Sign inStart free →

Legal

Privacy Policy

Last updated: May 2025

1. Who We Are

SES Mailbox ("we", "our", "us") provides an email marketing platform built on Amazon Web Services Simple Email Service (AWS SES). This Privacy Policy explains what data we collect, how we use it, and your rights in relation to it. By using SES Mailbox you agree to the practices described here.

2. Information We Collect

Account information

When you register we collect your name, email address, and organisation name. This is used to create and manage your account.

AWS credentials

To connect your Amazon SES account you provide AWS access keys. These credentials are encrypted at rest and used solely to send campaigns on your behalf through your own AWS infrastructure. We never use them for any other purpose.

Subscriber data

You may upload contact lists (email addresses and associated fields) to SES Mailbox. You remain the data controller for this subscriber data. We process it only as instructed by you to deliver your campaigns.

Usage data

We collect information about how you use the platform — pages visited, features used, campaign send counts — to improve the service and troubleshoot issues. This data is not sold.

Payment information

Payments are processed by PayPal. We do not store your credit card or bank details. We receive a subscription ID and payment confirmation from PayPal.

3. How We Use Your Information

  • Provide, operate, and maintain the SES Mailbox platform
  • Process transactions and send billing communications
  • Send transactional emails (account verification, password reset, billing alerts)
  • Respond to support requests
  • Monitor usage to improve the service and fix bugs
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations

4. Data Sharing

We do not sell, rent, or trade your personal data. We share data only in the following limited circumstances:

  • With Amazon Web Services (AWS) to facilitate email delivery via SES
  • With PayPal to process subscription payments
  • With service providers who help us operate our infrastructure (hosting, monitoring), bound by confidentiality obligations
  • When required by law, court order, or governmental authority
  • In connection with a merger or acquisition, with prior notice to affected users

5. Subscriber Data & GDPR

Your obligations

You are responsible for ensuring you have a lawful basis for sending marketing emails to your subscribers and that your use of SES Mailbox complies with applicable laws including GDPR, CAN-SPAM, and CASL.

Automatic unsubscribes

SES Mailbox automatically inserts a one-click unsubscribe link and List-Unsubscribe header in every marketing campaign. Unsubscribes are processed immediately and suppressed from future sends.

Data processor role

For your subscriber data, SES Mailbox acts as a data processor. You remain the data controller. We process subscriber data only on your instructions and never use it for our own purposes.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required for legal or accounting purposes. Subscriber data you delete is removed immediately.

7. Security

We implement industry-standard security measures including encryption in transit (TLS) and encryption at rest for sensitive credentials. However, no system is completely secure. You are responsible for maintaining the security of your account credentials.

8. Cookies

SES Mailbox uses only essential cookies required for authentication and session management. We do not use third-party advertising or tracking cookies.

9. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Receive a copy of your data in a portable format

To exercise any of these rights, contact us at support@sesmailbox.com. We will respond within 30 days.

10. Children

SES Mailbox is not intended for anyone under the age of 16. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by displaying a notice in the platform. Continued use after changes are posted constitutes acceptance of the revised policy.

12. Contact

If you have questions about this Privacy Policy or our data practices, please contact us at support@sesmailbox.com.