Privacy Policy

Last updated: December 30, 2024

Our Commitment to Your Privacy

Privacy First: Mail-Rulez is designed with your privacy as the top priority. We believe your email data belongs to you, and we've built our service to ensure you maintain complete control over your information.

This Privacy Policy explains how Real Project Management Solutions ("we," "our," or "us") collects, uses, and protects your information when you use Mail-Rulez, whether through our hosted service or self-hosted deployment.

What Information We Collect

For Hosted Service Users

  • Account Information: Email address, name, and billing information for subscription management
  • Email Credentials: IMAP server details and authentication information (encrypted and stored securely)
  • Configuration Data: Email rules, lists (whitelist, blacklist, vendor), and processing preferences
  • Usage Analytics: Processing statistics, performance metrics, and system health data (no email content)
  • Support Communications: Messages exchanged through our support channels

For Self-Hosted Users

  • No Data Collection: We do not collect, access, or store any of your data when you use the self-hosted version
  • Optional Analytics: You may choose to share anonymous usage statistics to help improve the software
  • Support Requests: Only information you voluntarily provide when contacting support

How We Handle Your Email Data

Critical Principle: We process your emails to provide the service, but we never read, analyze, or use your email content for any other purpose.

Hosted Service

  • Processing Only: Emails are processed according to your rules and immediately organized into your specified folders
  • No Content Analysis: We do not read, scan, or analyze the content of your emails for advertising, profiling, or any other purpose
  • Encrypted Storage: Email credentials and configuration data are encrypted at rest using AES-256 encryption
  • Isolated Processing: Each customer's data is processed in isolated environments with no cross-contamination
  • No Email Storage: We do not store copies of your emails on our servers; processing happens in real-time

Self-Hosted Deployment

  • Complete Control: All email processing happens on your infrastructure
  • No External Access: Your email data never leaves your controlled environment
  • Local Storage: All configuration and logs are stored locally on your system

How We Use Your Information

Service Provision

  • Process emails according to your configured rules and preferences
  • Maintain and optimize the performance of the Mail-Rulez service
  • Provide customer support and technical assistance
  • Send service-related notifications (system updates, maintenance, billing)

Service Improvement

  • Analyze anonymous usage patterns to improve software performance
  • Identify and fix bugs or technical issues
  • Develop new features based on aggregated user needs

Legal and Business Requirements

  • Comply with applicable laws and regulations
  • Protect our rights and prevent misuse of the service
  • Process billing and subscription management

Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Limited Disclosure

We may share your information only in these specific circumstances:

  • Service Providers: Trusted third-party services that help us operate (hosting, payment processing, customer support) under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, or government request
  • Security Protection: To protect our rights, safety, or the security of our users
  • Business Transfer: In the event of a merger, acquisition, or sale of assets (with 30-day advance notice)

Third-Party Services

  • Payment Processing: Stripe (for secure payment handling)
  • Infrastructure: Cloud hosting providers with SOC 2 compliance
  • Communication: Email service providers for service notifications

Data Security Measures

Technical Safeguards

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Strict access controls and multi-factor authentication for our systems
  • Network Security: Firewalls, intrusion detection, and network monitoring
  • Regular Audits: Security assessments and vulnerability testing
  • Backup Security: Encrypted backups with restricted access

Operational Security

  • Staff Training: Regular security and privacy training for all team members
  • Incident Response: Established procedures for security incident handling
  • Data Minimization: We collect and retain only the data necessary for service operation
  • Regular Updates: Continuous security updates and monitoring

Data Retention and Deletion

Retention Periods

  • Account Data: Retained while your account is active and for 90 days after cancellation
  • Configuration Data: Retained for 30 days after account deletion for potential recovery
  • Billing Records: Retained for 7 years as required by law
  • Support Communications: Retained for 2 years for service improvement
  • Analytics Data: Anonymous usage data retained for 1 year

Data Deletion

  • Account Deletion: You can delete your account at any time through the web interface
  • Secure Deletion: Data is securely wiped from our systems using DoD 5220.22-M standards
  • Backup Deletion: Data is removed from backups within 90 days of deletion request

Your Privacy Rights

Access and Control

  • Data Access: View and download all your personal data through your account dashboard
  • Data Correction: Update or correct your personal information at any time
  • Data Portability: Export your configuration, rules, and lists in standard formats
  • Account Deletion: Delete your account and all associated data
  • Processing Restrictions: Limit how we process your data

Communication Preferences

  • Email Notifications: Control which service emails you receive
  • Marketing Communications: Opt out of promotional emails (we send very few)
  • Support Channels: Choose your preferred method of support communication

International Data Transfers

Mail-Rulez is operated from the United States. If you are accessing our service from outside the US:

  • Data Transfer: Your information may be transferred to and processed in the United States
  • Legal Protections: We implement appropriate safeguards to protect your data
  • GDPR Compliance: We comply with GDPR requirements for EU users
  • Self-Hosting Option: Use our self-hosted version to keep data in your jurisdiction

Children's Privacy

Mail-Rulez is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately.

Changes to This Privacy Policy

  • Updates: We may update this Privacy Policy to reflect changes in our practices or applicable laws
  • Notification: Material changes will be communicated via email and website notice at least 30 days in advance
  • Continued Use: Your continued use of the service after changes take effect constitutes acceptance
  • Version History: Previous versions are available upon request

Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Privacy Inquiries

Email: [email protected]
Response Time: Within 48 hours

General Support

Email: [email protected]
GitHub: Report Issues

Mailing Address

Real Project Management Solutions
Privacy Officer
[Address to be added]
United States