Privacy Policy

Last Updated: August 30, 2025

Table of Contents

1. Introduction2. Information We Collect3. How We Use Your Information4. AI and Data Processing5. Information Sharing6. Data Security7. Your Rights8. Contact Information

1. Introduction

MailCrafts ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered email response generation service at mailcrafts.com (the "Service").

Data Controller

Company:
ARDOR 0608 OOD
VAT: BG204662761
Address:
Azman Dere 423-3, Priselci village, 9131, Bulgaria
Contact:
info@mailcrafts.com

2. Information We Collect

2.1 Personal Information You Provide

  • Account Information: Name, email address when you register
  • Authentication Data: OAuth tokens from third-party providers (Google)
  • Email Content: Original emails you input for response generation
  • Generated Content: AI-generated email responses, subjects, and related metadata
  • Communication: Messages you send to our support team

2.2 Automatically Collected Information

  • Usage Data: How you interact with our Service, features used, time spent
  • Technical Data: IP address, browser type, device information, operating system
  • Cookies and Tracking: Session cookies, preference cookies
  • Performance Data: Error logs, response times, system diagnostics

2.3 Third-Party Data

  • OAuth Providers: Profile information from Google (name, email, profile picture)
  • Payment Processors: Billing information processed by Stripe (we don't store payment details)

3. How We Use Your Information

Primary Purposes

  • Generate AI-powered email responses
  • Create and maintain your user account
  • Analyze usage patterns to enhance our AI
  • Provide customer support

Legal Basis (GDPR)

  • Contract Performance: Service provision (Art. 6(1)(b))
  • Legitimate Interest: Service improvement, security (Art. 6(1)(f))
  • Consent: Marketing, cookies (Art. 6(1)(a))

4. AI and Data Processing

AI Model Usage

  • We use OpenAI's GPT models to generate email responses
  • Your content is processed but not used to train AI models
  • Generated responses are stored for your history and favorites
  • Processing logs kept for 30 days for service improvement

5. Information Sharing

Third-Party Service Providers

OpenAI: AI processing
Stripe: Payment processing
Google: Authentication
Vercel: Hosting & infrastructure

6. Data Security

Security Measures

Encryption: TLS in transit, database encryption at rest
Access Controls: Role-based access, MFA for staff
Regular Audits: Security assessments and testing
Incident Response: 72-hour breach notification

7. Your Rights (GDPR)

Access & Portability

  • • Request copy of your data
  • • Export in machine-readable format

Correction & Deletion

  • • Correct inaccurate data
  • • Request data deletion

Processing Controls

  • • Restrict processing
  • • Object to processing
  • • Withdraw consent

Exercising Your Rights

To exercise these rights, contact us at info@mailcrafts.com. We will respond within 30 days and may request identity verification for security purposes.

8. Contact Information

Get in Touch

📧

Privacy Questions

info@mailcrafts.com

🏢

Company Information

ARDOR 0608 OOD
VAT: BG204662761
Azman Dere 423-3
Priselci village, 9131
Bulgaria

Key Privacy Commitments

No AI Training

Your emails aren't used to train AI models

GDPR Compliant

Full compliance with EU data protection laws

Secure Processing

Enterprise-grade encryption and security

Your Control

Delete, export, or modify your data anytime

Data Retention Periods

  • Account Data: 3 years after deletion (legal obligations)
  • Email Content: Deleted within 30 days of account closure
  • Payment Records: 10 years (Bulgarian tax law)
  • Usage Data: 2 years for service improvement
  • Security Logs: 1 year for incident response

International Data Transfers

Data may be transferred outside the EU/EEA with appropriate safeguards:

  • United States: Under adequacy decisions or Standard Contractual Clauses
  • Third Countries: Only with adequate protection measures

Children's Privacy

MailCrafts is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe your child has provided us with personal information, please contact us immediately at info@mailcrafts.com.

Supervisory Authority

If you're unsatisfied with our response to privacy concerns, you may lodge a complaint with theCommission for Personal Data Protection (CPDP) in Bulgariaor your local data protection authority if you're in another EU/EEA country.

This Privacy Policy is governed by the laws of Bulgaria and the European Union's General Data Protection Regulation (GDPR).

Company: ARDOR 0608 OOD (VAT: BG204662761)

Website: mailcrafts.com