Security and Privacy Policy

Last Altered 20th May 2018


CloudMailin takes security incredibly seriously. Although this article describes a number of our practices please feel free to contact us for more details or to request a copy of our security whitepaper.

CloudMailin employs both automated and manual scans of our applications for vulnerabilities and security issues, if an issue should arise we attempt to promptly deal with it as appropriate.

Data Centre Security


CloudMailin uses encryption throughout our platform for communication.


Data and Privacy

Data Storage and retention Policies

Customer Data
Payment and billing information
Inbound Servers

Our inbound servers store the following data within our database:

Field Description
Sender IP The IP address of the sending server.
Message ID The message ID taken from the message headers.
Sender The SMTP transaction sender.
Recipient The Recipient passed during the SMTP transaction.
Subject The message subject taken from the message headers.
Date The date the CloudMailin server’s received this message.
Server Response The status code and HTTP body received in response to the message post from the recipient server.
Processing Time The processing time of the server.

The following also applies to this data:

GDPR & Privacy Shield

CloudMailin stores information predominantly within the United States and EU.

In order to facilitate global operation we may need to transfer and access information from around the world.

If legally required Personal Information may be accessible to law enforcement or other authorities pursuant to a lawful request. By providing information to CloudMailin, you consent to the transfer and storage of Personal and customer Information in these locations.

Data Protection Amendment

CloudMailin has a standard DPA available for customers that require it. Please contact us for a signed copy of our DPA.

Sub Processors

For the purposes of our Data Protection Amendment we currently make use of the following sub-processors:

Name Purpose Server Location
Amazon Web Services Various servers including servers, databases and storage USA / EU / AP
Heroku (Salesforce) Management Website USA / EU
Crunchy Data Database USA / EU (data hosted in AWS)
Cookies and Tracking

The customer acknowledges that during the provision of services, the CloudMailin employs the use of cookies, unique identifiers, web beacons and similar tracking technologies (“Tracking Technologies”). The customer will maintain appropriate notice, consent, opt-in and opt-out mechanisms as are required by Data Protection Laws to enable the processor to deploy Tracking Technologies lawfully on, and collect data from, the devices of Recipients in accordance with and as described in the Privacy Policy found at

Google Site Stats

You may have clicked on an ad for this website that was delivered by Google.

Relevant Ads, Quality Advertisers

Google measures the performance of the advertising it delivers. By providing a tool to more accurately measure the performance of the ads we deliver, Google (and advertisers) will be able to improve the quality and relevance of the ads that you see.

Your Privacy

To measure performance, Google uses small strings of text (known as cookies) that are placed on your computer when you click on ads. Cookies typically remain active on your computer for about 30 days. If you visit certain pages of the advertiser's website during that period, Google and the advertiser will be able to tell that you saw the ad delivered by Google.

If you'd like to know more about how Google handles information gathered from the use of cookies, please read our privacy policy. If you want to disable the use of cookies, you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. Be aware, however, that some websites may not function properly if you refuse to accept cookies.

Legal Policies