Privacy Policy

Start Sending
View pricing
01

Introduction

Mission Inbox Inc. ("we," "us," "our," or "Company") is committed to protecting your privacy and being transparent about how we collect, use, and protect your personal information. This Privacy Policy explains our data practices when you use our email infrastructure platform and related services (the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our practices, please do not use the Service.

β„Ή
Part of Your AgreementThis Privacy Policy is incorporated by reference into our Terms of Service. Capitalized terms not defined here carry the meaning given to them in the Terms of Service. Last updated: January 5, 2026.
02

Information We Collect

CategoryData PointsSource
Account Information Name, email address, company name, job title, business address, phone number, encrypted password Provided by you at registration
Billing Information Payment method details, billing address, tax identification numbers, transaction history Provided by you; processed by our payment processor
Email Content & Metadata Message body, subject lines, attachments, sender/recipient addresses, timestamps, delivery status, bounce data Generated through your use of the Service
Recipient & Contact Data Contact lists, recipient email addresses, and associated attributes you upload or create Provided by you
Performance Data Open rates, click rates, bounce rates, spam complaint rates, unsubscribe rates, delivery logs Generated automatically through Service operation
Technical & Usage Data IP address, browser type, operating system, pages visited, features used, API usage logs, error reports Collected automatically via cookies and server logs
Integration Data API keys, authentication tokens, and data synchronized from third-party services you connect Provided by you when configuring integrations
AI Training Data Email content patterns, structural features, and quality indicators used to train MI Shield β€” see Section 12 Derived from email activity on the platform
03

How We Use Your Information

Service Provision

  • Deliver, operate, maintain, and improve our email infrastructure services across both product lines.
  • Process and route your email campaigns and transactional sends.
  • Manage your account, authenticate your identity, and provide customer support.
  • Monitor deliverability metrics and maintain sender reputation on shared infrastructure.
  • Enforce compliance with our Acceptable Use Policy and these Terms.

Billing & Business Operations

  • Process subscription and usage-based charges, generate invoices, and manage payment collections as described in our Billing Policy.
  • Send service updates, security alerts, billing notifications, and account communications.
  • Analyze platform usage patterns to improve features and user experience.
  • Meet regulatory, tax, and legal compliance obligations.

Security & Fraud Prevention

  • Monitor for suspicious activity, unauthorized access, and AUP violations.
  • Investigate potential security incidents and platform abuse.
  • Maintain audit logs for compliance, billing disputes, and troubleshooting.

AI-Powered Spam Protection (MI Shield)

Mission Inbox uses email content patterns and performance data to train and improve our proprietary MI Shield system. See Section 12 for full details on AI data processing, safeguards, and your options.

04

Information Sharing & Disclosure

βœ“
We Do Not Sell Your DataMission Inbox does not sell, rent, or trade your personal information to third parties for marketing or any other commercial purpose.

Service Providers

We share data with trusted third-party providers who assist in operating the Service. All providers are contractually bound to protect your information and use it only for the specific purpose for which it was shared:

Provider CategoryPurposeData Shared
Cloud InfrastructureHosting, storage, content deliveryAccount data, email logs, platform data
Payment ProcessingCredit card processing, billing managementBilling information only; not email content
AnalyticsUsage analytics, performance monitoringAnonymized usage data only
Customer SupportSupport ticketing, communication toolsAccount information, support history
SecurityFraud detection, threat monitoringAccess logs, IP data

Legal Requirements

We may disclose information when required by law or when we reasonably believe disclosure is necessary to: comply with legal process, court orders, or government requests; protect our rights, property, or safety or that of our users; investigate fraud, security breaches, or policy violations; or enforce our Terms of Service.

Business Transfers

In the event of a merger, acquisition, or sale of substantially all of our assets, your information may be transferred as part of the transaction. We will provide notice via email and/or a prominent notice on our website prior to the transfer taking effect, and you will have the option to delete your account before the transfer.

Your Email Recipients

When you send emails through the Service, recipient information and email content are shared with the intended recipients and with email delivery providers in the transmission chain. Email performance data (opens, clicks, bounces) is processed by analytics services when enabled on your account.

05

Data Retention

Data CategoryRetention PeriodNotes
Account InformationDuration of account + 30 days post-terminationPurged after 30-day window closes
Email ContentUp to 30 daysRetained for delivery troubleshooting only; not stored beyond this window
Email Delivery LogsUp to 90 daysAccessible via your dashboard during this period
Performance AnalyticsUp to 2 years (identified); indefinitely (anonymized)Aggregated anonymized data may be retained for product improvement
SMTP/IMAP CredentialsDuration of account; purged within 30 days of terminationAvailable for earlier deletion upon written request
Billing RecordsUp to 7 yearsRequired for tax and legal compliance
Security & Audit LogsUp to 2 yearsRetained for compliance, dispute resolution, and fraud prevention
β„Ή
Accelerated DeletionYou may request deletion of your account data ahead of the standard schedule by emailing hey+privacy-requests@missioninbox.com. Deletion requests do not override our obligation to retain data required by law, active dispute resolution, or unpaid billing obligations.
06

Data Security

Technical Safeguards

  • Encryption: All data is encrypted in transit using TLS and at rest using AES-256.
  • Access controls: Role-based access with multi-factor authentication required for all Mission Inbox personnel accessing production systems.
  • Credential handling: SMTP/IMAP credentials stored on our platform are encrypted at rest and never exposed in logs, error messages, or support interfaces.
  • Network security: Firewalls, intrusion detection systems, and regular penetration testing.
  • SOC 2 compliance: Mission Inbox operates under an active SOC 2 compliance program covering security, availability, and confidentiality trust service criteria.

Employee Access

Access to personal information is restricted to Mission Inbox personnel who require it to perform their job functions. All employees undergo security awareness training and sign confidentiality agreements. Access is reviewed and revoked promptly upon role changes or departure.

Incident Response

  • In the event of a confirmed security incident affecting your account data, we will notify you within 72 hours of discovery via the email address registered to your account.
  • We will contain the incident, assess the scope of impact, and take corrective measures to prevent recurrence.
  • Where required by law, we will notify relevant supervisory authorities within applicable timeframes.
  • To report a potential security vulnerability or incident, contact hey@missioninbox.com with subject line "Security Incident."
07

Your Privacy Rights

Regardless of your jurisdiction, Mission Inbox honors the following rights for all users:

RightWhat It MeansHow to Exercise
AccessObtain a copy of the personal information we hold about youDashboard export or email request
CorrectionUpdate inaccurate or incomplete personal informationAccount settings or email request
DeletionRequest deletion of your account and associated personal dataAccount cancellation or email request
PortabilityReceive your data in a machine-readable formatEmail request to privacy address
RestrictionRequest that we limit processing of your data in certain circumstancesEmail request to privacy address
ObjectionObject to processing for direct marketing or automated decision-makingAccount settings or email request
Opt-out of MarketingUnsubscribe from marketing emails and product announcementsUnsubscribe link in any marketing email or account settings

To exercise any right, email hey+privacy-requests@missioninbox.com or submit a request through your account dashboard. We will respond within 30 days, or within the timeframe required by applicable law in your jurisdiction.

⚠
Deletion Does Not Affect Billing ObligationsRequesting deletion of your account data does not cancel any outstanding subscription or usage charges. All billing obligations remain in effect through the end of your final billing cycle. See the Billing Policy for cancellation terms.
08

International Data Transfers

Mission Inbox is headquartered in the United States. If you are accessing the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

We ensure international transfers are protected through one or more of the following mechanisms:

  • Adequacy decisions: Transfers to countries that the European Commission or relevant authority has determined provide adequate protection.
  • Standard Contractual Clauses (SCCs): EU-approved contractual terms incorporated into agreements with service providers.
  • Supplementary measures: Technical and organizational measures that provide an equivalent level of protection where required by local law.

Enterprise customers requiring a Data Processing Agreement (DPA) to satisfy GDPR Article 28 requirements should contact hey@missioninbox.com.

09

Cookies & Tracking Technologies

Cookie TypePurposeCan Be Disabled?
EssentialAuthentication, session management, security, basic platform operationNo β€” required for the Service to function
PerformanceAnalytics, load balancing, error tracking, usage statisticsYes β€” via cookie preference center
FunctionalityUser preferences, interface customization, saved settingsYes β€” disabling may affect experience
MarketingConversion tracking, advertising optimizationYes β€” requires explicit consent; off by default

You can manage cookie preferences through your browser settings, our in-platform cookie preference center, or opt-out tools for specific analytics providers. We honor Do Not Track (DNT) browser signals and will not deploy non-essential tracking for users with DNT enabled.

10

Children's Privacy

The Service is not directed to, and we do not knowingly collect personal information from, individuals under the age of 21. If you believe a minor has provided us with personal information, please contact hey+privacy@missioninbox.com and we will take prompt steps to delete it.

11

Regional Privacy Rights

European Union β€” GDPR
  • Right to erasure (right to be forgotten)
  • Right to data portability
  • Right to restrict processing
  • Right to object to processing
  • Right to lodge complaints with your local supervisory authority
  • DPA available upon request
California β€” CCPA/CPRA
  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of sale of personal information (we do not sell data)
  • Right to correct inaccurate information
  • Right to limit use of sensitive personal information
  • Right to non-discrimination for exercising rights
Other Jurisdictions
  • We comply with applicable privacy laws in all jurisdictions where we operate
  • We honor rights required by local law upon verified request
  • Contact us if you have questions about your jurisdiction's specific rights

To exercise regional rights, email hey+privacy-requests@missioninbox.com identifying your jurisdiction and the right you wish to exercise. We will respond within the timeframe required by your local law.

12

AI & MI Shield

Mission Inbox uses email content patterns and performance data to train and continuously improve our proprietary spam detection system, MI Shield. This section explains what data is used, how it is protected, and what the system does.

What MI Shield Does

  • Spam detection: Identifies and prevents spam, phishing, and low-quality content from being sent through our infrastructure.
  • Content quality analysis: Analyzes email characteristics that correlate with deliverability outcomes and spam classification by major ISPs.
  • Platform protection: Maintains the health of our IP infrastructure and sender reputation pool for all customers.
  • Automated policy review: Flags content that may violate our Acceptable Use Policy for human review.

Data Used for AI Training

  • Content patterns: Email text structures, subject line patterns, and formatting features are analyzed. Full message bodies are processed but not retained in identifiable form beyond our standard email content retention window.
  • Performance correlation: Engagement metrics (bounce rates, complaint rates) are correlated with content features to improve quality scoring.
  • Anonymization: Training datasets are processed to remove personally identifiable information where technically practicable before use in model training.
  • Aggregation: Individual patterns are combined into aggregate datasets; the model does not memorize or reproduce individual email content.

AI Training Safeguards

  • Data minimization: Only content features necessary for spam detection improvement are extracted for training purposes.
  • Access controls: AI training datasets are accessible only to authorized Mission Inbox engineering personnel.
  • Purpose limitation: Training data is used exclusively for improving spam protection and content quality analysis β€” not for advertising, profiling, or resale.
  • Retention limits: Training datasets are periodically refreshed; outdated data is removed on a rolling basis.
β„Ή
Objecting to AI Training UseIf you wish to object to your email content being used in MI Shield training data, contact hey+privacy-requests@missioninbox.com. We will assess your request in the context of our legitimate interest in maintaining platform-wide deliverability. Note that opting out of AI training does not affect how your emails are delivered or how your account is billed.
13

Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices, the Service, or applicable law. Material changes will be communicated through:

  • Email notification to your registered account address at least 14 days before the change takes effect.
  • A prominent notice on our website and within the platform.

Your continued use of the Service after the effective date of a revised Privacy Policy constitutes your acceptance of the updated terms. If you disagree with material changes, you may terminate your account before the effective date.

14

Contact & Data Requests

PurposeContactResponse Time
General privacy questionshey+privacy@missioninbox.com5 business days
Data subject requests (access, deletion, portability)hey+privacy-requests@missioninbox.com30 days (or as required by local law)
AI training opt-outhey+privacy-requests@missioninbox.com30 days
DPA requests (GDPR)hey@missioninbox.com10 business days
Security incidentshey@missioninbox.com β€” subject: "Security Incident"72 hours
Legal / registered mailMission Inbox Inc., 2093 Philadelphia Pike #2171, Claymont, DE 19703β€”

This Privacy Policy is effective as of January 5, 2026 and applies to all users of Mission Inbox services. It is incorporated by reference into the Mission Inbox Terms of Service. For all other legal matters, refer to the Terms of Service and Billing Policy.