MailCull | Privacy Policy

1. Who runs the service

The data controller for MailCull is Neel Bharat Gajjar, registered at Mumbai, Maharashtra, India, 400058 (“we”, “us”, “MailCull”). For privacy-related questions, contact [email protected]. For general support, contact [email protected].

When you upload a list of email addresses to be verified, you act as the data controller for the people in that list and we act as a processor on your behalf for that processing.

2. Information we collect

Account information. Username, display name, email address, password hash, account timestamps, and account role.
Validation input. Uploaded CSV content and extracted email addresses submitted through Verify List, and single-address lookups submitted through Verify Email.
Validation output. Statuses, scores, evidence flags, history entries, and exports generated from the input above.
Operational metadata. Job status, export history, session activity, IP address, user agent, and device or browser fingerprint information tied to account use.
Billing information. If you subscribe to Pro, our payment provider (Paddle) collects and stores your payment-method details, billing address, and tax-relevant information. We receive a redacted summary back from Paddle (subscription status, period end, customer reference, last four digits of the card) but never the full card number.
API metadata. If you use the public API on a Pro account, we record which key issued each request, the endpoint, the response status, and unit-consumption counters for billing and quota purposes. Idempotency-Key values you send are stored briefly to support safe retries.
Service analytics. When analytics is enabled for the deployment, we record event metadata (page views, feature interactions, jobs started, jobs completed) to understand product usage. Analytics events do not include uploaded email addresses.
Support correspondence. Anything you send us when you ask for help.

3. How we use information and our legal bases

We process the information above for the following purposes. Where the GDPR applies, the legal basis is given in brackets.

To authenticate users, keep accounts and sessions working, and let you manage them. (Contract.)
To process your uploaded lists, email checks, exports, and account history as the service you signed up for. (Contract.)
To take payments, manage subscriptions, issue receipts, and handle refunds and tax. (Contract; legal obligation for tax records.)
To enforce per-user quotas, rate limits, audit records, and abuse monitoring. (Legitimate interest in keeping the service safe and reliable.)
To send transactional messages (password resets, billing notices, security alerts). (Contract; legitimate interest.)
To improve reliability, understand product usage, and investigate operational issues. (Legitimate interest in running and improving the service.)
To comply with legal obligations and to defend legal claims. (Legal obligation; legitimate interest.)

We do not sell personal information, and we do not use the email addresses you submit for advertising or to contact the people in your lists.

4. How validation data is handled

When you upload a CSV file or run an email check, the submitted email data is processed to generate statuses, scores, explanations, history entries, and exports. Deep-scan checks may include a mailbox-level probe of the receiving server using the public SMTP protocol. We do not send marketing or test mail to the addresses you submit.

List history and single-email history remain attached to your account until you delete them. The raw uploaded CSV file is removed from disk on a short operational cycle (see retention below); the extracted results stay in your account history.

5. Sub-processors and third parties

We use a small number of third-party services to operate MailCull. Each one only sees the categories of data it needs for its function.

Paddle (Paddle.com Market Ltd. and its affiliates) — Merchant of Record for Pro subscriptions. Handles checkout, payment processing, billing, tax, and refunds. Sees your billing email, payment method, billing address, and tax-relevant information.
Hosting and database infrastructure — Hetzner Online GmbH (Germany). Runs the application and stores account data, validation history, and exports.
Email delivery — Amazon Web Services, Inc. (Amazon SES). Delivers transactional messages such as password resets and admin login codes.
Product analytics — Mixpanel, Inc. Records anonymised feature-usage events when analytics is enabled. Does not receive the email addresses you upload or check.
Web analytics — Google LLC (Google Analytics). Measures aggregate page-level traffic on public pages.

We will keep this list current as the underlying infrastructure changes. Material additions of new sub-processors that handle personal data will be reflected in this policy before they begin processing.

6. Retention

The current operational retention windows are listed below. They may change as the product evolves; material reductions will be announced before they take effect.

Uploaded CSV files on disk: removed approximately 2 days after the run completes.
Generated export files (CSV/ZIP) on disk: kept for approximately 7 days after they finish so you can re-download them.
List run records and results in your history: kept until you delete them yourself from the product.
Verify Email history rows: kept until you delete them yourself from the Verify Email page.
Sessions: extend on each visit and are capped at 90 days regardless of activity, after which a new sign-in is required.
API idempotency records: kept for approximately 24 hours so retries can be matched to the original request, then removed.
Domain intelligence cache: approximately 14 days.
Billing webhook payloads from Paddle: the row metadata is kept for accounting purposes; the raw payment payload is redacted on a fixed schedule (currently after approximately 90 days).
Account deletion: when you delete your account, sessions, list runs, results, exports, single-email history, API keys and idempotency records, and password-reset tokens are removed in cascade. Aggregate billing-transaction metadata required for accounting and tax purposes is retained as long as legally required, with the user reference set to a deleted-account marker.

7. International data transfers

MailCull infrastructure is hosted in Germany. Some of our sub-processors operate in other regions (for example, Paddle operates from the United Kingdom and the United States). Where personal data is transferred from the European Economic Area, the United Kingdom, or Switzerland to a country that has not received an adequacy decision, the transfer relies on Standard Contractual Clauses or another approved transfer mechanism.

8. Your privacy rights

Depending on where you live, you may have some or all of the following rights over the personal information we hold about you.

Access. Ask for a copy of the personal data we hold on your account.
Correction. Ask us to correct inaccurate or incomplete information.
Deletion. Ask us to delete your personal data. Most of this is available directly inside the product (account deletion, history deletion). For anything that requires our help, contact [email protected].
Portability. Ask for a machine-readable export of your account data. Verify List exports already provide the validation results in CSV.
Restriction and objection. Ask us to stop or limit certain kinds of processing, including objecting to processing based on legitimate interest.
Withdrawing consent. Where processing is based on your consent, you can withdraw it at any time without affecting the legality of earlier processing.
Complaint. If you are in the European Economic Area or the United Kingdom, you have the right to lodge a complaint with your local data-protection supervisory authority.

Residents of California, Colorado, Connecticut, Utah, Virginia, and other US states with comprehensive privacy laws have substantially similar rights, including the right to know what personal information we collect, the right to delete it, the right to correct it, and the right to opt out of any sale or sharing of personal information for cross-context behavioural advertising. We do not sell personal information.

To exercise any of these rights, email [email protected] from the address associated with your account. We respond within the time-frame required by law (usually one month under the GDPR; 45 days under the CCPA).

9. Children’s privacy

MailCull is not intended for children. You must be at least 16 years old to create an account. We do not knowingly collect personal information from anyone under that age. If you believe a child under 16 has used the service, contact [email protected] and we will delete the account.

10. Cookies and sessions

MailCull uses a small number of strictly-necessary cookies and similar local-storage entries to keep you signed in, protect against cross-site request forgery, and remember basic UI preferences. We do not use advertising cookies.

Where product or web analytics is enabled, the analytics provider may set its own cookies or device identifiers. The analytics provider list in section 5 names which providers are currently in use.

11. Security

We use account controls, write protections, quotas, encrypted transport (HTTPS), per-user rate limits, audit logging, and other technical and organisational measures to reduce misuse and unauthorised access. Passwords are stored using a salted hashing algorithm; we never see them in clear form. Sensitive logs are redacted of credentials, tokens, and signature material before they are written.

No online service can promise absolute security, so you should also protect your own credentials, use a strong password, and keep API keys private.

12. Data breach notification

If we become aware of a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within the time-frame required by applicable law (72 hours under the GDPR), and we will notify affected users without undue delay where the breach is likely to result in a high risk to them.

13. Your choices in the product

Several controls are available directly inside the product without contacting us:

Update profile details, change password, and revoke active sessions on the Account page.
Manage API keys (create, view metadata, revoke) on the Account page.
Delete an individual list run from its detail page; deleting a run removes its results, logs, and exports.
Delete an individual Verify Email check from the Verify Email history page.
Cancel your Pro subscription and delete the account once billing access has expired (see Terms of Service section 6).

14. Privacy contact

For privacy-specific requests, including data-subject rights, sub-processor questions, or anything else covered in this policy, contact [email protected].

For general support, billing, or account questions, [email protected] is the right address.

15. Policy updates

This policy may be updated over time to reflect product, infrastructure, legal, or operational changes. The effective date at the top is updated whenever the policy changes. Material changes will also be communicated to active users through the product or by email.