Privacy Policy

1. Introduction

Krillium LLC ("Krillium," "we," "us," or "our"), owner of MailMoxie, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our software-as-a-service platform, associated websites, applications, AI models, and services (collectively, the "Service").

This Policy primarily applies to the Personal Data we collect from or about the Authorized Users of our Customers and visitors to our websites. It also describes our handling of the email code ("User Content") uploaded by our Customers, although User Content is primarily governed by our Terms of Service and treated as confidential information belonging to the Customer.

Please read this Privacy Policy carefully. By accessing or using the Service, you agree to the terms of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

2. Information We Collect

We may collect information about you in a variety of ways. The information we may collect via the Service includes:

Personal Data:

Personally identifiable information provided by Authorized Users during account registration or use, such as:

• Name
• Email address
• Company name
• Job title (optional)
• Phone number (optional)
• Billing and payment information (Note: Payment card details are typically processed directly by our third-party payment processor, e.g., Stripe, and are not stored by Krillium, though we may receive transaction confirmation and billing contact details)
• Information provided when you contact us for support or provide feedback

Usage Data:

Information our servers automatically collect when you access the Service, such as:

• Your IP address
• Browser type and version
• Operating system
• Access times, pages viewed, features used within the Service
• Referring website addresses
• Device identifiers

User Content (Uploaded Email Code):

We collect and process the email code and related files that Customers and their Authorized Users upload to the Service for QA testing. This User Content is treated as the Customer's confidential information as outlined in our Terms of Service. While we process this content to provide the Service, we do not intentionally scan it for Personal Data unrelated to the provision of the QA testing service. The Customer is responsible for ensuring that User Content complies with applicable laws, including data privacy laws concerning any Personal Data contained within the User Content they upload.

Cookies and Tracking Technologies:

We may use cookies, web beacons, tracking pixels, and other tracking technologies on the Service to help customize the Service and improve your experience. More information is available in Section 8 ("Cookies and Tracking Technologies").

3. How We Use Your Information

We use the information we collect for various purposes, including:

Providing and Managing the Service:

• Create and manage your account
• Process User Content to perform QA testing and generate Reports
• Authenticate users and provide access control
• Process payments and transactions

Communicating with You:

• Respond to your inquiries, support requests, and feedback
• Send administrative information, such as updates to terms, conditions, and policies, and service announcements
• Send marketing and promotional communications (where permitted by law and subject to your opt-out rights)

Improving the Service:

• Monitor and analyze usage trends to improve the Service functionality and user experience
• Develop new features and services
• Use aggregated, anonymized data derived from usage and User Content processing for internal analysis, AI model training/improvement, and reporting

Security and Compliance:

• Enforce our Terms of Service
• Protect the security and integrity of the Service
• Comply with legal obligations, court orders, or other legal processes
• Prevent fraudulent activity

4. Legal Basis for Processing Personal Data (For GDPR/Relevant Jurisdictions)

If you are located in the European Economic Area (EEA), UK, or Switzerland, our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it. However, we will normally collect Personal Data from you only:

Where we need the Personal Data to perform a contract with you (e.g., to provide the Service under our Terms of Service):

This is typically the case when you use the Service, such as when you create an account or when we process User Content for QA testing.

Where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (e.g., for improving our Service, security, marketing):

We may process Personal Data for these purposes if we have a legitimate interest in doing so. For example, we may process Personal Data to improve our Service, to protect the security of our Service, or to market our Services.

Where we have your consent to do so (e.g., for non-essential cookies or certain marketing communications):

We may process Personal Data for these purposes if we have obtained your consent. For example, we may process Personal Data for marketing purposes if you have given us your consent to do so.

Where we need to comply with a legal obligation:

We may process Personal Data to comply with a legal obligation. For example, we may process Personal Data to comply with a court order or to respond to a subpoena.

5. How We Share Your Information

We do not sell your Personal Data. We may share information we have collected about you in certain situations:

With Service Providers:

We may share your information with third-party vendors, consultants, and other service providers who perform services on our behalf, such as hosting (e.g., AWS, Google Cloud), payment processing (e.g., Stripe), analytics (e.g., Google Analytics), customer support tools, and communication services. These third parties are contractually obligated to use your Personal Data only as necessary to provide the services to us and are bound by confidentiality agreements.

Within Your Organization:

Information associated with your team account, including Authorized User details and User Content, may be accessible to other Authorized Users within the same Customer account, based on the settings and permissions configured by the Customer's administrator.

For Legal Reasons:

We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to: (a) comply with a legal obligation, subpoena, or court order; (b) protect and defend the rights or property of Krillium; (c) prevent or investigate possible wrongdoing in connection with the Service; (d) protect the personal safety of users of the Service or the public; or (e) protect against legal liability.

Business Transfers:

We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. We will provide notice before your Personal Data is transferred and becomes subject to a different privacy policy.

Aggregated or Anonymized Data:

We may share aggregated or anonymized information (which does not identify you personally) for industry analysis, demographic profiling, and other business purposes.

With Your Consent:

We may disclose your Personal Data for any other purpose with your consent.

We do not share identifiable User Content with any third party except as necessary to provide the Service (e.g., storing it with our hosting provider) or as required by law under the circumstances described above.

6. Data Security

We implement reasonable administrative, technical, and physical security measures designed to protect your Personal Data from unauthorized access, use, alteration, or destruction. These measures may include encryption, access controls, and secure development practices. However, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against interception or misuse. We cannot guarantee the absolute security of your information. You are also responsible for maintaining the security of your account credentials.

7. Data Retention

We will retain your Personal Data for as long as your account is active or as needed to provide you the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Usage Data may be retained for shorter periods for internal analysis purposes. User Content will be retained while your account is active and will be deleted or made available for export following account termination according to the procedures outlined in our Terms of Service and our internal data retention policies (typically within a defined period like 30-90 days post-termination, unless legally required otherwise).

8. Cookies and Tracking Technologies

We use cookies (small text files placed on your device) and similar technologies (like web beacons or pixels) to operate the Service, remember your preferences, analyze usage patterns, and for security purposes.

Types of Cookies:

We may use session cookies (expire when you close your browser) and persistent cookies (stay on your device until deleted or expired). We use cookies for essential operations, performance analytics, functionality/preferences, and potentially advertising/targeting (though primarily focused on B2B context).

Your Choices:

Most web browsers are set to accept cookies by default. You can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Service. [Optional: Consider adding a link to a Cookie Policy or a cookie consent management tool if using extensive tracking].

9. International Data Transfers

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there. We will take appropriate safeguards to ensure that your Personal Data remains protected in accordance with this Privacy Policy and applicable law (e.g., by implementing Standard Contractual Clauses where required for transfers from the EEA/UK/Switzerland).

10. Your Data Protection Rights

Depending on your location and applicable law (e.g., GDPR in the EEA/UK, CCPA/CPRA in California), you may have certain rights regarding your Personal Data:

Right to Access:

You may have the right to request copies of the Personal Data we hold about you.

Right to Rectification:

You may have the right to request correction of inaccurate Personal Data or completion of incomplete Personal Data.

Right to Erasure (Deletion):

You may have the right to request deletion of your Personal Data under certain conditions.

Right to Restrict Processing:

You may have the right to request restriction of the processing of your Personal Data under certain conditions.

Right to Object to Processing:

You may have the right to object to our processing of your Personal Data under certain conditions (e.g., for direct marketing).

Right to Data Portability:

You may have the right to receive your Personal Data in a structured, commonly used, machine-readable format and transmit it to another controller under certain conditions.

Right to Withdraw Consent:

If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time.

Right to Non-Discrimination:

We will not discriminate against you for exercising your privacy rights (applicable under CCPA/CPRA).

11. Exercising Your Rights

You can often review and update your account information directly within your account settings. To exercise other rights, please contact us using the contact details below. We will respond to your request in accordance with applicable law. Please note that we may need to verify your identity before processing your request.

Requests Regarding User Content:

If your request relates to Personal Data potentially contained within the User Content uploaded by a Customer, you should typically direct your request to that Customer (the data controller). We process User Content on behalf of our Customers.

12. Children's Privacy

The Service is not intended for or directed at individuals under the age of 13 (or 16 in the EEA/UK). We do not knowingly collect Personal Data from children under these ages. If we become aware that we have collected Personal Data from a child without verification of parental consent, we will take steps to remove that information from our servers.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. If the changes are material, we may provide more prominent notice (such as by email or through an in-app notification). You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

14. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at: