Privacy Policy

Effective: 5 February, 2024

Introduction

Railsware Products Studio LLC, a company incorporated in the State of Delaware, the United States of America,  having its  office at 925 N La Brea Ave, Suite 400, office 560, West Hollywood, CA 90038  (“Railsware”, “us”, “our”, or “we”), focuses on assuring that the mailtrap.io website (“Site”) and the Mailtrap application (the “Application”), as well as the general ecosystem, provides a safe environment for both website visitors and application users (“Customer”, “You”). We need to collect, process, and store some Personal Information (as defined in Section 2.1 below) and Navigational Information (as defined in Section 2.2 below) in order to provide you with the ability to review the Mailtrap website content, allow for using the Mailtrap application service and subscribe to it, make online payments, submit support requests and product ideas for our consideration.

We are dedicated to protecting your privacy. This Privacy Policy (herein the “Policy”) applies to the Site and the Application, and it administers the ways we collect, process and store data. The Policy has a direct reference to the Terms of Service and applies to it. It also explains how website visitors and customers can exercise their rights to obtain, access, erase, use, or rectify their Personal Information that was of their own free will submitted to us.

When you browse the Site, subscribe to the Application plan, use the Application, leave support requests, submit product ideas, fill out a survey, add comments to the blog posts, or perform an online payment, you give consent and fully agree to the Policy under which Railsware collects, processes, uses, stores and discloses Personal Information. If you do not agree with the points stated in this Policy, you should not browse the Site, subscribe to the Application plan, use the Application, perform an online payment, submit support requests and product ideas, and perform other activities, which may result in supplying us with their Personal and Navigational Information.

Railsware is not established in the European Union, but it processes and stores Personal Information of EU citizens, who browses the Site or subscribes to a free or paid Application plan, submits support requests, performs online payment, and performs other activities, that may result in supplying us with their Personal and Navigational Information.

1. Application User and Site Visitor Data

1.1 Data You Provide

When you register an account, subscribe to the Application, make an online payment, participate in a survey, subscribe to the Application free or paid plan, email us or in any other way submit your Personal Information to us, Railsware may collect, process and store the following data: your first and last name, your email and posting address.

We do not store your card details on any of our internal resources / databases, instead, you share  it directly to the Payment Card Industry Data Security Standard compliant service providers for further processing. When receiving an online payment, we collect and store your subscription ID. We also collect and process your Personal Information, which you add to the billing settings in your Account, which may include your first and last name, company name,   shipping and billing address(es), tax and/or VAT number, and phone number.

You will know when we gather your data through the Mailtrap website or Application, as you will provide your data on one of the Site’s web pages and perform an action that will authorize it to be sent to us.

We will keep a record of your purchases, and marketing-, sales- and support-related communication and replies, and general Application usage statistics in order to provide you with the high-level Application and support services.

1.2 Data We Collect Automatically

Railsware may collect information through our Site and Application.The data we gather from your device: its type, IP address, the browser you are using, OS (operating system), as well as the referral site from which you entered the Mailtrap website. We may also monitor your online behavior, including the time of your visit, your online activity at the website including the URL clickstream through the Mailtrap website, the pages you visited, the time you spent viewing them, and the frequency of your visits. We gather this data automatically through the commonly used data-gathering technologies, like cookies and web beacons in order to understand how Customers and website visitors browse the Site and use the Application. This data helps us manage the Site and Application, analyze general online behavior and usage trends, and provide targeted advertisements. We also collect demographic information about our Application user and Site visitor base that helps us tailor both the Site’s content and the Application functionality in order to meet your expectations and requirements.

When you browse the Site or use the Application, we collect Personal and Navigational Information along with the unique User IDs. In addition, we aggregate extra data that refers to the user flow, such as the start and the end of a web session, page views, purchase, and checkout. We may associate this data with the information we store within the analytics software to the Personal Information that you submitted to us. We do this to enhance our Application and Site content and UX, as well as use this data to improve the Application functionality, our marketing communication, and analytics.

1.3 GitHub and Google Sign-in Authentication

You may log into our Site and Application using either GitHub or Google Sign-in authentication system. When you use either GitHub or Google Sign-in authentication, you give us access to your full name and email address. This data is stored by us in compliance with the Privacy Policy.

1.4 Usage of reCaptcha

Railsware uses reCaptcha versions 2 (checkbox) and 3 (invisible) to protect the Site and the Application from spam and abuse. reCaptcha version 2 is embedded on the Mailtrap email sign-upforgot password, and resend confirmation instructions website pages. The invisible reCaptcha version 3 is placed on the Mailtrap add new card billing page. So, when a user signs up using an email, resets a password, and adds card details, Google captures the necessary information in order to differentiate a human being from a bot. That is why, in this case the Google Privacy Policy and Terms and Conditions apply.

2. Types of Information

2.1 Personal Information

Under ‘Personal Information’ we understand any data that you of your own free will provide us with, such as your first and last name, phone number, your email address, company name, your posting and billing address, as well as any other information that refers to you or your workplace (business). We also collect the Client ID that is assigned to your browser, and the User ID that is associated with the use of the Application and your personal account. Personal Information also refers to other information that is available on the internet, such as from Facebook, LinkedIn, Twitter, and Google, and includes any other publicly available data that you previously agreed to share and that is available from other service providers.

2.2 Navigational Information

‘Navigational Information’ refers to your computer and your visits to the Site and Application such as your IP address, geographical location, browser type, referral source, length of visit, and pages viewed. For more information, please visit the Navigational Information web page.

2.3 Sensitive Information

Railsware does not intentionally collect, and the Site visitors and Application users should not provide any information about your medical or health condition, race, and ethnic origin, political opinions, religious and philosophical beliefs, as well as bank account information, TAX and passport numbers, driver’s license or other similar personal identifiers.

When you subscribe to the Mailtrap Application, you shall be requested to share your bank card numbers and billing information. Please be aware that Railsware does not store any payment details of yours, you provide these details directly to our service providers, which are compliant with Payment Card Industry Data Security Standard. The payment providers process your billing data in accordance with their privacy policies and security guidelines. To the best of our knowledge, our payment providers are compliant with the Payment Card Industry Data Security Standard and act according to the highest industry standards. To learn more about the way they process your data, please refer to their privacy policies and security guidelines.

3. Use of the Information We Collect

3.1 Compliance with this Privacy Policy

Railsware uses the data it collects only in compliance and according to this Privacy Policy. Therefore, both the website visitors and the Application users should read carefully this Privacy Policy and other agreements published on the Site or as part of the Application before proceeding with browsing the site or using the Application.

3.2 How We Use Personal Information We Collect

We use Personal Information we collect from our Application customers and Site visitors to:

  • Enhance your user experience while browsing the Site and applying the Application for your projects
  • Manage Site’s content and customize it according to the user preferences
  • Manage Site’s and Application’s security and system administration
  • Create accounts and provide information to a PCI-compliant service provider for payment processing
  • Respond to customer support and other Site- or Application-related requests
  • Communicate with the Application users, inform them about important product- and company-related updates
  • Contact the carefully-selected Application users to inform about other Railsware products and services that we think may be of interest to them
  • Distribute other personalized marketing information
  • Hold surveys, send out questionnaires that help us understand our customer requirements and expectations from the Application, Site, support or any other services that we provide
  • Put together and analyze the statistic data of the Site and Application usage
  • Conduct an investigation of unauthorized access and use of the Site or Application, fraud, breach and other illegitimate actions

3.3 Use of Bank Card Information

The bank card details you provide when registering for a paid Mailtrap application plan are neither stored nor processed by Railsware, but are disclosed by you to Braintree, a division of PayPal, and Stripe, and/or other Payment Card Industry Data Security Standard compliant service providers, for processing. These third parties store your data in order to charge you on a monthly basis for the Application services. The billing process will continue until you request us to delete your Application account, or when you cancel your subscription.

3.4 Service Providers

Railsware may employ other organizations and persons (“Agents) to perform tasks or provide services to website visitors or Application users and may need to share your Personal or Navigational Information with them to provide data, products, and services to you. These tasks and services may include marketing and support activities, analyzing different types of data, and providing advisory and legal services. In all the cases when Railsware shares your information with such Agents, we will request for the agent to accept and strictly observe our Privacy Policy.

3.5 Personal Information Security

Railsware applies different security technologies, guidelines, and procedures to ensure complete security, as well as full confidentiality of the Personal Information you provide. We also take measures to avoid unauthorized access to personal data and electronic communication systems. Your Personal Information is securely stored on servers and protected from unauthorized usage, leak, and exposure. The transfer of any sensitive data, if applicable, to an authorized third party happens through the use of encryption (such as the Secure Socket Layer protocol and the Transport Layer Security) which guarantees complete safety and security of your data.

For any questions that relate to the security of your Personal Information, please email us at privacy@mailtrap.io

3.6 Social Media Features

The Site incorporates some social media features and widgets. It allows to ‘Share’ – for Facebook, ‘Tweet’ – for Twitter, and ‘Share’ – for Google+ content on certain Site’s pages. These social media features (buttons) may gather some website visitor-related (IP address, page visits) information. The actions connected to the social media features and widgets are covered by the policy of the company which enables them.

3.7 Links and Third-Party Sites

The Mailtrap Site includes links to third-party websites. These websites may offer certain services to end-users. Railsware does not take any responsibility for its content, services, administrators, practices, and policies, and does not endorse them. Railsware also does not bear any responsibility for the privacy of information that you submit on these resources, since this Privacy Policy does not apply to them. We recommend you familiarize yourself with the Privacy Policy and other legal documents before submitting or sharing any personal information with them.

3.8 Third-Party Services

The Site includes third-party systems that allow for support requests or product-related idea submission, as well as adding comments to articles published on the website blog. The system, which accepts support requests and product ideas, provides us with the name and email of a user who submitted it so that our team can take action and respond to these messages. The system, which enables users with the right to publish comments performs Personal Information collection, storing, and processing on its side, giving us the right to monitor the comments that appear on the Site’s blog.

3.9 Data Retention

Railsware will retain your Personal Information for the period required to fulfill the obligations it took as an Application provider and Site owner, or unless a longer period of time is required by law for tax, legal, or other regulatory reasons. Railsware will delete all Personal Information at the earliest date per your request.

Mailtrap temporarily stores the email addresses and content that the Application users create, send and forward as part of their email-sending testing routine. We take the appropriate measures in order to ensure the high level of an Application inbox content security. The data residing in a Mailtrap inbox is automatically deleted once a user reaches its Application subscription plan limit.

When an Application user clears their Mailtrap inbox, the deleted in this way data is completely removed from the system. We do not store any email message-related information in logs. The retention period of logs is 30 days.

3.10 Сompelled Disclosure

Railsware reserves the right to disclose personal data to public authorities in accordance with a legal liability to perform their duties, such as customs and tax authorities, financial investigation units, judicial administration and other parties if the EU or the Railsware’s representative member state law allows to exercise such disclosure in the public interest, including protection of your and other people’s safety.

4. Data Subject Rights

4.1 Website Visitor and Application User Rights

Our Site visitors and Application users have the following rights:

  • To request access to your Personal Information
  • To remove consent from being contacted by email, phone and other means of communication
  • To request for all Personal Data that was received from you to be deleted from all our records
  • To request that we update, correct or remove any omissions in your Personal Information that we store
  • To opt out from all kinds of direct marketing and other communication
  • To request us to delete your Personal Information
  • To object the processing of your Personal Information, or ask us to restrict the processing of your Personal Information, or request portability of your Personal Information
  • To withdraw your consent from collection and processing of your Personal Information at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Information conducted in reliance on lawful processing grounds other than consent
  • To complain to a data protection authority about our collection and use of your Personal Information. Contact details for data protection authorities in the EEA, Switzerland, and certain non-European countries (including the USA and Canada) are available here.)

In order to exercise any of these rights, please email us to privacy@mailtrap.io. We will provide a response to your request as soon as possible, informing you about the steps we have taken to ensure that your rights are exercised.

4.2 Opting Out from Our Communication

You may opt-out from our marketing communications by pressing the ‘unsubscribe’ link, which is located at the bottom of our email, or sending your unsubscribe request to privacy@mailtrap.io.

You cannot unsubscribe from our transactional emailing (which also includes Welcome, Forgot password, Confirmation, Billing plan-related emails, invoicing, as well as Critical Product updates), and other information that refers to your Mailtrap Application account.

Before enabling Mailtrap’s email forwarding functionality, we ask a recipient to provide consent to receive all forwarded by a certain Application user emails.

4.3 Children’s Information

Our Site and Application are not intended for children’s use. We do not knowingly accumulate any data from children under the age of 16. If you think that we might have gathered some information from children under the age of 16, please let us know at privacy@mailtrap.io and we will delete this data from our databases and other applicable resources, if any.

5. International Transfer of Information

5.1 The International Transfer

To perform our operations, we may transfer and access Personal Information from around the world, including the United States, the EU, and other countries. While transferring the data, we take the necessary measures to safeguard the activity in general, and the Data Subjects in particular to ensure an appropriate level of protection for their fundamental rights. The Privacy Policy shall apply even if Personal Information is transferred or accessed from other countries.

We use third-party services (as described in this Privacy Policy), which may be based in other countries that may not have equivalent Privacy and Data Protection laws to the country in which you reside. When we share information about customers residing in the European Economic Area and Switzerland, European Commission-approved standard contractual data protection clauses, or other appropriate legal mechanisms to safeguard the transfer.

6. Data Privacy Framework

6.1 Adherence to Data Privacy Framework

Railsware Products Studio LLC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. 

Railsware Products Studio LLC has been certified by the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  

Railsware Products Studio LLC has been certified by the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  

To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/

6.2 Complaints mechanism

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Railsware Products Studio LLC commits to resolve DPF Principles-related complaints about our collection and use of Your personal information.  EU, UK, and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact Railsware Products Studio LLC to: privacy@mailtrap.io. Railsware Products Studio LLC may be subject to the investigatory and enforcement powers of the FTC.

6.3 Binding arbitration

Under certain conditions You have the possibility to invoke binding arbitration for complaints regarding Data Privacy Framework compliance not resolved by any of the other Data Privacy Framework mechanisms. Please find more details on this here – https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2 

6.4 Transfers to third parties

In case Railsware Products Studio LLC transfers any personal information that is subject to Data Privacy Framework, to the third parties, Railsware Products Studio LLC  shall remain liable under the DPF Principles if such third parties process such Personal Information in a manner inconsistent with the DPF Principles, unless Railsware Products Studio LLC proves that it is not responsible for the event giving rise to the damage.

7. Sub-processors

Railsware uses a range of third-party sub-processors that are authorized to process the Application user and customer data, and help us deliver the Application functionality, as well as the accompanying support services in full.

Entity NamePurposeLocation
Amazon Webservices, Inc.InfrastructureUnited States
Google Inc.InfrastructureUnited States
Facebook, Inc.Marketing AnalyticsUnited States
Twitter, Inc.Marketing AnalyticsUnited States
LinkedIn Ireland Unlimited CoMarketing AnalyticsIreland
HubSpot, Inc.Marketing AnalyticsUnited States
Mouseflow, ApS.Marketing AnalyticsDenmark
HelpScout PBCCustomer SupportUnited States
Slack Technologies IncCommunicationUnited States
Typeform SLCustomer FeedbackSpain
Microsoft, Inc. (Clarity)Marketing AnalyticsUnited States
SupportYourApp LimitedCustomer SupportHong Kong

8. General Clauses

8.1 Changes to the Privacy Policy

We reserve the right to review and make amendments to this Policy. When the changes are made, we will publish the new version of the Privacy Policy on our Site and update the ‘effective’ date, which is indicated in the top left corner of this Policy, to the day when the latest amendments were published on the Site.

8.2 Contact us

For any additional questions or inquiries about the Privacy Policy, please send an email to privacy@mailtrap.io