Last updated: May 19, 2026
Account Information: Name, email address, company name, and billing details provided during registration.
Usage Data: API requests, email metadata (sender, recipient, subject), delivery statuses, and aggregated analytics.
Technical Data: IP addresses, browser type, device information, and access timestamps.
We do not read or store the body content of emails sent through GraphSendMail beyond what is necessary for delivery. Email content is encrypted in transit and at rest. We retain email metadata (headers, timestamps, delivery status) for analytics and troubleshooting.
We do not sell your personal data. We may share information with:
We implement industry-standard security measures including TLS encryption, access controls, and regular security audits. However, no method of transmission or storage is 100% secure.
Account data is retained while your account is active. Email metadata is retained for 90 days. Billing records are retained for 7 years per legal requirements. You may request data deletion by contacting us.
You have the right to access, correct, or delete your personal data. You may export your data or request processing restrictions. To exercise these rights, contact us at the email below.
For users in the European Economic Area, we comply with GDPR requirements. We act as a data processor for email content and a data controller for account information. Our lawful bases include contract performance, legitimate interests, and consent.
We use essential cookies for session management and security. Analytics cookies are used only with your consent. You can control cookie preferences through your browser settings.
For privacy-related inquiries, contact our Data Protection Officer at privacy@graphsendmail.com.