Privacy Policy
Last updated: March 14, 2026
1. Data We Collect
Account data
Email address, name, billing information, and authentication credentials (hashed). This is collected when you sign up and is necessary to provide the Service.
Email data
Sender address, recipient address, subject line, and message content are processed to deliver emails. Message content is not stored after delivery confirmation. Metadata (timestamps, delivery status, open/click events) is retained per your plan's analytics retention period.
Usage data
API request logs, delivery metrics, and dashboard interactions. Used to provide analytics and improve the Service.
2. How We Use Your Data
- To deliver emails on your behalf
- To provide analytics and delivery insights
- To process billing and prevent fraud
- To send you service-related notifications
- To improve the reliability and performance of the Service
3. Data Storage and Location
All data is processed and stored within the European Union. Our SMTP servers are hosted in Falkenstein, Germany (Hetzner). Our API runs on Cloudflare's global edge network with data stored in Neon Postgres (EU region).
4. Data Sharing
We do not sell, rent, or trade your personal data. We share data only with infrastructure providers necessary to deliver the Service (Cloudflare, Hetzner, Neon, Polar for billing). All providers are GDPR-compliant.
5. Your Rights
Under GDPR, you have the right to access, rectify, delete, or export your data. You may also object to processing or request restriction. Contact privacy@one-email.com to exercise these rights.
6. Cookies
We use essential cookies for authentication (httpOnly session cookies). We do not use tracking cookies, advertising cookies, or third-party analytics on the marketing site or dashboard.
7. Data Retention
Account data is retained while your account is active and for 30 days after deletion. Email metadata is retained per your plan's analytics retention period (7 days to 1 year). Email content is not retained after delivery.