Table of Contents

Privacy Policy

Effective: 9 June, 2021
Introduction

Railsware Products Studio, Inc., United States of America company registered office: 118 Coalpit Hill Road, Danbury CT 06810, USA (“Railsware”, “us”, “our”, or “we”), focuses on assuring that the mailtrap.io website (“Site”) and the Mailtrap application (the “Application”), as well as the general ecosystem, provides a safe environment for both website visitors and application users (“Customer”, “You”). We need to collect, process and store some Personal and Navigational information in order to provide you with an ability to review the Mailtrap website content, allow for using Mailtrap application service and subscribe to it, make online payments, submit support requests and product ideas for our consideration.

We are dedicated to protecting your privacy. This Privacy Policy (herein the “Policy”) applies to the Site and the Application, and it administers the ways we collect, process and store data. The Policy has a direct reference to the Terms of Service and applies to it. It also explains how website visitors and customers can exercise their rights to obtain, access, erase, use or rectify their Personal Information that was of their own free will submitted to us.

When you browse the Site, subscribe to the Application plan, use the Application, leave support requests, submit product ideas, fill out a survey, add comments to the blog posts or perform an online payment, you give consent and fully agree to the Policy under which Railsware collects, processes, uses, stores and discloses Personal Information. If you do not agree with the points stated in this Policy, you should not browse the Site, subscribe to the Application plan, use the Application, perform an online payment, submit support requests and product ideas, and perform other activities, which may result in supplying us with their Personal and Navigational Information.

Railsware is not established in the European Union, but it processes and stores Personal Data of EU citizens, who browses the Site or subscribes to a free or paid Application plan, submits support requests, performs online payment, and performs other activities, which may result in supplying us with their Personal and Navigational Information.

1. Application User and Site Visitor Data
1.1 Data You Provide

When you register an account, subscribe to the Application, make an online payment, participate in a survey, subscribe to the Application free or paid plan, email us or in any other way submit your Personal Information to us, Railsware may collect, process and store the following data: your first and last name, your email and posting address.

We do not store your card details on any of our internal resources / databases, but transfer them instantly to the Payment Card Industry Data Security Standard compliant service provider for further processing. When receiving an online payment, we collect shipping and billing address(es), your card details: number, cardholder name, card number, expiry date, Postal Code and the Card Security Code (CSC) or the Card Verification Value (CVV).

You will know when we gather your data through the Mailtrap website or Application, as you will provide your data on one of the Site’s web pages and perform an action that will authorize it to be sent to us.

We will keep record of your purchases, any marketing-, sales- and support-related communication and replies, general Application usage statistics in order to provide you with the high level Application and support services.

1.2 Data We Collect Automatically

Railsware may collect information through our Site and Application.The data we gather from your device: it’s type, IP address, the browser you are using, OS (operating system), as well as the referral site from which you entered the Mailtrap website. We may also monitor your online behavior, including the time of your visit, your online activity at the website including the URL clickstream through the Mailtrap website, the pages you visited, the time you spent viewing them, and the frequency of your visits. We gather this data automatically through the commonly used data-gathering technologies, like cookies and web beacons in order to understand how Customers and website visitors browse the Site and use the Application. This data helps us manage the Site and Application, analyze general online behavior and usage trends, and provide targeted advertisements. We also collect demographic information about our Application user and Site visitor base that helps us tailor both the Site’s content and the Application functionality in order to meet your expectations and requirements.

When you browse the Site or use the Application, we collect Personal and Navigational Information along with the unique User IDs. In addition, we aggregate extra data that refers to the user flow, such as the start and the end of a web session, page views, purchase and checkout. We may associate this data with the information we store within the analytics software to Personal Information that you submitted to us. We do this to enhance our Application and Site content and UX, as well as use this data to improve the Application functionality, our marketing communication and analytics.

1.3 GitHub and Google Sign-in Authentication

You may log into our Site and Application using either GitHub or Google Sign-in authentication system. When you use either GitHub or Google Sign-in authentication, you give us access to your full name and email address. This data is stored by us in compliance with the Privacy Policy.

1.4 Usage of reCaptcha

Railsware uses reCaptcha version 2 (checkbox) and 3 (invisible) to protect the Site and the Application from spam and abuse. reCaptcha version 2 is embedded on the Mailtrap email sign upforgot password and resend confirmation instructions website pages. The invisible reCaptcha version 3 is placed on the Mailtrap add new card billing page. So, when a user signs up using an email, resets a password, adds card details, Google captures the necessary information in order to differentiate a human being from a bot. That is why, in this case the Google Privacy Policy and Terms and Conditions apply.

2. Types of Information
2.1 Personal Information

Under ‘Personal Information’ we understand any data that you of your own free will provide us with, such as your first and last name, phone number, your email address, company name, your posting and billing address, as well as any other information that refers to you or your workplace (business). We also collect Client ID that is assigned to your browser, and User ID that is associated with the use of the Application and your personal account. Personal Information also refers to other information that is available on the internet, such as from Facebook, LinkedIn, Twitter and Google, and includes any other publicly available data that you previously agreed to share and that is available from other service providers.

2.2 Navigational Information

‘Navigational Information’ refers to your computer and your visits to the Site and Application such as your IP address, geographical location, browser type, referral source, length of visit and pages viewed. For more information, please visit the Navigational Information web page.

2.3 Sensitive Information

Railsware does not intentionally collect, and the Site visitors and Application users should not provide any information about your medical or health condition, race and ethnic origin, political opinions, religious and philosophical beliefs, as well as bank account information, TAX and passport numbers, driver’s license or other similar personal identifiers.

When you subscribe to the Mailtrap Application, Railsware collects the bank card numbers and billing information. However, Railsware does not process it, but passes it over to Braintree, a division of PayPal, the Payment Card Industry Data Security Standard compliant service provider, for further processing. Except for the bank card number and billing data that are required to collect payment, we do not gather Sensitive Information from you.

3. Use of the Information We Collect
3.1 Compliance with this Privacy Policy

Railsware uses the data it collects only in compliance and according to this Privacy Policy. Therefore, both the website visitors and the Application users should read carefully this Privacy Policy and other agreements published on the Site or as part of the Application before proceeding with browsing the site or using the Application.

3.2 How We Use Personal Information We Collect

We use Personal Information we collect from our Application customers and Site visitors to:

  • Enhance your user experience while browsing the Site and applying the Application for your projects
  • Manage Site’s content and customize it according to the user preferences
  • Manage Site’s and Application’s security and system administration
  • Create accounts and provide information to a PCI-compliant service provider for payment processing
  • Respond to customer support and other Site- or Application-related requests
  • Communicate with the Application users, inform them about important product- and company-related updates
  • Contact the carefully-selected Application users to inform about other Railsware products and services that we think may be of interest to them
  • Distribute other personalized marketing information
  • Hold surveys, send out questionnaires that help us understand our customer requirements and expectations from the Application, Site, support or any other services that we provide
  • Put together and analyze the statistic data of the Site and Application usage
  • Conduct an investigation of unauthorized access and use of the Site or Application, fraud, breach and other illegitimate actions
3.3 Use of Bank Card Information

The bank card details you provide when registering for a paid Mailtrap application plan are neither stored nor processed by Railsware, but are passed over to Braintree, a division of PayPal, the Payment Card Industry Data Security Standard compliant service provider, for processing. This third party stores your data in order to charge you on a monthly basis for the Application services. The billing process will continue until you request us to delete your Application account, or when you remove your bank card details from your Mailtrap application account.

3.4 Service Providers

Railsware may employ other organizations and persons (“Agents) to perform tasks or provide services to website visitors or Application users and may need to share your Personal or Navigational Information with them to provide data, products and services to you. These tasks and services may include marketing and support activities, analyzing different types of data, providing advisory and legal services. In all the cases when Railsware shares your information with such Agents, we will request for the agent to accept and strictly observe our Privacy Policy.

3.5 Personal Information Security

Railsware applies different security technologies, guidelines and procedures to ensure complete security, as well as full confidentiality of the Personal Information you provide. We also take measures to avoid unauthorized access to personal data and electronic communication systems. Your Personal Information is securely stored on servers and protected from unauthorized usage, leak and exposure. The transfer of any sensitive data, like bank card details, to an authorized third party happens through the use of encryption (such as the Secure Socket Layer protocol and the Transport Layer Security) which guarantees complete safety and security of your data.

For any questions that relate to the security of your Personal Information, please email us at privacy@mailtrap.io

3.6 Social Media Features

The Site incorporates some social media features and widgets. It allows to ‘Share’ – for Facebook, ‘Tweet’ – for Twitter and ‘Share’ – for Google+ content on certain Site’s pages. These social media features (buttons) may gather some website visitor-related (IP address, page visits) information. The actions connected to the social media features and widgets are covered by the policy of the company which enables them.

3.8 Third-Party Services

The Site includes third-party systems that allow for support request or product-related idea submission, as well as adding comments to articles published on the website blog. The system, which accepts support requests and product ideas provides us with the name and email of a user who submitted it, so that our team can action and respond to these messages. The system, which enables users with the right to publish comments performs Personal Information collection, storing and processing on its side, giving us the right to monitor the comments that appear on the Site’s blog.

3.9 Data Retention

Mailtrap temporarily stores the email addresses and content that the Application users create, send and forward as part of their email sending testing routine. We take the appropriate measures in order to ensure the high level of an Application inbox contents security. The data residing in a Mailtrap inbox is automatically deleted once a user reaches its Application subscription plan limit.

When an Application user clears their Mailtrap inbox, the deleted in this way data is completely removed from the system. We do not store any email message-related information in logs. The retention period of logs is 30 days.

Railsware will retain your Personal Information for the period required to fulfil the obligations it took as an Application provider and Site owner, or unless a longer period of time is required by law for tax, legal or other regulatory reasons. Railsware will delete all Personal Information at an earliest date per your request.

3.10 Сompelled Disclosure

Railsware reserves the right to disclose personal data to public authorities in accordance with a legal liability to perform their duties, such as customs and tax authorities, financial investigation units, judicial administration and other parties if the EU or the Railsware’s representative member state law allows to exercise such disclosure in the public interest, including protection of your and other people’s safety.

4. Data Subject Rights
4.1 Website Visitor and Application User Rights

Our Site visitors and Application users have the following rights:

  • To request access to your Personal Information
  • To remove consent from being contacted by email, phone and other means of communication
  • To request for all Personal Data that was received from you to be deleted from all our records
  • To request that we update, correct or remove any omissions in your Personal Information that we store
  • To opt out from all kinds of direct marketing and other communication
  • To request us to delete your Personal Information
  • To object the processing of your Personal Information, or ask us to restrict the processing of your Personal Information, or request portability of your Personal Information
  • To withdraw your consent from collection and processing of your Personal Information at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent
  • To complain to a data protection authority about our collection and use of your Personal Information. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the USA and Canada) are available here.)

In order to exercise any of these rights, please email us at privacy@mailtrap.io. We will provide response to your request as soon as possible, informing you about the steps we have taken to ensure that your rights are exercised.

4.2 Opting Out from Our Communication

You may opt out from our marketing communications by pressing the ‘unsubscribe’ link, which is located at the bottom of our email, or sending your unsubscribe request at privacy@mailtrap.io.

You cannot unsubscribe from our transactional emailing (which also includes Welcome, Forgot password, Confirmation, Billing plan-related emails, invoicing, as well as Critical Product updates), and other information which refers to your Mailtrap Application account.

Before enabling Mailtrap’s email forwarding functionality, we ask a recipient to provide consent to receive all forwarded by a certain Application user emails.

4.3 Children’s Information

Our Site and Application are not intended for children’s use. We do not knowingly accumulate any data from children under the age of 16. If you think that we might have gathered some information from children under the age of 16, please let us know at privacy@mailtrap.io and we will delete this data from our databases and other applicable resources, if any.

5. International Transfer of Information 5.1 The International Transfer

To perform our operations, we may transfer and access Personal Information from around the world, including the United States, the EU, and other countries. While transferring the data, we take the necessary measures to safeguard the activity in general, and the Data Subjects in particular to ensure an appropriate level of protection for their fundamental rights. The Privacy Policy shall apply even if Personal Information is transferred or accessed from other countries.

We use third-party services (as described in this Privacy Policy), which may be based in other countries that may not have equivalent Privacy and Data Protection laws to the country in which you reside. When we share information about customers residing in the European Economic Area and Switzerland, European Commission-approved standard contractual data protection clauses, or other appropriate legal mechanisms to safeguard the transfer.

6. Sub-processors


Railsware uses a range of third-party sub-processors that are authorized to process the Application user and customer data, and help us deliver the Application functionality, as well as the accompanying support services in full.

Entity NamePurposeLocation
Amazon Webservices, Inc.InfrastructureUnited States
Google Inc.InfrastructureUnited States
SendGrid, Inc.Marketing and Customer SupportUnited States
Facebook, Inc.Marketing AnalyticsUnited States
Twitter, Inc.Marketing AnalyticsUnited States
LinkedIn Ireland Unlimited CoMarketing AnalyticsIreland
HubSpot, Inc.Marketing AnalyticsUnited States
Mouseflow, ApS.Marketing AnalyticsDenmark
HelpScout Inc.Customer SupportUnited States
PayPal, Inc. (Braintree)Payment processingUnited States
Slack Technologies IncCommunicationUnited States
Aut O’Mattic A8C Ireland Ltd. (Automattic)InfrastructureIreland
Salesforce.com, Inc. (Heroku)InfrastructureUnited States
Typeform SLCustomer FeedbackSpain
7. General Clauses 7.1 Changes to the Privacy Policy

We reserve the right to review and make amendments to this Policy. When the changes are made, we will publish the new version of the Privacy Policy on our Site and update the ‘effective’ date, which is indicated in the top left corner of this Policy, to the day when the latest amendments were published on the Site.

7.2 Contact us

For any additional questions or inquiries about the Privacy Policy, please send an email at privacy@mailtrap.io