The short version
- We collect the minimum data we need to run the product: your account details, your workspace's content (templates, sequences, contacts), and standard service logs.
- We never sell your data. Ever. Not to advertisers, not to data brokers, not "for research".
- We use a small list of sub-processors (Google Cloud, Stripe, Anthropic, etc.) to operate the service. They're contractually bound to the same standards we hold ourselves to.
- You can export, correct, or delete your data at any time from
Settings → Workspaceor by emailing [email protected].
Who we are
"GenieOS", "we", "us", and "our" refer to Mail Genius Ltd, a company registered in England & Wales with company number 17183230 and registered office at 71-75 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom. GenieOS is a trading name of Mail Genius Ltd. We are registered with the UK Information Commissioner's Office (ICO) under registration number C1952834, and we have appointed a Data Protection Officer (DPO) who you can reach at [email protected].
For UK GDPR purposes, we are the data controller for the personal information we collect about you (our customer). We are the data processor for the personal information you upload into the product about your contacts and audiences — you remain the controller for that data, and our processing of it is governed by our Data Processing Addendum.
Information we collect
Account and identity
- Your name, work email, and (optionally) your avatar
- The workspace(s) you belong to and your role within each
- One-time login codes used to verify it's actually you signing in
- Your plan, credit balance and usage ledger, and billing details processed by Stripe (we never see your card number)
Content you create in the product
- Email templates, sequences, campaigns, social posts, landing pages and sites, designs, brand assets, and AI prompt & chat history
- Contact lists and audiences you upload, sync, or capture via API or forms
- Connected sending domain configuration (DKIM/SPF/DMARC records)
- API keys and webhook endpoints you create
Connected accounts & integrations
- When you connect a third-party platform (for example a social network such as X, or your own email-sending provider), we store the access tokens and account metadata needed to act on your instruction — for example to publish a post or read its performance. We use these only for the actions you ask for, and you can disconnect at any time.
Behavioural & engagement data
- Open and click events for the messages you send through us — stored against the recipient record so you can build segments and analyse performance
- Bounce, complaint, and unsubscribe events received from sending providers
Technical & usage data
- Standard service logs: IP address, user agent, referrer, request timing, and the page or API endpoint touched
- Approximate location derived from IP (country/region only, never precise)
- Product analytics about what you do inside GenieOS (which features you open, error rates) — used purely to make the product better
Visitors to landing pages our customers publish
GenieOS customers can publish landing pages and sites (at pages.genieos.pro/<workspace>/<page>) and review their performance. To make that possible we collect a small, opt-in slice of behaviour from visitors to those pages:
- Aggregate counts (page views, CTA clicks, form interactions) — never the content of form fields, never IP, never user-agent strings.
- An opt-in identifier cookie called
mg_vthat tells us this is the same browser visiting the same landing page on different days. The cookie is set only after the visitor accepts the consent banner; declining leaves the visitor anonymous and unidentified. - The
mg_vcookie is workspace-peppered — the same browser visiting two different customers' landing pages produces two different identifiers, so neither customer can correlate visitors across the other's audience. - Country-level geography derived from IP at the edge; the IP address itself is never stored or forwarded to PostHog.
See Cookies for the full cookie inventory and Sub-processors for the customer-page analytics processor (PostHog).
How we use it
- To run the service. Authenticate you, render your workspace, generate and compile content, deliver email, publish pages and social posts, meter credit usage, store analytics, and process payments.
- To improve the product. Diagnose bugs, measure feature adoption, and guide what we build next.
- To support you. Reply to your messages, investigate issues, and proactively warn you about deliverability or billing problems.
- To keep things safe. Detect abuse, prevent spam, enforce our acceptable use policy, and meet our legal obligations.
- To talk to you about GenieOS. Product updates and onboarding tips. You can opt out of any non-essential message in one click.
What we do not do: we don't sell your data, we don't allow your content or prompts to be used to train third-party foundation models, and we don't share your contact lists or audiences with anyone outside the sub-processors needed to deliver the service (and the platforms you yourself choose to publish or send to).
Lawful basis (UK GDPR / EU GDPR)
We rely on the following lawful bases under Article 6 of the UK GDPR and EU GDPR:
| Activity | Lawful basis |
|---|---|
| Providing the GenieOS service to you | Performance of a contract |
| Billing, tax, and statutory record-keeping | Legal obligation |
| Security, abuse prevention, product analytics | Legitimate interests |
| Marketing emails to non-customers and optional cookies | Consent |
You can withdraw consent at any time. Withdrawing consent doesn't affect processing we've already done lawfully.
International transfers
Our primary infrastructure is hosted in the United Kingdom (Google Cloud europe-west2, London), with EU multi-region storage used for backups. As the product grows we may offer hosting in additional regions or data centres; if we do, the region applicable to your workspace will be shown in the product and this policy updated. Some sub-processors are based in the United States and other countries.
When we transfer personal data outside the UK or EEA, we rely on:
- The UK or EU's adequacy decisions where one exists; or
- The European Commission's Standard Contractual Clauses (SCCs) with the UK International Data Transfer Addendum (IDTA) or the UK's standalone IDTA; with
- Supplementary technical and organisational measures (encryption in transit and at rest, access controls, audit logging) where the destination country offers weaker protections.
You can request a copy of the safeguards in place for any sub-processor by emailing [email protected].
How long we keep it
- Workspace content (templates, sequences, contacts, sends): for as long as your workspace is active, plus 30 days after deletion to allow recovery.
- Send-event logs (opens, clicks, bounces): 24 months by default; you can shorten this from
Settings → Workspace → Retention. - Billing records and invoices: 7 years (UK statutory requirement).
- Service logs (request logs, error reports): 90 days.
- Backups: rolling 30-day window; deleted data is purged from backups within that period.
Your rights (UK GDPR / EU GDPR)
If you're in the UK or EEA, you have the right to:
- Access the personal data we hold about you
- Rectify anything that's wrong
- Erase your data ("right to be forgotten")
- Restrict or object to our processing
- Port your data to another provider in a structured, machine-readable format
- Withdraw consent for any processing based on consent
- Lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk or your local EEA supervisory authority
Most of these can be done yourself from Settings → Workspace. For anything else, email [email protected] and we'll respond within 30 days.
US privacy rights (CCPA / CPRA)
If you're a California resident, the California Consumer Privacy Act as amended by the California Privacy Rights Act gives you the right to:
- Know what personal information we collect and why
- Delete personal information we hold about you
- Correct inaccurate personal information
- Limit the use of "sensitive personal information" (we don't currently process any)
- Opt out of "sale" or "sharing" of personal information — we do neither, but the right is yours regardless
- Non-discrimination for exercising any of the above
We don't sell personal information. We don't currently share personal information for cross-context behavioural advertising; if that ever changes, we'll provide a clear "Do Not Sell or Share My Personal Information" link and update this notice before any sharing begins. If you have a request, email [email protected]. We'll verify your identity and respond within 45 days.
Residents of Virginia, Colorado, Connecticut, Utah and other US states with comparable laws have substantially the same rights, exercised the same way.
Security
A summary of our technical and organisational measures lives on our dedicated Security page. Briefly: TLS 1.2+ everywhere, AES-256 at rest, least-privilege access, audit logging, mandatory MFA for staff with production access, and a published vulnerability disclosure policy.
Children
GenieOS is a marketing product for businesses and professionals. It is not intended for, and we do not knowingly collect personal information from, children under 16. If you believe a child has provided us with personal information, email [email protected] and we'll delete it.
Changes to this policy
When we make material changes we'll email workspace owners at least 30 days before the new version takes effect, and update the "Last updated" date at the top of this page. Older versions are kept on request.
Contact
Privacy questions, data subject requests, and DPO matters: [email protected]
Anything legal-notice shaped (subpoenas, IP claims, formal correspondence): [email protected]
Postal: Mail Genius Ltd, 71-75 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom.