MailgentMailgent
Get API Key

Privacy Policy

Last updated: March 31, 2026

1. Introduction

Mailgent (“we”, “us”, “our”) operates the mailgent.dev website and the Mailgent API platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

2. Information We Collect

Account information: When you create an account, we collect your email address, name, and organization details.

Usage data: We collect information about how you interact with our API, including request logs, timestamps, and feature usage patterns.

Agent data: Email messages sent and received by your agent identities are processed through our infrastructure. Vault credentials are encrypted with AES-256-GCM and are not accessible to Mailgent staff.

Payment information: Payment processing is handled by third-party providers. We do not store credit card numbers.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process email delivery and manage agent identities
  • Send transactional communications (account verification, security alerts)
  • Monitor for abuse, fraud, and terms of service violations
  • Comply with legal obligations

4. Data Security

We implement industry-standard security measures including AES-256-GCM encryption for vault credentials, TLS for data in transit, and strict access controls. Agent identity credentials are encrypted with per-credential data encryption keys wrapped by organization-level KMS keys. TOTP seeds are stored encrypted and never returned via the API.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Email messages are retained according to your plan settings. When you delete an identity, associated emails and vault credentials are permanently removed within 30 days.

6. Third-Party Services

We use the following third-party services to operate our platform:

  • Amazon Web Services (infrastructure, email delivery via SES)
  • Stripe (payment processing)
  • Analytics providers (usage metrics)

Each third-party provider is bound by their own privacy policies and our data processing agreements.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent for non-essential data processing

To exercise these rights, contact us.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the “Last updated” date.

9. Contact

For questions about this Privacy Policy, contact us at our contact page.