Click here
Click here
Log In

Data Processing Agreement (DPA)

Last Updated: September 12, 2025

This Data Processing Agreement (“DPA”) forms part of the Terms of Service between FairyMail (“Processor,” “we,” or “us”) and the customer (“Controller,” “you,” or “user”) who uses FairyMail to process personal data. This DPA governs how we process personal data on your behalf in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

1. Scope

This DPA applies to all processing of personal data performed by FairyMail in providing email marketing and related services to the user, where the user is the Data Controller and FairyMail acts as the Data Processor.

2. Roles and Responsibilities

Data Controller (User):

  • Determines the purpose and means of processing personal data.
  • Ensures that all personal data shared with FairyMail is collected lawfully and that proper consent has been obtained.


Data Processor (FairyMail):

  • Processes personal data only on documented instructions from the Data Controller.
  • Assists the Controller in fulfilling obligations under applicable data protection laws (e.g., responding to data subject requests).
  • Ensures personnel authorized to process personal data are bound by confidentiality obligations.

3. Security and Confidentiality

FairyMail implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  1. Encryption of data in transit and at rest.
  2. Access controls and authentication protocols.
  3. Regular security testing and vulnerability management.
  4. Measures to ensure the ongoing confidentiality, integrity, and availability of systems.

4. Sub-Processors

FairyMail may engage third-party sub-processors (e.g., cloud hosting providers) to support the delivery of its services. We will ensure sub-processors are bound by written agreements requiring data protection standards equivalent to this DPA. A list of current sub-processors will be made available to the Controller upon request. The Controller will be notified of any material changes regarding sub-processors.

5. Data Transfers

If personal data is transferred outside the European Union (EU) or European Economic Area (EEA):

Such transfers will only occur with appropriate legal safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or other mechanisms permitted by law.

6. Data Breach Notification

In the event of a personal data breach:

FairyMail will notify the Controller without undue delay after becoming aware of the breach. The notification will include information necessary for the Controller to meet legal obligations, including the nature of the breach, likely consequences, and remedial actions taken.

7. Data Subject Requests

FairyMail will assist the Controller, to the extent legally permitted, in responding to requests from data subjects exercising their rights (e.g., access, correction, deletion, portability).

8. Data Deletion or Return

Upon termination of services, at the Controller’s choice, FairyMail will either:

Delete all personal data processed on behalf of the Controller, or return such data to the Controller, except where retention is required by law.

9. Governing Law

This DPA shall be governed by and construed in accordance with the laws specified in FairyMail’s Terms of Service, unless otherwise required by applicable data protection laws.

Join our newsletter!

FairyMail

Other

Social

© 2026 FairyMail

Join the waitlist!

Be among the first to experience the FairyMail App. Join the waiting list for early access, exclusive updates, and priority support when we launch.

Log In
Sign up for free
Join the waiting list
Powered by  GDPR Cookie Compliance
Privacy Overview

Last Updated: September 12, 2025

FairyMail (“we,” “our,” or “us”) values your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and share your information when you use our website and services (collectively, the “Services”).

By using FairyMail, you agree to the practices described in this Privacy Policy.

1. Information We Collect

We collect the following categories of information:

  • Account Information:
    When you register, we collect your name, email address, password, billing details, and other account-related information.
  • Usage Data:
    We automatically collect certain information about your interactions with our Services, such as IP address, browser type, device information, pages viewed, and usage timestamps.
  • Subscriber Data:
    When you upload contact lists or send email campaigns using FairyMail, we process the email addresses and any associated data you provide (“Subscriber Data”) solely to deliver the Services.
  • Cookies & Tracking Technologies:
    We use cookies, and similar tools to improve functionality, measure performance, and support marketing efforts. For details, see our Cookies Policy.

2. How We Use Your Information

We use your data to:

  • Provide, operate, and improve our Services.
  • Process transactions, manage billing, and maintain your account.
  • Monitor platform performance and ensure compliance with our Terms of Service.
  • Prevent, detect, and investigate fraudulent or abusive activity.
  • Comply with legal and regulatory obligations.
  • Send you important updates, product announcements, and optional marketing communications (which you can opt out of at any time).

3. Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

  • Service Providers: With trusted vendors (e.g., hosting providers, payment processors, analytics tools) that help us deliver our Services.
  • Legal Requirements: If required by law, subpoena, or court order, or to protect our rights and users.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, subject to this Privacy Policy.

4. Your Rights

Depending on your location, you may have specific rights under privacy laws such as the GDPR (EU/UK) and CCPA (California), including:

  • Access & Portability: Request a copy of your personal data.
  • Correction & Deletion: Update or delete your information.
  • Restriction & Objection: Limit or object to certain types of data processing.
  • Opt-out of Marketing: Unsubscribe from promotional emails at any time.

To exercise these rights, contact us at [email protected]. We may verify your identity before fulfilling your request.

5. Data Retention

We retain your personal data only for as long as necessary to:

  • Provide our Services,
  • Fulfill our legal obligations,
  • Resolve disputes, and
  • Enforce our agreements.

You can request deletion of your account and data at any time.

6. Security

We implement industry-standard technical and organizational measures to safeguard personal data, including encryption, access controls, and monitoring systems.

7. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA) or other jurisdictions with data transfer restrictions, we ensure appropriate safeguards, such as Standard Contractual Clauses (SCCs) or other approved mechanisms.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated via email or prominent notice on our website. Continued use of our Services constitutes your acceptance of any updates.

9. Contact Us

For questions, concerns, or to exercise your privacy rights, contact us at:
Email: [email protected]