Part I – Information FakeMail collects and controls
What information FakeMail collects
We collect information about you only if we need the information for some legitimate purpose. FakeMail will
have information about you only if (a) you have provided the information yourself, (b) FakeMail has
automatically collected the information, or (c) FakeMail has obtained the information from a third party.
Below we describe the various scenarios that fall under each of those three categories and the information
collected in each one.
Information that you provide us
i. Account signup : When you sign up for an account to access one or more of our services, we ask for
information like your name, contact number, email address, company name and country to complete the account
signup process. You'll also be required to choose a unique username and a password for accessing the created
account. You may also provide us with more information such as your photo, time zone and language, but we
don’t require that information to sign up for an account. After signing up, you will have the option of
choosing a security question and an answer to the security question — if you provide these, they will be
used only while resetting your password.
ii. Event registrations and other form submissions: We record information that you submit when you (i)
register for any event, including webinars or seminars, (ii) subscribe to our newsletter or any other
mailing list, (iii) submit a form in order to download any product, whitepaper, or other materials, (iv)
participate in contests or respond to surveys, or (v) submit a form to request customer support or to
contact FakeMail for any other purpose.
iii. Payment processing : When you buy something from us, we ask you to provide your name, contact
information, and credit card information or other payment account information. When you submit your card
information, we store the name and address of the cardholder, the expiry date and the last four digits of
the credit card number. We do not store the actual credit card number. For quick processing of future
payments, if you have given us your approval, we may store your credit card information or other payment
information in an encrypted format in the secured servers of our Payment Gateway Service Providers.
iv. Testimonials : When you authorize us to post testimonials about our products and services on websites,
we may include your name and other personal information in the testimonial. You will be given an opportunity
to review and approve the testimonial before we post it. If you wish to update or delete your testimonial,
you can contact us
v. Interactions with FakeMail: We may record, analyze and use your interactions with us, including email,
telephone, and chat conversations with our sales and customer support professionals, for improving our
interactions with you and other customers.
Information that we collect automatically
i. Information from browsers, devices and servers : When you visit our websites, we collect information that
web browsers, mobile devices and servers make available, such as the internet protocol address, browser
type, language preference, time zone, referring URL, date and time of access, operating system, mobile
device manufacturer and mobile network information. We include these in our log files to understand more
about visitors to our websites.
ii. Information from first party cookies and tracking technologies : We use temporary and permanent cookies
to identify users of our services and to enhance user experience. We embed unique identifiers in our
similar technologies to identify visitors, track website navigation, gather demographic information about
visitors and users, understand email campaign effectiveness and for targeted visitor and user engagement by
tracking your activities on our websites. We only use first-party cookies and do not use third-party cookies
or other third-party tracking technologies on our websites.
iii. Information from application logs and analytics : We collect information about your use of our
products, services and mobile applications from application logs and in-house usage analytics tools, and use
it to understand how your business use and needs can improve our products. This information includes clicks,
scrolls, features accessed, access time and frequency, errors generated, performance data, storage utilized,
user settings and configurations, and devices used to access and their locations.
Information that we collect from third parties
i. Signups using federated authentication service providers : You can log in to FakeMail using supported
federated authentication service providers such as LinkedIn, Microsoft and Google. These services will
authenticate your identity and give you the option to share certain personal information with us, such as
your name and email address.
ii. Referrals : If someone has referred any of our products or services to you through any of our referral
programs, that person may have provided us your name, email address and other personal information. You may
contact us to request that we remove your information from our database. If you provide us information about
another person, or if another person gives us your information, we will only use that information for the
specific reason for which it was provided to us.
iii. Information from our reselling partners and service providers : If you contact any of our reselling
partners, or otherwise express interest in any of our products or services to them, the reselling partner
may pass your name, email address, company name and other information to FakeMail. If you register for or
attend an event that is sponsored by FakeMail, the event organizer may share your information with us.
FakeMail may also receive information about you from review sites if you comment on any review of our
products and services, and from other third-party service providers that we engage for marketing our
products and services.
iv. Information from social media sites and other publicly available sources : When you interact or engage
with us on social media sites such as Facebook, Twitter, Google+ and Instagram through posts, comments,
questions and other interactions, we may collect such publicly available information, including profile
information, to allow us to connect with you, improve our products, or better understand user reactions and
issues. We must tell you that once collected, this information may remain with us even if you delete it from
the social media sites. FakeMail may also add and update information about you, from other publicly
Purposes for using information
In addition to the purposes mentioned above, we may use your information for the following purposes:
To communicate with you (such as through email) about products that you have downloaded and services that
To keep you posted on new products and services, upcoming events, offers, promotions and other information
that we think will be of interest to you;
To ask you to participate in surveys, or to solicit feedback on our products and services;
To set up and maintain your account, and to do all other things required for providing our services, such as
enabling collaboration, providing website and mail hosting, and backing up and restoring your data;
To understand how users use our products and services, to monitor and prevent problems, and to improve our
products and services;
To provide customer support, and to analyze and improve our interactions with customers;
To detect and prevent fraudulent transactions and other illegal activities, to report spam, and to protect
the rights and interests of FakeMail, FakeMail’s users, third parties and the public;
To update, expand and analyze our records, identify new customers, and provide products and services that
may be of interest to you;
To analyze trends, administer our websites, and track visitor navigations on our websites to understand what
visitors are looking for and to better help them;
To monitor and improve marketing campaigns and make suggestions relevant to the user.
Legal bases for collecting and using information
Legal processing bases applicable to FakeMail: If you are an individual from the European Economic Area
(EEA), our legal basis for information collection and use depends on the personal information concerned and
the context in which we collect it. Most of our information collection and processing activities are
typically based on (i) contractual necessity, (ii) one or more legitimate interests of FakeMail or a third
party that are not overridden by your data protection interests, or (iii) your consent. Sometimes, we may be
legally required to collect your information, or may need your personal information to protect your vital
interests or those of another person.
Withdrawal of consent : Where we rely on your consent as the legal basis, you have the right to withdraw
your consent at any time, but this will not affect any processing that has already taken place.
Legitimate interests notice : Where we rely on legitimate interests as the legal basis and those legitimate
interests are not specified above, we will clearly explain to you what those legitimate interests are at the
time that we collect your information.
Your choice in information use
Opt out of non-essential electronic communications : You may opt out of receiving newsletters and other
non-essential messages by using the ‘unsubscribe’ function included in all such messages. However, you will
continue to receive notices and essential transactional emails.
Disable cookies : You can disable browser cookies before visiting our websites. However, if you do so, you
may not be able to use certain features of the websites properly.
Optional information : You can choose not to provide optional profile information such as your photo. You
can also delete or change your optional profile information. You can always choose not to fill in
non-mandatory fields when you submit any form linked to our websites.
Who we share your information with
All FakeMail group entities have access to the information covered in Part I. We do not sell any personal
with parties who adopt appropriate confidentiality and security measures.
Employees and independent contractors : Employees and independent contractors of all FakeMail group
entities have access to the information covered in Part I on a need-to-know basis. We require all employees
information that we share with them.
Third-party service providers : We may need to share your personal information and aggregated or
de-identified information with third-party service providers that we engage, such as marketing and
advertising partners, event organizers, web analytics providers and payment processors. These service
providers are authorized to use your personal information only as necessary to provide these services to us.
Domain registrars : When you register a domain through FakeMail from domain name registrars, we share your
name and contact information such as your physical address, email address and phone number with them as per
the ICANN domain registration rules.
Reselling partners : We may share your personal information with our authorized reselling partners in your
region, solely for the purpose of contacting you about products that you have downloaded or services that
you have signed up for. We will give you an option to opt out of continuing to work with that partner.
Marketplace application developers : When you install or purchase any application developed using FakeMail
's APIs that is posted on FakeMail’s online marketplace, your name and email address will be shared with
the developer of the application, so they may engage with you directly as the provider of that application
or service. FakeMail does not control the use of your personal information by the developers, which will be
based on their own privacy policies.
Other cases : Other scenarios in which we may share the same information covered under Parts I and II are
described in Part III.
Your rights with respect to information we hold about you as a controller
If you are in the European Economic Area (EEA), you have the following rights with respect to information
that FakeMail holds about you. FakeMail undertakes to provide you the same rights no matter where you
choose to live.
Right to access : You have the right to access (and obtain a copy of, if required) the categories of
personal information that we hold about you, including the information's source, purpose and period of
processing, and the persons to whom the information is shared
Right to rectification : You have the right to update the information we hold about you or to rectify any
inaccuracies. Based on the purpose for which we use your information, you can instruct us to add
supplemental information about you in our database.
Right to erasure : You have the right to request that we delete your personal information in certain
circumstances, such as when it is no longer necessary for the purpose for which it was originally collected.
Right to restriction of processing : You may also have the right to request to restrict the use of your
information in certain circumstances, such as when you have objected to our use of your data but we need to
verify whether we have overriding legitimate grounds to use it.
Right to data portability : You have the right to transfer your information to a third party in a
structured, commonly used and machine-readable format, in circumstances where the information is processed
with your consent or by automated means.
Right to object : You have the right to object to the use of your information in certain circumstances, such
as the use of your personal information for direct marketing.
Right to complain : You have the right to complain to the appropriate supervisory authority if you have any
grievance against the way we collect, use or share your information. This right may not be available to you
if there is no supervisory authority dealing with data protection in your country.
Retention of information
We retain your personal information for as long as it is required for the purposes stated in this Privacy
Policy. Sometimes, we may retain your information for longer periods as permitted or required by law, such
as to maintain suppression lists, prevent abuse, if required in connection with a legal claim or proceeding,
to enforce our agreements, for tax, accounting, or to comply with other legal obligations. When we no longer
have a legitimate need to process your information, we will delete or anonymize your information from our
active databases. We will also securely store the information and isolate it from further processing on
backup discs until deletion is possible.
Part II – Information that FakeMail processes on your behalf
Information entrusted to FakeMail and purpose
Information provided in connection with services : You may entrust information that you or your organization
(“you”) control, to FakeMail in connection with use of our services or for requesting technical support for
our products. This includes information regarding your customers and your employees (if you are a
controller) or data that you hold and use on behalf of another person for a specific purpose, such as a
customer to whom you provide services (if you are a processor). The data may either be stored on our servers
when you use our services, or transferred or shared to us as part of a request for technical support or
Information from mobile devices : When you elect to allow it, some of our mobile applications have access to
the camera, call history, contact information, photo library, and other information stored on your mobile
device. Our applications require such access to provide their services. Similarly, when you elect to provide
access, location-based information is also collected for purposes including, but not limited to, locating
nearby contacts or setting location-based reminders. This information will be exclusively shared with our
mapping providers and will be used only for mapping user locations. You may disable the mobile applications'
access to this information at any time by editing the settings on your mobile device. The data stored on
your mobile device and their location information to which the mobile applications have access will be used
in the context of the mobile application, and transferred to and associated with your account in the
corresponding services (in which case the data will be stored on our servers) or products (in which case the
data will remain with you unless you share it with us).
(All the information entrusted to FakeMail is collectively termed “service data”)
Ownership and control of your service data
We recognize that you own your service data. We provide you complete control of your service data by
providing you the ability to (i) access your service data, (ii) share your service data through supported
third-party integrations, and (iii) request export or deletion of your service data.
How we use service data
We process your service data when you provide us instructions through the various modules of our services.
For example, when you generate an invoice, information such as the name and address of your customer will be
used to generate the invoice; and when you use our campaign management service for email marketing, the
email addresses of the persons on your mailing list will be used for sending the emails.
If you have enabled notification on our desktop and mobile applications, we will push notifications through
a push notification provider such as Apple Push Notification Service, Google Cloud Messaging or Windows Push
Notification Services. You can manage your push notification preferences or deactivate these notifications
by turning off notifications in the application or device settings.
Who we share service data with
FakeMail group and third party sub-processors : In order to provide services and technical support for our
products, the contracting entity within the FakeMail group engages other group entities and third parties .
Employees and independent contractors : We may provide access to your service data to our employees and
individuals who are independent contractors of the FakeMail group entities involved in providing the
services (collectively our “employees”) so that they can (i) identify, analyze and resolve errors, (ii)
manually verify emails reported as spam to improve spam detection, or (iii) manually verify scanned images
that you submit to us to verify the accuracy of optical character recognition. We ensure that access by our
employees to your service data is restricted to specific individuals, and is logged and audited. Our
employees will also have access to data that you knowingly share with us for technical support or to import
data into our products or services. We communicate our privacy and security guidelines to our employees and
strictly enforce privacy safeguards within FakeMail.
Collaborators and other users : Some of our products or services allow you to collaborate with other users
or third parties. Initiating collaboration may enable other collaborators to view some or all of your
profile information. For example, when you edit a document that you have shared with other persons for
collaboration, your name and profile picture will be displayed next to your edits to allow your
collaborators to know that you made those edits.
Third-party integrations you have enabled : Most of our products and services support integrations with
third-party products and services. If you choose to enable any third-party integrations, you may be allowing
the third party to access your service information and personal information about you. We encourage you to
review the privacy practices of the third-party services and products before you enable integrations with
Other cases : Other scenarios in which we may share information that are common to information covered under
Parts I and II are described in Part III.
Retention of information
We hold the data in your account as long as you choose to use FakeMail Services. Once you terminate your
FakeMail user account, your data will eventually get deleted from active database during the next clean-up
that occurs once in 6 months. The data deleted from active database will be deleted from backups after 3
Data subject requests
If you are from the European Economic Area and you believe that we store, use or process your information on
behalf of one of our customers, please contact the customer if you would like to access, rectify, erase,
restrict or object to processing, or export your personal data. We will extend our support to our customer
in responding to your request within a reasonable timeframe.
Part III – General
Children’s personal information
Our products and services are not directed to individuals under 16. FakeMail does not knowingly collect
personal information from children who are under 16 years of age. If we become aware that a child under 16
has provided us with personal information, we will take steps to delete such information. If you believe
that a child under 16 years has provided personal information to us, please write to us, and we will take
the necessary steps to delete the information we hold about that child.
How secure is your information
At FakeMail, we take data security very seriously. That's why we have gotten certified for industry
standards such as ISO27001:2013 and SOC 2 Type II. We have taken steps to implement appropriate
administrative, technical and physical safeguards to prevent unauthorized access, use, modification,
disclosure or destruction of the information you entrust to us. If you have any concerns regarding the
security of your data, we encourage you to check our Security Policy or write to us.
Locations and international transfers
We share your personal information and service data within the FakeMail Group. By accessing or using our
products and services or otherwise providing personal information or service data to us, you consent to the
processing, transfer, and storage of your personal information or Service Data within the United States of
America, the European Economic Area (EEA) and other countries where FakeMail operates. Such transfer is
subject to a group company agreement that is based on EU Commission’s Model Contractual Clauses.
Data processing addendum
To enable you to be compliant with the data protection obligations under the General Data Protection
Regulation, we are prepared to sign a Data Processing Addendum (DPA) that is based on Standard Contractual
Clauses. You can request a DPA from FakeMail by completing this form . Once we get your request, we'll
forward the DPA to you for your signature.
Do Not Track (DNT) requests
Some internet browsers have enabled 'Do Not Track' (DNT) features, which send out a signal (called the DNT
signal) to the websites that you visit indicating that you don't wish to be tracked. Currently, there is no
standard that governs what websites can or should do when they receive these signals. For now, we do not
take action in response to these signals.
External links on our websites
submit your personal information to any of these third-party sites, your personal information is governed by
their privacy policies. As a safety measure, we recommend that you not share any personal information with
these third parties unless you've checked their privacy policies and assured yourself of their privacy
Blogs and forums
We offer publicly accessible blogs and forums on our websites. Please be aware that any information you
provide on these blogs and forums may be used to contact you with unsolicited messages. We urge you to be
cautious in disclosing personal information in our blogs and forums. FakeMail is not responsible for the
personal information you elect to disclose publicly. Your posts and certain profile information may remain
even after you terminate your account with FakeMail. To request the removal of your information from our
blogs and forums, contact us.
Social media widgets
Our websites include social media widgets such as Facebook "like" buttons and Twitter "tweet" buttons that
let you share articles and other information. These widgets may collect information such as your IP address
and the pages you navigate in the website, and may set a cookie to enable the widgets to function properly.
Your interactions with these widgets are governed by the privacy policies of the companies providing them.
Disclosures in compliance with legal obligations
We may be required by law to preserve or disclose your personal information and service data to comply with
any applicable law, regulation, legal process or governmental request, including to meet national security
Enforcement of our rights
We may disclose personal information and service data to a third party if we believe that such disclosure is
necessary for preventing fraud, investigating any suspected illegal activity, enforcing our agreements or
policies, or protecting the safety of our users.
We do not intend to sell our business. However, in the unlikely event that we sell our business or get
acquired or merged, we will ensure that the acquiring entity is legally bound to honor our commitments to
you. We will notify you via email or through a prominent notice on our website of any change in ownership or
in the uses of your personal information and service data. We will also notify you about any choices you may
have regarding your personal information and service data.
We make every effort, including periodic reviews, to ensure that personal information you provide is used in
the manner in which your personal information is used, kindly write to us. We'll contact you, and if
required, coordinate with the appropriate regulatory authorities to effectively address your concerns.
Notification of changes
affect your rights, you will be provided with at least 30 days' advance notice of the changes by email to
your use of our products or services, you may terminate your use by sending us an email within 30 days. Your