MailFabric

Privacy Policy

Last updated: February 1, 2026

TruSpec Virtual Solutions, LLC ("we", "us", or "our") operates the MailFabric transactional email platform. This Privacy Policy describes how we collect, use, store, and protect your information when you use our Service. We are committed to protecting your privacy and handling your data transparently.

1. Information We Collect

We collect information necessary to provide and improve the MailFabric service:

Account Data

When you create an account, we collect your name, email address, organization name, and billing information. Authentication is managed through our identity provider (Clerk) and payment processing through Stripe.

Email Metadata

When you send emails through MailFabric, we process and store metadata including sender address, recipient address, subject lines, timestamps, delivery status, and event tracking data. Email body content is processed for delivery and retained according to your plan's retention period.

Usage Data

We collect information about how you interact with the Service, including API call logs, dashboard usage patterns, feature usage, and performance metrics. This data helps us maintain and improve the Service.

API Logs

API requests are logged with request metadata (endpoint, method, response code, timing) for debugging and security purposes. API key values are never stored in logs — only hashed identifiers are recorded.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the MailFabric service
  • Process and deliver your transactional emails via AWS SES
  • Generate analytics, delivery reports, and usage dashboards
  • Process billing and manage your subscription
  • Send you service notifications, security alerts, and billing updates
  • Detect and prevent fraud, abuse, and security threats
  • Provide customer support and respond to your requests
  • Comply with legal obligations and enforce our Terms of Service
  • Improve our infrastructure, reliability, and deliverability

3. Data Retention

We retain your data for as long as necessary to provide the Service and fulfill the purposes described in this policy:

  • Email event logs: Retained according to your plan (7 days for Free/Starter, 30 days for Pro+).
  • API request logs: Retained for 30 days for debugging and security purposes.
  • Account data: Retained for the duration of your account plus 30 days after deletion.
  • Billing records: Retained as required by applicable tax and financial regulations.
  • Suppression lists: Bounce and complaint data retained indefinitely to protect deliverability.

You can request deletion of your data at any time through the dashboard Settings page or by contacting us.

4. Third-Party Services

We use the following third-party services to operate MailFabric:

  • Stripe: Payment processing. Stripe's privacy policy governs how your payment information is handled.
  • Amazon Web Services (AWS): Cloud infrastructure and email delivery via SES. Data is processed in AWS data centers.
  • Clerk: Authentication and user management. Clerk's privacy policy governs how your identity data is handled.
  • Sentry: Error tracking and performance monitoring. No PII is intentionally sent to Sentry.
  • Vercel: Frontend hosting and deployment. Vercel's privacy policy applies to hosting-related data processing.

5. Data Security

We implement industry-standard security measures to protect your data:

  • All data is encrypted in transit using TLS 1.2 or higher
  • Data at rest is encrypted using AES-256 encryption
  • API keys are hashed using SHA-256 — we never store plaintext keys
  • Access to production systems is restricted and audited
  • Regular security reviews and dependency updates
  • Environment isolation prevents data leakage between dev and production
  • Webhook payloads are signed with HMAC for verification

While we take security seriously, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but are committed to protecting your data using commercially reasonable measures.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right of Rectification: You can request correction of inaccurate personal data.
  • Right of Deletion: You can request deletion of your personal data (GDPR Article 17).
  • Right of Portability: You can request your data in a structured, machine-readable format (GDPR Article 20).
  • Right to Object: You can object to processing of your personal data for certain purposes.
  • Right to Restrict Processing: You can request that we limit how we use your data.
  • Right to Opt-Out: California residents can opt out of the sale of personal information (we do not sell personal data).

To exercise any of these rights, use the Privacy & Data section in your dashboard Settings, or contact us at privacy@mailfabric.io. We will respond to your request within 30 days.

7. Cookies and Tracking

MailFabric uses cookies and similar technologies:

  • Essential Cookies: Required for authentication, security, and basic functionality. These cannot be disabled.
  • Functional Cookies: Enable enhanced features like dashboard preferences and language settings.
  • Analytics Cookies: Help us understand how you use our Service to improve it. These can be disabled through the cookie consent banner.

You can manage your cookie preferences at any time through the cookie consent banner or your dashboard settings.

8. Children's Privacy

MailFabric is not intended for use by children under 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us at privacy@mailfabric.io.

9. International Data Transfers

MailFabric processes data primarily in the United States through AWS infrastructure. If you are located outside the United States, your data will be transferred to and processed in the United States. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable data protection laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service dashboard at least 30 days before they take effect. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at privacy@mailfabric.io.

TruSpec Virtual Solutions, LLC
Operating as MailFabric
Email: privacy@mailfabric.io

MailFabric
© Copyright 2026 TruSpec Virtual Solutions, LLC. All rights reserved.