MailTag is committed to continuing to utilize industry-leading data security technology to protect your information. Last revised on May 24, 2018, effective as of May 25, 2018
  • What is the GDPR?

    What is the GDPR?

    The GDPR (General Data Protection Regulation) is a new European Union privacy law that will go into effect on May 25th, 2018.
    Established by the EU Parliament, the GDPR regulates how individuals, companies, and organizations, can obtain, use, store, and remove personal data.
    You can read all of the details of the law here.
  • What is “personal data”?

    What is “personal data”?

    Personal data, as defined by the GDPR, is any information that can be used to directly or indirectly to identify a person (such as a name, photograph, email address, or IP address).
  • What are the requirements of the GDPR?

    What are the requirements of the GDPR?

    The Data Protection Principles include the following requirements:
    • 1. Personal data must be processed in a fair, legal, and transparent way. It should only be used in a way that a person would reasonably expect.
    • 2. Personal data should only be collected to fulfill a specific purpose, and it should only be used for that purpose. Organizations must specify why they need the personal data when they collect it.
    • 3. Personal data should be held no longer than necessary to fulfill its purpose.
    • 4. People covered by the GDPR have the right to access their own personal data. They can also request a copy of their data, and request that their data be updated, deleted, restricted, or transported to another organization.
    At MailTag, we respect your privacy and utilize industry-leading security and privacy procedures that go above-and-beyond the reqirements of this new regulation.
  • MailTag’s commitment to GDPR Compliance, data privacy, and transparency.

    MailTag’s commitment to GDPR Compliance, data privacy, and transparency.

    Here is an overview how MailTag has prepared to meet (and exceed) the EU’s new requirements.
  • 1: Industry Leading Data Encryption.

    #1: Industry Leading Data Encryption.

    MailTag utilizes state-of-the-art firewall technology which uses advanced IP detection tools to warn against potential hackers/intruders who try to access secure MailTag login portals.
    Only individuals inside of our corporate office can access MailTag’s most protected information.
    In addition, only certain whitelisted IP addresses within our office can access limited sections of our database.
    And just like pre-GDPR, no one at MailTag is able to access to any of the emails contained within your inbox, or any information stored on your browser.
    MailTag never stores your email-related information.
  • 2: Data Minimization.

    #2: Data Minimization.

    MailTag is committed to minimizing the required amount of information required for our service to function properly.
    But instead of just “telling you” that we minimize your data’s collection, we’d like to take this opportunity to explain exactly why MailTag requires certain permissions, in order for our Chrome extension to function properly.
    When you add MailTag to your browser, you are asked to provide access to a series of permissions (as shown below).
    As first, this can understandably be intimidating.
    (After all, no one prefers to share access to their information).

    So, let’s take a look at each of these permissions, one-by-one, so you’re fully aware of how we’re using the access that you provide us.

    “View your email messages and settings”.
    This permission is required for your MailTag dashboard to function properly.

    Specific reason being: Our technology reads the emails you’ve tagged with MailTag, and then displays this information on your dashboard (specifically, the inbox section).
    For total clarity: No human being is able to view any of the emails in your inbox.

    “Manage drafts and send emails”.
    This permission is required for your email scheduling tool to function properly.

    Specific reason being: When you schedule an email, the content is stored in your draft’s folder. Once in your drafts folder, our technology activates a line of code which sends your scheduled email at your specified time.

    “Send email on your behalf”.
    This permission is required for two of MailTag’s functions to work properly: Your email scheduling tool, and your Pings tool.

    Specific reason being: Both of these services utilize our technology’s autonomous sending feature (which does not require you to be present, for your email to be sent).
    For example, when you schedule an email with MailTag to arrive in your recipient’s inbox at “2:05 AM”, you don’t need to be present for your email to be sent. Our service simply schedules your email to be sent (on your behalf, per your request).

    “View your contacts”
    As an email technology tool, this permission is required for our service to load your recipient’s information.

    Specific reason being: Our service needs to know where to send your email (which is only possible by knowing the recipient’s email address).
    For total clarity: No individual at MailTag has access to any of your email contacts.
  • 3: Data Consent Withdraw.

    #3: Data Consent Withdraw.

    If you’d like to have all your information deleted from MailTag’s database, simply send an email to "Delete@MailTag.io" with your request.
    Your data deletion request will processed within one business day, but may take up to additional 24 hours to reflect on your end (due to your browser’s cookies and cache).
    IMPORTANT NOTE: By sending a data deletion request, you acknowledge and understand that this action cannot be undone and that your MailTag profile will be completely erased.
  • 4: All MailTag 3rd Party Tools & Services Are GDPR Compliant.

    #4: All MailTag 3rd Party Tools & Services Are GDPR Compliant.

    Each of MailTag’s utilized vendors which deal with information that you share with us (for example, information such as your name and email) are fully vetted by our data security team to ensure GDPR compliance.
    For example: MailChimp (our newsletter tool that we use to send product announcement emails), is also fully compliant with the EU’s new law.
  • 5: Data Breach Notification Policy.

    #5: Data Breach Notification Policy.

    MailTag’s user data has never been breached, and our data security team works around the clock to keep it this way.
    However, if a breach is ever detected, we will promptly notify you within 72 hours (as required by the GDPR) with exactly the type of detected breach, the consequences of breach, and all other relevant information.
  • 6: Data Inventory Map.

    #6: Data Inventory Map.

    We’ve reviewed and identified all the areas of MailTag where we collect and process user and customer data (which basically provides insight for the type information, where it’s stored, why we need it, who we share it with, and how long we store it, and other relevant information).
  • 7: Staff Training & Awareness.

    #7: Staff Training & Awareness.

    In our efforts to go above and beyond this new EU regulation, we’ve conducted through internal training to ensure that individuals at MailTag who deal with sensitive information (such as email addresses and names), are of only the highest trained data security professionals.


If you have questions, please don’t hesitate to reach out.
Please feel free to email Help@MailTag.io