Privacy Policy

Last Updated: January 6, 2026

This Privacy Policy describes how Inboxing.com ("we", "us", "our"), a division of Receptive Marketing Inc., collects, uses, and protects your information.

1. Information We Collect

Account Information: Name, email address, organization name, and role information you provide when registering. If you use our referral program, we also track referral relationships.

Payment Information: Processed securely by Stripe. We do not store your full card details, but we retain transaction records (date, amount, last 4 digits, billing address) for accounting and dispute resolution.

Domain & Email Data: Domain names, DNS configurations, mailbox credentials (encrypted), registrar credentials (encrypted), and platform connection credentials (encrypted) necessary to provide the Service.

Usage Data: Login times, feature usage, API key usage, IP addresses, browser information, and actions taken within the Service.

Support Data: Messages, tickets, and communications you send through our support system.

2. How We Use Your Information

  • To provide and operate the Service
  • To process payments and send billing notifications
  • To provide performance metrics and analytics
  • To ensure compliance with our Terms and prevent abuse
  • To improve the Service
  • To resolve disputes and respond to chargebacks

3. Information Sharing

We do not sell your personal information. We share data with the following categories of service providers to operate the Service:

  • Payment processing: Stripe processes payments and stores billing information
  • Authentication: Clerk manages user authentication and account security
  • Email infrastructure: Microsoft 365 hosts mailboxes; Resend sends transactional emails
  • DNS & domain services: Cloudflare manages DNS records; domain registrars (Dynadot, Porkbun, Spaceship, GoDaddy) for domain registration
  • Email platforms: When you use our upload feature, credentials are sent to your connected platforms (Instantly, Smartlead, Lemlist, Apollo, etc.)
  • Analytics & monitoring: PostHog (usage analytics), Sentry (error tracking)
  • Financial institutions: When responding to payment disputes or chargebacks
  • Legal requirements: When required by law or to protect our rights

4. Data Security

We implement reasonable security measures to protect your data:

  • Sensitive credentials (passwords, API keys, registrar tokens) are encrypted at rest
  • API keys are hashed using industry-standard algorithms
  • All data transmission uses HTTPS encryption
  • Rate limiting and bot detection protect against abuse
  • Access controls limit who can view your data

However, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials and downloaded mailbox credentials.

5. International Data Transfers

Our service providers may process data in Canada, the United States, and other countries. By using the Service, you consent to the transfer of your data to these locations. We use service providers that maintain appropriate data protection standards.

6. Data Retention

We retain your data while your account is active. Transaction records are kept for 7 years for legal and accounting purposes. After account deletion, most data is removed within 90 days, but financial records are retained as required by law.

7. Your Rights

Depending on your location, you may have rights to access, correct, or delete your personal information. You can export your domain data via our API or download credentials from the dashboard. To request account deletion, contact us at [email protected]. Note that transaction records may be retained for legal compliance.

8. Cookies & Tracking

We use the following types of cookies and tracking technologies:

  • Essential cookies: Required for authentication and core functionality (Clerk session cookies)
  • Analytics cookies: PostHog tracks product usage to help us improve the Service
  • Error tracking: Sentry captures errors for debugging purposes

You can configure your browser to refuse cookies, but essential cookies are required for the Service to function.

9. Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you via email within a reasonable timeframe and take appropriate steps to mitigate the impact.

10. Legal Compliance

We comply with applicable privacy laws, including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA). If you are located in the European Union, we process your data in accordance with the General Data Protection Regulation (GDPR) where applicable.

11. Children

The Service is intended for business use and is not directed at anyone under 18. We do not knowingly collect information from children.

12. Changes

We may update this policy at any time. Material changes will be communicated via email or through the Service. Continued use after changes constitutes acceptance.

13. Contact

Questions about this policy or your data? Contact us at [email protected].

Privacy Policy