Privacy Policy

1. Introduction

mailsig (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our email signature generator service.

2. Data We Collect

We collect the following types of information:

• Email address: Used for account verification, authentication, and to associate your signatures with your account.
• Signature data: The information you enter when creating email signatures (name, job title, company, contact details, etc.).
• Uploaded images: Profile photos or logos you upload for use in your signatures.
• Payment information: Processed securely through Stripe. We store only transaction references, not your full payment details.
• IP address: Used for rate limiting and security purposes.

3. How We Use Your Data

• To provide and maintain our service
• To authenticate your account via email verification
• To process payments and manage subscriptions
• To enable team collaboration features
• To prevent abuse through rate limiting and security measures
• To improve our service through anonymous analytics

4. Cookies

We use a single essential cookie (mailsig_auth_token) to maintain your authenticated session. This cookie is:

• HTTP-only (not accessible to JavaScript)
• Secure (transmitted only over HTTPS)
• Valid for 30 days
• Essential for the service to function

We do not use advertising cookies or third-party tracking cookies.

5. Analytics

We use Vercel Analytics to collect anonymous, aggregated data about how our service is used. This helps us improve performance and user experience. Vercel Analytics is privacy-focused and does not use cookies or collect personally identifiable information.

6. Data Storage and Security

Your data is stored securely using industry-standard practices. Images are stored on Vercel Blob storage. Payment processing is handled by Stripe, a PCI-compliant payment processor. We implement rate limiting and other security measures to protect against unauthorized access.

7. Third-Party Services

We use the following services:

• Stripe: For payment processing (Stripe Privacy Policy)
• Vercel: For hosting and analytics (Vercel Privacy Policy)

8. Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Request deletion of your data
• Object to or restrict processing
• Data portability
• Withdraw consent at any time

To exercise these rights, please contact us using the details in our Legal Notice.

9. Data Retention

We retain your data for as long as your account is active or as needed to provide services. You can request deletion of your account and associated data at any time.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page with an updated date.

11. Contact

For privacy-related inquiries, please see our Legal Notice for contact information.