Privacy Policy

Last updated: 2026-06-01

1. Introduction

Spamless.dev ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and disclose information when you use our email spam filtering and security platform. By using our Service, you consent to the practices described in this policy.

2. Information We Collect

2.1 Email Data

To provide our filtering and security services, we process incoming email messages that flow through our platform. This includes email headers (sender, recipient, subject, date), message body content, attachments, and metadata. This data is processed in real time to detect spam, phishing, malware, and other threats. We retain email content only as necessary for quarantine, analysis, and audit purposes.

2.2 Account and Contact Information

When you create an account or contact us, we collect your name, email address, company name, and other information you provide. We use this to authenticate you, manage your account, provide support, and communicate about the Service.

2.3 Usage and Log Data

We collect information about how you use our Service, including API requests, admin panel activity, IP addresses, browser type, device information, and timestamps. We use this to improve our Service, detect abuse, and troubleshoot issues.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain our email filtering and security services
  • Detect and block spam, phishing, malware, and other email threats
  • Manage quarantine, release requests, and feedback for false positives
  • Authenticate users and enforce access control
  • Improve our detection algorithms and service performance
  • Send administrative notices, security alerts, and support communications
  • Comply with legal obligations and enforce our Terms and Conditions

4. Data Retention

We retain email data according to our retention policies and your plan settings. Quarantined messages are typically stored for a configurable period (e.g., 7–30 days) unless released or deleted earlier. Traffic logs, delivery logs, and audit logs may be retained for longer for security and compliance purposes. Account and contact information is retained while your account is active and for a reasonable period thereafter to comply with legal obligations.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share data only in the following circumstances:

  • Service providers: trusted third-party providers (e.g., cloud infrastructure, email delivery) who process data on our behalf under strict contractual obligations.
  • Legal requirements: where required by law, court order, or government request, or to protect our rights, property, or safety.
  • Business transfers: in the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

6. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest, access controls, and regular security assessments. Our infrastructure is hosted on secure cloud environments. Despite our efforts, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. International Data Transfers

Your data may be processed in data centers located outside your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or other mechanisms approved by relevant data protection authorities.

8. Your Rights

Depending on your jurisdiction, you may have the right to access, rectify, erase, restrict, or port your personal data, object to processing, and withdraw consent. To exercise these rights, please contact us at privacy@spamless.dev. You also have the right to lodge a complaint with your local data protection authority.

9. Cookies and Tracking

We use essential cookies and similar technologies to enable authentication, session management, and security. We may use analytics cookies to understand how our website is used. You can control cookie preferences through your browser settings; however, disabling certain cookies may affect the functionality of our Service.

10. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us and we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

For questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@spamless.dev
Data Protection: dpo@spamless.dev