MailCue LogoMailCue

GDPR Compliance

At Mailcue.ai ("Mailcue," "we," "our," or "us"), we are committed to protecting the privacy and rights of our users in compliance with the General Data Protection Regulation (GDPR). This page outlines how we collect, process, and safeguard personal data of users in the European Union (EU) and European Economic Area (EEA).

By using Mailcue, you acknowledge and agree to the practices described in this GDPR Compliance Statement, in addition to our Privacy Policy andTerms of Service.

1. Legal Basis for Processing Data

Under GDPR, we only process personal data when we have a valid legal basis to do so, including:

  • Consent: You explicitly consent when connecting your Gmail account and granting permissions.
  • Contractual necessity: Processing is required to provide our email automation service.
  • Legal obligation: Compliance with applicable legal and regulatory requirements.
  • Legitimate interests: To improve services, ensure security, and prevent misuse.

2. Your Data Protection Rights

As an EU/EEA resident, you have the following rights under GDPR:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request corrections to inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data.
  • Right to Restrict Processing: Limit how we process your data in certain circumstances.
  • Right to Data Portability: Request a structured, machine-readable copy of your data.
  • Right to Object: Object to processing based on legitimate interests or direct marketing.
  • Right to Withdraw Consent: Withdraw your Gmail API or other consents at any time through your Mailcue dashboard or Google account settings.

To exercise any of these rights, please contact us atcontact@mailcue.ai.

3. Data Retention

  • Gmail message content is never stored.
  • Metadata (such as message IDs and categories) is stored only as long as necessary to provide the service.
  • Account and subscription data is retained while your account is active. If you delete your account, all data is permanently removed from our systems.

4. Data Transfers Outside the EU

Mailcue operates globally, and your data may be processed outside the EU/EEA, including in the United States. When transferring data internationally, we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) or other legally recognized mechanisms to protect your information.

5. Security Measures

We implement industry-standard measures to protect your personal data, including:

  • Encryption in transit (HTTPS) and at rest.
  • Secure database storage in our self-hosted environment.
  • Strict access controls and monitoring.

6. Third-Party Services

We may share limited data with trusted third parties only when necessary:

  • Google (OAuth & Gmail API) for authentication and Gmail access.
  • Stripe for secure subscription and payment processing.
  • Google Analytics for website usage insights.

These providers comply with GDPR and process your data only as instructed by us.

7. Complaints

If you believe your GDPR rights have been violated, you have the right to lodge a complaint with your local Data Protection Authority (DPA). We encourage you to contact us first at contact@mailcue.ai, and we will make every effort to resolve your concerns promptly.

8. Updates to This Statement

We may update this GDPR Compliance page from time to time to reflect regulatory changes or improvements in our practices. Updates will be posted on this page, and we may notify you via email or in-app.

Contact Information

Mailcue.ai
Email: contact@mailcue.ai