MailTantra
MailTantra
Legal

Privacy Policy

Effective: January 1, 2025Last updated: April 1, 2026
Contents
Related
Terms of ServiceCAN-SPAM PolicyRefund Policy
01

Overview

MailTantra ("we", "our", "us") is operated by Marvonix Technologies Pvt. Ltd. This Privacy Policy explains how we collect, use, store, and protect information about you when you use MailTantra (the "Service").

By accessing or using the Service, you agree to the practices described in this policy. If you do not agree, please discontinue use of the Service.

02

Information we collect

Information you provide directly

  • Account registration data: name, email address, company name, job title, and password.
  • Billing information: payment card details processed via Stripe. We never store raw card numbers.
  • Campaign content: email copy, subject lines, lead lists, and sequence configurations you upload or create.
  • Support communications: messages you send to our team via chat, email, or our contact form.

Information we collect automatically

  • Usage data: pages visited, features used, clicks, and session duration.
  • Device and browser data: IP address, browser type, operating system, and device identifiers.
  • Email analytics: open and click events generated by tracking pixels embedded in your sent campaigns.
  • Log data: server logs, API request metadata, and error reports.

Information from third parties

  • OAuth tokens when you connect Google Workspace or Microsoft 365 accounts to send emails.
  • Enrichment data from integrated providers (e.g., Apollo, Clearbit) when you use the lead enrichment feature.
03

How we use your information

We use the information we collect to:

  • Provide, maintain, and improve the Service.
  • Process payments and manage your subscription.
  • Send you transactional communications: receipts, account alerts, and security notices.
  • Send marketing communications if you have opted in (you may opt out at any time).
  • Detect and prevent fraud, abuse, and security incidents.
  • Comply with legal obligations.
  • Generate anonymised, aggregated analytics to improve product performance.

We do not sell your personal data to third parties. We do not use your campaign content to train AI models without your explicit consent.

04

Data storage & security

All personal data is stored on servers located in the European Union (AWS eu-west-1) and India (AWS ap-south-1). Data is encrypted at rest using AES-256 and in transit using TLS 1.3.

We maintain SOC 2 Type II certification. Access to production data is restricted to authorised personnel on a need-to-know basis, governed by role-based access control and multi-factor authentication.

In the event of a data breach affecting your personal information, we will notify you within 72 hours as required by applicable law.

05

Data sharing

We share data only in the following circumstances:

  • Service providers: trusted sub-processors (e.g., AWS, Stripe, Postmark, Sentry) under data processing agreements that restrict their use of your data.
  • Legal requirements: when required by a valid court order, subpoena, or applicable law.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, subject to confidentiality obligations.
  • With your consent: for any other purpose with your explicit permission.
06

Cookies & tracking

We use cookies and similar technologies to:

  • Maintain your session and authentication state.
  • Remember your preferences.
  • Analyse usage patterns via privacy-respecting analytics (we use Plausible Analytics, which does not use cookies or fingerprinting).
  • Enable campaign tracking pixels for deliverability analytics.

You can control cookies through your browser settings. Disabling certain cookies may affect Service functionality.

07

Your rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: correct inaccurate or incomplete data.
  • Erasure: request deletion of your personal data ("right to be forgotten").
  • Portability: receive your data in a structured, machine-readable format.
  • Restriction: restrict processing in certain circumstances.
  • Objection: object to processing based on legitimate interests or direct marketing.
  • Withdrawal of consent: withdraw consent at any time where processing is consent-based.

To exercise any of these rights, contact us at privacy@mailtantra.ai. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

08

Data retention

We retain your account data for the duration of your subscription plus 90 days after cancellation, to allow account recovery. After this period, account data is permanently deleted.

Campaign data (lead lists, email content, analytics) can be deleted by you at any time from within the Service. Billing records are retained for 7 years as required by tax law.

Backup data may persist for up to 30 additional days after deletion requests are processed.

09

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email and display a prominent notice in the Service at least 14 days before the changes take effect.

Continued use of the Service after the effective date constitutes acceptance of the updated policy.

10

Contact & DPO

Data Controller: Marvonix Technologies Pvt. Ltd., Bangalore, India.

Data Protection Officer: dpo@mailtantra.ai

Privacy enquiries: privacy@mailtantra.ai

Have a question about this policy?

Contact our legal team