🔒 Privacy Policy

VitalInbox - Professional Email Marketing Services

1. Introduction

VitalInbox is committed to protecting the privacy and personal information of our customers. This privacy policy explains how we collect, use, store, and protect your information when you use our professional email marketing services.

2. Information We Collect

2.1 Account Information

  • Full name and contact details
  • Email address and phone number
  • Company information and business address
  • Payment information and billing details

2.2 Email Marketing Data

  • Customer email subscriber lists
  • Email campaign content and templates
  • Analytics and statistics (open rates, click rates, bounce rates)
  • Email delivery logs and performance reports

2.3 Technical Information

  • IP addresses and browser information
  • Cookies and session data
  • Usage patterns and platform analytics
  • Device and system information

3. How We Use Your Information

  • Service Provision: Processing and sending email campaigns as requested
  • Analytics & Reporting: Providing detailed statistics on campaign performance
  • Customer Support: Resolving queries and providing 24/7 technical support
  • Security: Preventing spam, fraud, and unauthorized activities
  • Service Improvement: Developing new features and optimizing performance
  • Compliance: Meeting legal and regulatory requirements

🛡️ Security Commitment

We implement end-to-end encryption, SPF, DKIM, and DMARC authentication to ensure the highest level of security for your data. All information is stored on secure servers with 99.9% uptime guarantee and enterprise-grade protection.

4. Information Sharing

VitalInbox does not sell, rent, or share customer personal information with third parties, except in the following circumstances:

  • With explicit customer consent
  • As required by law or legal process
  • With technical partners necessary for service delivery (under strict confidentiality agreements)
  • To protect the rights and safety of VitalInbox and its users
  • In connection with business transfers or acquisitions

5. Data Security

5.1 Technical Measures

  • SSL/TLS encryption for all data transmission
  • Advanced firewall and intrusion detection systems
  • Regular security audits and vulnerability assessments
  • Automated backups and disaster recovery plans
  • Multi-factor authentication and access controls

5.2 Administrative Measures

  • Role-based access control and authentication
  • Employee training on data protection protocols
  • Compliance with GDPR, CCPA, and international security standards
  • Regular security training and awareness programs

6. Your Rights

As a customer, you have the right to:

  • Access: View personal information we have stored
  • Rectification: Update or correct your personal information
  • Erasure: Request deletion of your account and related data
  • Data Portability: Export your data in a structured format
  • Opt-out: Unsubscribe from marketing communications
  • Restriction: Limit how we process your information
  • Objection: Object to certain types of processing

7. Cookies and Tracking

We use cookies and similar technologies to:

  • Maintain login sessions and user preferences
  • Remember settings and customizations
  • Analyze traffic patterns and usage statistics
  • Improve user experience and platform performance
  • Provide personalized content and recommendations

You can disable cookies through your browser settings, though some features may be affected. We also provide cookie preference controls in your account settings.

8. Data Retention

Customer data is retained:

  • For the duration of active service usage
  • Up to 90 days after account termination (unless legally required)
  • Backup data is stored for a maximum of 1 year
  • Analytics data is anonymized after 2 years
  • Financial records are kept for 7 years as required by law

9. International Transfers

Your data may be transferred to and processed in countries other than your own. We ensure adequate protection through:

  • Standard contractual clauses approved by regulatory authorities
  • Adequacy decisions from relevant data protection authorities
  • Binding corporate rules and certification schemes
  • Explicit consent where required

10. Legal Compliance

VitalInbox complies with:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • CAN-SPAM Act and email marketing regulations
  • SOC 2 Type II compliance standards
  • ISO 27001 information security management
  • Local data protection laws in operating jurisdictions

11. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

12. Policy Updates

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. Material changes will be communicated via:

  • Email notification to registered users
  • Prominent notice on our website
  • In-platform notifications

Continued use of our services after policy changes constitutes acceptance of the updated terms.

13. Data Breach Response

In the event of a data breach, we will:

  • Investigate and contain the breach within 24 hours
  • Notify relevant authorities within 72 hours where required
  • Inform affected customers promptly with details and remediation steps
  • Provide ongoing updates throughout the resolution process

📞 Contact Us

If you have any questions about this privacy policy or our data practices, please contact us:

Privacy Officer: privacy@vitalinbox.com

General Support: support@vitalinbox.com

Data Protection Officer: dpo@vitalinbox.com

24/7 Technical Support: Available through your account dashboard

Mailing Address: VitalInbox Privacy Office, [admin@vitalinbox.com]

This policy is effective as of July 14, 2025

Last updated: July 14, 2025