ephemail
/privacy

privacy

this is the plain-language version. the binding legal text lives in /legal. when the two disagree, legal wins, but we try hard not to disagree.

who we are

ephemail is operated by azla managers llc ("we", "us"), which acts as the data controller for personal data described below. for questions about this notice or to exercise your rights, contact privacy@ephemail.io.

legal basis for processing

  • contract — to provide the service you have signed up for (account, message delivery, api access).
  • legitimate interests — to keep the service secure, prevent abuse and fraud, debug, and improve the product.
  • legal obligation — to comply with tax, accounting, and law-enforcement obligations.
  • consent — for any optional analytics or marketing emails, which you can withdraw at any time.

what we collect

  • account data — email, name, workspace, billing contact. needed to run your account.
  • message data — mime sources received at your addresses. you tell us when to delete; defaults below.
  • metadata — sender, recipient, subject, size, smtp result codes. used for filtering and metrics.
  • operational logs — ip, user agent, api endpoint, status code. used for abuse and debugging.
  • analytics — anonymized usage counters. no third-party tracking on dashboard or api.

what we do not collect

  • cross-site advertising identifiers.
  • device fingerprints beyond the user-agent header.
  • contents of messages routed through but not stored (forwarding mode).

data flow

sender (smtp) ──► mx edge (us/eu) ──► policy filter ──► storage
                                              │
                                              └──► webhook fan-out ──► your endpoint
api / dashboard ──► gateway ──► storage (rls)
                              └──► audit log

a full architecture diagram lives in /security. mail never transits regions other than the one you selected at workspace creation.

retention by plan

planmessagesaudit logmetrics
free24h7d30d
pro30d (configurable)30d90d
team90d (configurable)30d1y
enterpriseconfigurable, unlimitedunlimitedunlimited

you can shorten any of these in /app/settings. requests for permanent deletion are honored within 30 days, including backups, except where retention is required by law.

sub-processors and data recipients

we share personal data only with vetted recipients that help us run the service:

  • paddle.com market limited — our merchant of record. paddle processes billing contact details, payment metadata, billing address, and tax information for the sole purpose of taking payment, issuing invoices, handling refunds and chargebacks, and meeting global tax-compliance obligations. card numbers never reach our servers.
  • hosting and infrastructure providers — see /dpa for the live sub-processor list and notification policy.
  • professional advisers and authorities — only where required by law.

your rights

  • access — export your data from /app/settings/export at any time.
  • deletion — self-service in /app/settings; or email privacy@ephemail.io.
  • portability — exports are json + mbox.
  • objection — disable specific processing categories per workspace.

international transfers

eu workspaces stay in eu regions. transfers from eu to us, when contractually requested, use sccs (2021/914). see /dpa annex ii.

children

service is not directed to children under 16.

contact

privacy@ephemail.io · dpa requests: legal@ephemail.io · abuse: /abuse