Consulting Privacy Policy

Our consulting data and privacy policy

At MailGenius, we recognize that privacy is an important issue, so we design and operate our services with the protection of your privacy in mind at all times. This Privacy Policy outlines the types of personal protection we assure when you engage with MailGenius, as well as some of the steps we take to safeguard it.

Information Sharing

We do not rent or sell your information to other companies or individuals, unless we have your consent. We may share such information in any of the following limited circumstances:

  • We have your consent.
  • We provide such information to trusted businesses or persons for the sole purpose of processing personally identifying information on our behalf. When this is done, it is subject to agreements that oblige those parties to process such information only on our instructions and in compliance with this Privacy Policy and appropriate confidentiality and security measures.
  • We conclude that we are required by law or have a good faith belief that access, preservation or disclosure of such information is reasonably necessary to protect the rights, property or safety of MailGenius or the public.
  • If you have an account, we may share the information submitted under your account among all of our services in order to provide you with a seamless experience and to improve the quality of our services. We will not disclose your account information to other people or non-affiliated companies, except in the limited circumstances described in this Policy or with your consent.

In the event of a transfer of ownership of MailGenius, such as acquisition by or merger with another company, we will provide notice before any personally identifying information is transferred and becomes subject to a different privacy policy. We may share aggregated and anonymized information with others.

Data Security Policy

Our data protection policy sets out our commitment to protecting client data and how we implement that commitment with regards to the collection and use of client data.

We are committed to:

  • Ensuring that we comply with the data protection principles, as listed below.
  • Ensuring that data is collected and used fairly and lawfully. Processing client data only in order to meet our operational needs or fulfill legal and contractual requirements.
  • Establishing appropriate retention periods for client data.
  • Ensuring that data subjects’ rights can be appropriately exercised.
  • Providing adequate security measures to protect client data.
  • Ensuring that all staff is made aware of standard practice for data protection.
  • Ensuring that queries about data protection, internal and external to the organization, is dealt with effectively and promptly.
  • Regularly reviewing data protection procedures and guidelines within the organization.

Our data protection principles:

Client data shall be processed fairly and lawfully. Client data shall be obtained with the purpose of completing our contractual obligation to the Client, and shall not be further processed in any manner incompatible with that purpose. Appropriate technical and organizational measures shall be taken against the unauthorized processing of Client data, and against the accidental loss, destruction, or damage to client data. To this end, Client data will be stored on our servers and protected with modern encryption.

Security Assessments and Compliance

Data Centers

MailGenius’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:

  • ISO 27001
  • SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
  • PCI Level 1
  • FISMA Moderate
  • Sarbanes-Oxley (SOX)

MailGenius Security Best Practices

Encrypt Data in Transit

  • We enable HTTPS for applications and SSL database connections to protect sensitive data transmitted to and from applications.

Encrypt Sensitive Data at Rest

  • All sensitive data is encrypted within databases to meet our data security requirements. Data encryption is deployed using industry standard encryption.

Secure Development Practices

  • All engineering is done in house at MailGenius, following best practices and using up to date security patches tools. Authentication
  • To prevent unauthorized account access to our platforms we enforce strong passphrase, SSH keys, and 2FA for our data critical employees.