1. Introduction

SentinMail ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our email builder and campaign management platform ("Service").

By using SentinMail, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of our Service.

2. Information We Collect

Account Information

When you register, we collect:

Name (first and last)
Email address
Password (stored in hashed form)
OAuth profile data if you sign in via Google or GitHub

Usage Data

We automatically collect information about how you interact with the Service, including:

Pages visited and features used
IP address and approximate location
Browser type, device type, and operating system
Referring URLs and session duration

Email Campaign Data

When you use our platform to build and send emails, we process the content you create, subscriber lists you upload, and delivery/engagement metrics (opens, clicks, bounces).

3. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve the Service
Process your transactions and manage your account
Send transactional emails (account verification, password resets, billing)
Monitor usage patterns and optimize performance
Detect and prevent fraud, abuse, and security incidents
Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

Service providers — hosting, payment processing, error tracking (e.g., Sentry), and analytics tools that assist in operating the Service
Legal authorities — when required by law, subpoena, or to protect our rights
Business transfers — in the event of a merger, acquisition, or sale of assets

5. SMTP and Email Sending

SentinMail operates on a "bring your own SMTP" model. Your SMTP credentials are encrypted at rest and used solely to send emails on your behalf. We do not access, read, or store the content of emails sent through your connected SMTP servers beyond what is necessary for delivery tracking.

6. Data Retention

We retain your account data for as long as your account is active. Campaign analytics and engagement data are retained for the duration of your subscription. Upon account deletion, we remove your personal data within 30 days, except where retention is required by law.

7. Security

We implement industry-standard security measures including encryption in transit (TLS), encryption at rest for sensitive credentials, secure password hashing, and regular security audits. However, no method of transmission over the Internet is 100% secure.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

Access, correct, or delete your personal data
Export your data in a portable format
Object to or restrict certain processing
Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@sentinmail.app.

9. Cookies

We use essential cookies to maintain your authentication session and preferences (such as theme selection). We do not use third-party advertising cookies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@sentinmail.app.