Privacy Policy

In order to comply with global standards and requirements (including, but not limited to GDPR, CPRA, LGPD, PIPEDA, APPI), we at Koddrio, Inc., the legal entity behind Mailbob, strive for transparency and integrity in how and to what scope we collect, handle, store, process, use and share data.

Definitions and their scopes

The following labels are used throughout our privacy policy, marked, scoped and defined as:

Mailbob – a collection of Internet site properties, domains, employees owned and maintained by Koddrio, Inc., headquartered in California, US. The words "we", "us", "our" are used interchangebly with and assume "Mailbob".

visitor – a visitor of the web services provided by Mailbob.

customer – an account that has access to send emails through Mailbob on the account's behalf.

referral – a visitor who accesses Mailbob web services via a referral link from a customer.

recipient or subscriber – a recipient of an email from Mailbob on behalf of a customer or directly from Mailbob.

vendor – a third-party, not affiliated with Mailbob, that provides specific services under its own privacy policies. Vendors are transparently identified and defined through this privacy policy.

Data collection, retention and scope

We collect visitor IP addresses for every web request, identifying the requested resources (URL) and the exact time they were accessed. This visitor data is securely stored and processed on Digital Ocean vendor servers for debugging, security and load-balancing purposes. We do not use cookies for visitors and do not track them. This visitor data may be retained by us for at least 90 days. We use Cloudflare vendor for DNS, and HTTP caching purposes (including CDN). We use Crisp to provide online chat-based support through a widget.

We collect our and securely store a customer's email address and password (hashed and salted) for authentication purposes and to provide services according to our Terms of Service. We store customer newsletter content (text, images, etc.), recipient lists (subscriber names and emails) on behalf of the customer. An authentication cookie is used to keep a customer logged in when browsing our private pages. We use Stripe vendor to bill for our services, who securely handle billing and credit card processing data. This data is not stored on Mailbob services. This data is retained for as long as services are provided by us. We collect the amount of emails sent for analytics purposes.

We issue a tracking cookie to referral visitors that helps us reward the referring customer and a referral who signs up and becomes a customer. We store this data and the referring customer will see the newsletter name and newsletter URL of the referring customer. This data is retained for as long as services are provided by us. Referrals have the legal right to have referral data removed upon request.

Recipients of emails from Mailbob will have their names and emails collected by us through customers (importing of lists, creating a subscriber manually) or by signing up as a subscriber to a specific newsletter. We store subscriber names and emails securely to send customer newsletter content to recipients. Customers have access to a list of subscribers and their subscription statuses as well as email opens and link clicks for analytics purposes. We use Amazon Web Services to send emails and store media content (images, videos) of newsletters.

The collected data can be analyzed and processed (including data stored and made available to us by vendors) to improve the stability and functionality of our service, as well as for anonymous public marketing efforts (the number of customers, the number of subscribers, etc.).

Data security

All data collected, stored, transferred, provided is done so in a secure manner using various forms encryption to keep the data saved. All our employees are vetted and have had their background checked. We constantly run security checks, rotate credentials and run a private bug-bounty (vulnerability contest) to maintain our high security standards.

Data sharing

We do not share any data with any other vendors outside of the ones listed above for purposes. We aim to protect all data and use it to provide it according to our Terms of Service at all times. We do not sell any data.

Data removal

Your data belongs to you. We identify and associate you with your email address. If you would like to retrieve and/or remove your data that has been shared with us we will happily comply with your request under any data privacy framework/regulation. Contact us at [email protected] with your request from the email address associated with your data.

Law enforcment

We take all law enforcment requests seriously and comply with requests from agencies around the world with validation and support from our legal department. Our warrant canary is still alive and chirping ;)