Privacy Policy

MailShield ("MailShield", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share information when you use our email security monitoring service at app.mailshield.app and our website at mailshield.app.

MailShield is registered in the Netherlands and acts as the data controller for the personal data processed through our services.

We collect only the data necessary to provide and improve our email security monitoring service. This includes:

We use the data we collect to:

• Provide, maintain, and improve our email security monitoring service
• Monitor your domains for DNS changes and security misconfigurations
• Process and analyze DMARC and TLS-RPT reports on your behalf
• Send you alerts and notifications about your domain security status
• Respond to your support requests and communicate with you about your account
• Generate aggregated, anonymized statistics to improve the service

We do not sell your personal data. We do not use your data for advertising. We do not share your data with third parties except as necessary to provide the service (for example, our hosting and payment providers).

All data is stored on servers located in the Netherlands within the European Union. We use encryption in transit (TLS) and encryption at rest to protect your data. Access to production systems is restricted to authorized personnel using multi-factor authentication.

For more details on our security practices, please visit our Security page.

We retain your account data for as long as your account is active. DNS monitoring data and processed reports are retained according to your plan's data retention period. When you delete your account, we remove your personal data and associated domain data within 30 days, except where we are required to retain it by law.

Aggregated, anonymized data that cannot be linked back to you may be retained indefinitely for service improvement purposes.

As a data controller based in the Netherlands, MailShield complies with the General Data Protection Regulation (GDPR). You have the following rights regarding your personal data:

• Right of access — request a copy of the personal data we hold about you
• Right to rectification — request correction of inaccurate personal data
• Right to erasure — request deletion of your personal data
• Right to restriction — request that we limit how we use your data
• Right to data portability — request a machine-readable export of your data
• Right to object — object to certain processing of your personal data

To exercise any of these rights, please contact us at hello@mailshield.app. We will respond to your request within 30 days.

We use a minimal number of cookies that are strictly necessary for the operation of our service:

• Session cookies — to keep you signed in and maintain your session
• Security cookies — to protect against cross-site request forgery and other security threats
• Preference cookies — to remember your settings such as theme and timezone

We do not use third-party tracking cookies or advertising cookies. Our analytics solution is privacy-friendly and does not rely on cookies to identify users.

We use a limited number of third-party services to operate MailShield. These services are bound by data processing agreements and are GDPR-compliant:

• Hosting provider — for infrastructure and data storage (EU-based)
• Payment processor — for handling subscription payments
• Email service provider — for sending transactional emails such as alerts and account notifications

We do not transfer personal data outside the European Economic Area (EEA) unless adequate safeguards are in place.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or through a notice in our application. We encourage you to review this policy periodically.

If you have any questions about this Privacy Policy or our data practices, please contact us: