review this policy periodically to stay informed about how we protect your information.

Maileroo Group Pty Ltd

ACN 691 482 836

Level 10
440 Collins Street
Melbourne VIC 3000
Australia

Company

About Us Pricing Developer Docs Blog Help Center Case Studies Affiliate Program Brand Assets Tech Stack Changelog Status Contact Us

Tools

Email Verification API Email Verification Tool Email Checker SPF Record Generator DMARC Record Generator Email Blacklist Monitoring Free Mail Tester Email Signature Generator WordPress Plugin

Resources

SMTP Relay Email Marketing Platform Newsletter Software Free Email API SMTP Email Service Maileroo vs SendGrid Maileroo vs Mailgun Maileroo vs Resend Maileroo vs SMTP2GO Maileroo vs Mandrill Price Comparison

Legal

Submit Legal Request Terms & Conditions Privacy Policy Refund Policy Cookie Policy GDPR Compliance Data Processing Addendum Service Level Agreement Email Policy Acceptable Use Policy
© 2025 Maileroo Group Pty Ltd. All rights reserved.