Effective: 03 July, 2019
Railsware Products, Inc., United States of America company registered office: 118 Coalpit Hill Road, Danbury CT 06810, USA ("Railsware", "us", "our", or "we"), focuses on assuring that the mailtrap.io website ("Site") and the Mailtrap application (the "Application"), as well as the general ecosystem provides a safe environment for both website visitors and application users ("Customer", "You"). We need to collect, process and store some Personal and Navigational information in order to provide you with an ability to review the Mailtrap website content, allow for using Mailtrap application service and subscribe to it, make online payments, submit support requests and product ideas for our consideration.
When you browse the Site, subscribe to the Application plan, use the Application, leave support requests, submit product ideas, fill out a survey, add comments to the blog posts or perform an online payment, you give consent and fully agree to the Policy under which Railsware collects, processes, uses, stores and discloses Personal Information. If you do not agree with the points stated in this Policy, you should not browse the Site, subscribe to the Application plan, use the Application, perform an online payment, submit support requests and product ideas, and performs other activities, which may result in supplying us with their Personal and Navigational Information.
Railsware is not established in the European Union, but it processes and stores Personal Data of EU citizens, who browses the Site or subscribes to a free or paid Application plan, submits support requests, performs online payment, and performs other activities, which may result in supplying us with their Personal and Navigational Information.
1. Application User and Site Visitor Data
1.1 Data You Provide
When you register an account, subscribe to the Application, make an online payment, participate in a survey, subscribe to the Application free or paid plan, email us or in any other way submit your Personal Information to us, Railsware may collect, process and store the following data: your first and last name, your email and posting address.
We do not store your card details on any of our internal resources / databases, but transfer them instantly to the Payment Card Industry Data Security Standard compliant service provider for further processing. When receiving an online payment, we collect shipping and billing address(es), your card details: number, cardholder name, card number, expiry date, Postal Code and the Card Security Code (CSC) or the Card Verification Value (CVV).
You will know when we gather your data through the Mailtrap website or Application, as you will provide your data on one of the Site's web pages and perform an action that will authorize it to be sent to us.
We will keep record of your purchases, any marketing-, sales- and support-related communication and replies, general Application usage statistics in order to provide you with the high level Application and support services.
1.2 Data We Collect Automatically
Railsware may collect information through our Site and Application.The data we gather from your device: it's type, IP address, the browser you are using, OS (operating system), as well as the referral site from which you entered the Mailtrap website. We may also monitor your online behavior, including the time of your visit, your online activity at the website including the URL clickstream through the Mailtrap website, the pages you visited, the time you spent viewing them, and the frequency of your visits. We gather this data automatically through the commonly used data-gathering technologies, like cookies and web beacons in order to understand how Customers and website visitors browse the Site and use the Application. This data helps us manage the Site and Application, analyze general online behavior and usage trends, and provide targeted advertisements. We also collect demographic information about our Application user and Site visitor base that helps us tailor both the Site's content and the Application functionality in order to meet your expectations and requirements.
When you browse the Site or use the Application, we collect Personal and Navigational Information along with the unique User IDs. In addition, we aggregate extra data that refers to the user flow, such as the start and the end of a web session, page views, purchase and checkout. We may associate this data with the information we store within the analytics software to Personal Information that you submitted to us. We do this to enhance our Application and Site content and UX, as well as use this data to improve the Application functionality, our marketing communication and analytics.
1.3 GitHub and Google Sign-in Authentication
1.4 Usage of reCaptcha
2. Types of Information
2.1 Personal Information
Under 'Personal Information' we understand any data that you of your own free will provide us with, such as your first and last name, phone number, your email address, company name, your posting and billing address, as well as any other information that refers to you or your workplace (business). We also collect Client ID that is assigned to your browser, and User ID that is associated with the use of the Application and your personal account. Personal Information also refers to other information that is available on the internet, such as from Facebook, LinkedIn, Twitter and Google, and includes any other publicly available data that you previously agreed to share and that is available from other service providers.
2.2 Navigational Information
'Navigational Information' refers to your computer and your visits to the Site and Application such as your IP address, geographical location, browser type, referral source, length of visit and pages viewed. For more information, please visit the Navigational Information web page.
2.3 Sensitive Information
Railsware does not intentionally collect, and the Site visitors and Application users should not provide any information about your medical or health condition, race and ethnic origin, political opinions, religious and philosophical beliefs, as well as bank account information, TAX and passport numbers, driver's license or other similar personal identifiers.
When you subscribe to the Mailtrap Application, Railsware collects the bank card numbers and billing information. However, Railsware does not process it, but passes it over to Braintree, a division of PayPal, the Payment Card Industry Data Security Standard compliant service provider, for further processing. Except for the bank card number and billing data that are required to collect payment, we do not gather Sensitive Information from you.
3. Use of the Information We Collect
3.2 How We Use Personal Information We Collect
We use Personal Information we collect from our Application customers and Site visitors to:
- Enhance your user experience while browsing the Site and applying the Application for your projects
- Manage the Site's content and customize it according to the user preferences
- Manage the Site's and Application's security and system administration
- Create accounts and provide information to a PCI-compliant service provider for payment processing
- Respond to customer support and other Site- or Application-related requests
- Communicate with the Application users, inform them about important product- and company-related updates
- Contact the carefully-selected Application users to inform about other Railsware products and services that we think may be of interest to them
- Distribute other personalized marketing information
- Hold surveys, send out questionnaires that help us understand our customer requirements and expectations from the Application, Site, support or any other services that we provide
- Put together and analyze the statistic data of the Site and Application usage
- Conduct an investigation of unauthorized access and use of the Site or Application, fraud, breach and other illegitimate actions
3.3 Use of Bank Card Information
The bank card details you provide when registering for a paid Mailtrap application plan are neither stored nor processed by Railsware, but are passed over to Braintree, a division of PayPal, the Payment Card Industry Data Security Standard compliant service provider, for processing. This third party stores your data in order to charge you on a monthly basis for the Application services. The billing process will continue until you request us to delete your Application account, or when you remove your bank card details from your Mailtrap application account.
3.4 Service Providers
3.5 Personal Information Security
Railsware applies different security technologies, guidelines and procedures to ensure complete security, as well as full confidentiality of the Personal Information you provide. We also take measures to avoid unauthorized access to personal data and electronic communication systems. Your Personal Information is securely stored on servers and protected from unauthorized usage, leak and exposure. The transfer of any sensitive data, like bank card details, to an authorized third party happens through the use of encryption (such as the Secure Socket Layer protocol and the Transport Layer Security) which guarantees complete safety and security of your data.
For any questions that relate to the security of your Personal Information, please email us at email@example.com
3.6 Social Media Features
The Site incorporates some social media features and widgets. It allows to 'Share' - for Facebook, 'Tweet' - for Twitter and 'Share' - for Google+ content on certain Site's pages. These social media features (buttons) may gather some website visitor-related (IP address, page visits) information. The actions connected to the social media features and widgets are covered by the policy of the company which enables them.
3.7 Links and Third-Party Sites
3.8 Third-Party Services
The Site includes third-party systems that allow for support request or product-related idea submission, as well as adding comments to articles published on the website blog. The system, which accepts support requests and product ideas provides us with the name and email of a user who submitted it, so that our team can action and respond to these messages. The system, which enables users with the right to publish comments performs Personal Information collection, storing and processing on its side, giving us the right to monitor the comments that appear on the Site's blog.
3.9 Data Retention
Railsware will retain your Personal Information for the period required to fulfil the obligations it took as an Application provider and Site owner, or unless a longer period of time is required by law for tax, legal or other regulatory reasons. Railsware will delete all Personal Information at an earliest date per your request.
Mailtrap temporarily stores the email addresses and content that the Application users create, send and forward as part of their email sending testing routine. We take the appropriate measures in order to ensure the high level of an Application inbox contents security. The data residing in a Mailtrap inbox is automatically deleted once a user reaches its Application subscription plan limit.
When an Application user clears their Mailtrap inbox, the deleted in this way data is completely removed from the system. We do not store any email message-related information in logs. The retention period of logs is 30 days.
3.10 Сompelled Disclosure
Railsware reserves the right to disclose personal data to public authorities in accordance with a legal liability to perform their duties, such as customs and tax authorities, financial investigation units, judicial administration and other parties if the EU or the Railsware's representative member state law allows to exercise such disclosure in the public interest, including protection of your and other people's safety.
4. Data Subject Rights
4.1 Website Visitor and Application User Rights
Our Site visitors and Application users have the following rights:
- To request access to your Personal Information
- To remove consent from being contacted by email, phone and other means of communication
- To request for all Personal Data that was received from you to be deleted from all our records
- To request that we update, correct or remove any omissions in your Personal Information that we store
- To opt out from all kinds of direct marketing and other communication
- To request us to delete your Personal Information
- To object the processing of your Personal Information, or ask us to restrict the processing of your Personal Information, or request portability of your Personal Information
- To withdraw your consent from collection and processing of your Personal Information at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent
- To complain to a data protection authority about our collection and use of your Personal Information. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the USA and Canada) are available here.)
In order to exercise any of these rights, please email us at firstname.lastname@example.org. We will provide response to your request as soon as possible, informing you about the steps we have taken to ensure that your rights are exercised.
4.2 Opting Out from Our Communication
You may opt out from our marketing communications by pressing the 'unsubscribe' link, which is located at the bottom of our email, or sending your unsubscribe request at email@example.com.
You cannot unsubscribe from our transactional emailing (which also includes Welcome, Forgot password, Confirmation, Billing plan-related emails, invoicing, as well as Critical Product updates), and other information which refers to your Mailtrap Application account.
Before enabling Mailtrap's email forwarding functionality, we ask a recipient to provide consent to receive all forwarded by a certain Application user emails.
4.3 Children's Information
Our Site and Application are not intended for children's use. We do not knowingly accumulate any data from children under the age of 16. If you think that we might have gathered some information from children under the age of 16, please let us know at firstname.lastname@example.org and we will delete this data from our databases and other applicable resources, if any.
5. International Transfer of Information
5.1 The International Transfer and the Privacy Shield
5.2 Privacy Shield Notice
Railsware participates and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. The following software products adhere to the Privacy Shield principles: Mailtrap application, Smart Checklist add-on for Jira. Enterprise (Cloud, Server and Data Center versions), Smart Checklist for Jira. Free Trial (Cloud version). Railsware is committed to subjecting all Personal Data received from the European Union (EU) member states and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov/list.
Railsware is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Railsware complies with the Privacy Shield Principles for all onward transfers of Personal Data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to Personal Data received or transferred pursuant to the Privacy Shield Framework, Railsware is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Railsware may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
You may direct any inquiries or complaints related to our Privacy Shield compliance to email@example.com. If you have an unresolved privacy or data use concern that we have not addressed satisfactory, you may contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield.
Under certain conditions, which are fully explained on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Railsware uses a range of third-party sub-processors that are authorized to process the Application user and customer data, and help us deliver the Application functionality, as well as the accompanying support services in full.
|Amazon Webservices, Inc.||United States|
|Google Inc.||United States|
|SendGrid, Inc.||United States|
|Facebook, Inc.||United States|
|HubSpot, Inc.||United States|
|UserVoice, Inc.||United States|
7. General Clauses
7.2 Contact us