Secure Send
Legal

Privacy policy.

Last updated: January 2026

1. Introduction

SecureSend ("we", "us") attaches great importance to the protection of your personal data. This policy describes how we collect, use, store and protect your data when you use our secure email service.

Our service is designed for professionals and fully complies with the General Data Protection Regulation (GDPR).

2. What data we collect

We collect the following categories of personal data:

  • Account data — name, email, company name, billing information.
  • Communication data — recipient email addresses and phone numbers (for SMS verification).
  • Usage data — login data, sent message metadata, access logs.

3. How we use your data

  • Providing our secure email service
  • Sending SMS verification codes to recipients
  • Billing and administration
  • Customer service and technical support
  • Improving our services
  • Compliance with legal obligations

4. Legal basis

We process your personal data based on the following grounds under the GDPR:

  • Performance of contract (Art. 6(1)(b)) — providing our services.
  • Legitimate interest (Art. 6(1)(f)) — improving services and security.
  • Legal obligation (Art. 6(1)(c)) — tax and administrative obligations.

5. Data sharing

We only share your personal data with third parties when necessary:

  • SMS provider — for sending verification codes (phone number only).
  • Hosting provider — EU-based servers for data storage.
  • Payment provider — for processing payments.

We never sell your data. All processors we work with have signed a data processing agreement.

6. Security

We take security seriously and have implemented appropriate technical and organisational measures:

  • End-to-end encryption — all messages are stored encrypted.
  • EU servers — data stays within the European Union.
  • SMS verification — two-factor authentication for recipients.
  • Automatic deletion — messages are automatically deleted.

7. Retention

  • Secure messages — automatically deleted after the set expiration date.
  • Account data — up to 1 year after subscription termination.
  • Billing data — 7 years (legal retention requirement).
  • Access logs — maximum 6 months.

8. Your rights

Under the GDPR, you have the following rights:

  • Right of access — request which data we process about you.
  • Right to rectification — have incorrect data corrected.
  • Right to erasure — request deletion of your data.
  • Right to data portability — receive your data in a common format.
  • Right to restriction — restrict processing.
  • Right to object — object to certain processing activities.

To exercise your rights, contact us at privacy@securesendforgmail.com.

9. Cookies

Our website uses functional cookies necessary for the operation of the service — session management and security. We do not place tracking or advertising cookies.

10. Changes

We may update this privacy policy from time to time. For significant changes we will inform you via email or through our service. The most recent version is always available on this page.

11. Contact

Questions about this policy or how we process your data?

SecureSend

privacy@securesendforgmail.com

You may also file a complaint with the Data Protection Authority (edpb.europa.eu).