Privacy Policy

Last Updated: May 23, 2026

1. Introduction & Scope

Welcome to DESA Mail ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our email marketing platform, or interact with our services (collectively, the "Services").

Because our core service involves processing emails and contact lists on your behalf, this policy distinguishes between data we collect about you (the Account Holder) and data you upload to our platform about your subscribers (the End Users). We act as a Data Controller for Account Holder data and a Data Processor for End User data.

2. Information We Collect

A. Information You Provide to Us (Account Data)
When you register for an account, we collect personal information such as your name, company name, email address, phone number, and billing details (processed securely via our payment gateways). We also collect any information you provide when contacting our support team.

B. Information You Upload (Subscriber Data)
To use our email marketing tools, you may upload contact lists containing names, email addresses, and custom attributes of your subscribers. We strictly process this data solely to provide our Services to you and do not use it for our own marketing purposes.

C. Automatically Collected Information (Telemetry)
We automatically collect certain information when you visit our website or use our platform, including IP addresses, browser types, operating systems, referring URLs, and interaction data. For sent campaigns, we track delivery statuses, open rates, click-throughs, and bounce metrics to provide you with detailed analytics.

3. How We Use Your Information

We use the collected information for various purposes, including:

  • Service Delivery: To operate, maintain, and provide the features of DESA Mail.
  • Billing & Administration: To process payments, prevent fraud, and manage your account.
  • Communication: To send administrative notices, service updates, security alerts, and support messages.
  • Analytics & Improvement: To monitor and analyze trends, usage, and activities to improve our platform's user experience and AI algorithms (using anonymized data only).
  • Compliance: To enforce our Terms of Service, anti-spam policies, and comply with legal obligations.

4. Third-Party Infrastructure and Sub-Processors

To provide a robust, highly available service, we rely on trusted third-party vendors, cloud hosting providers, and email delivery networks (collectively, "Sub-processors"). We do not sell, rent, or trade your personal or subscriber data.

We may share necessary data with these infrastructure partners strictly for the purpose of transmitting your email campaigns, storing data securely, or processing payments. Whether we utilize industry-standard delivery networks (such as Mailgun, Amazon SES, SendGrid, or others), all our Sub-processors are rigorously vetted, bound by strict confidentiality agreements, and are legally prohibited from using your data for any other purpose.

5. Data Security & Retention

We implement robust, enterprise-grade technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. This includes end-to-end SSL encryption, secure database architectures, and regular security audits.

We retain your Account Data for as long as your account is active or as needed to provide you the Services. If you choose to delete your account, we will purge your personal and subscriber data from our active databases, subject to our legal obligations to retain certain billing or compliance logs.

6. Your Data Protection Rights (GDPR & CCPA)

Depending on your jurisdiction, you may have specific rights regarding your personal data:

  • Right to Access & Portability: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can update or correct inaccurate data within your account settings.
  • Right to Erasure ("Right to be Forgotten"): You can request the deletion of your personal data.
  • Right to Restrict/Object: You have the right to object to our processing of your personal data for direct marketing.

If you are an End User (a subscriber of a DESA Mail Account Holder) and wish to exercise these rights, please contact the Account Holder directly, as they are the Data Controller of your information. We will assist our Account Holders in fulfilling these requests.

7. International Data Transfers

Your information, including Personal Data, may be transferred to and maintained on servers located outside of your state, province, or country. We ensure that such transfers are protected by appropriate safeguards, such as Standard Contractual Clauses, to guarantee your data privacy.

8. Changes to This Privacy Policy

We may update our Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. Continued use of our Services after such modifications constitutes your acknowledgment of the modified policy.

9. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact our Data Protection Officer at:

Email: privacy@desamail.com
Web: Contact Us Form