Privacy Policy

1. Introduction

Welcome to tinysend. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our platform and services.

2. Who We Are

tinysend is an email infrastructure platform that lets developers and businesses send transactional and marketing emails through their own providers (Amazon SES, Postmark, Resend, and others). We provide APIs, a CLI, and a dashboard to manage email sending, contacts, sequences, and analytics.

3. Data We Collect

We collect personal data when you use our services, including:

  • Account information via Google Single Sign-On (name, email, profile picture)
  • API keys you generate to authenticate with our platform
  • Email metadata (sender, recipient, subject, timestamps, delivery status)
  • Contact data you import or create through our platform
  • Usage data (API calls, emails sent, feature usage)
  • Payment information processed through Stripe

We do not have access to, nor do we store, your Google account password.

4. Email Content and Provider Credentials

Important:

  • Email content (HTML/text bodies) passes through our platform to your configured provider. We may temporarily store content for delivery retry purposes.
  • Your email provider credentials (API keys, SMTP passwords) are encrypted at rest and only used to send emails on your behalf.
  • We do not read, analyze, or sell your email content or your recipients' data.
  • Webhook event data (opens, clicks, bounces) is stored to power analytics and sequence automation.

5. Recipient Data Protection

When you use tinysend to send emails, you are the data controller for your recipients' personal data. tinysend acts as a data processor on your behalf.

  • You are responsible for obtaining proper consent from your recipients before sending them emails.
  • We store recipient email addresses, delivery events (sent, delivered, opened, clicked, bounced, complained), and unsubscribe status to operate the Service.
  • We do not use recipient data for our own marketing purposes.
  • We do not sell, rent, or share recipient data with third parties.
  • If a recipient contacts us directly to request data deletion, we will notify you and process the request in accordance with applicable law.
  • We maintain suppression lists to prevent emails from being sent to recipients who have unsubscribed or complained. These lists are maintained per account and are not shared between users.

6. How We Use Your Data

We use your personal data to:

  • Provide and operate the tinysend platform
  • Authenticate your account and authorize API access
  • Route emails through your configured providers
  • Track delivery events and generate analytics
  • Process payments and manage subscriptions
  • Send service notifications (not marketing)
  • Improve the platform based on aggregate usage patterns

7. Cookies and Analytics

We use essential cookies to maintain your session. We use Plausible Analytics, a privacy-friendly analytics tool that does not use cookies and does not collect personal data. No data is shared with advertising networks.

8. Third-Party Services

Our platform integrates with:

  • Google: Authentication (OAuth)
  • Stripe: Payment processing
  • Your email providers: Amazon SES, Postmark, Resend, or others you configure
  • Plausible: Privacy-friendly analytics

Each service has its own privacy policy governing their use of your data.

9. Data Security

We implement appropriate security measures including encryption at rest and in transit, access controls, and regular security reviews. Provider credentials are encrypted. However, no internet transmission is completely secure, and we cannot guarantee absolute security.

10. Data Retention

We retain your data while your account is active. Email event data is retained for analytics purposes. You may request deletion of your account and all associated data at any time by contacting us.

11. Your Rights

Depending on your location, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to or restrict processing
  • Data portability
  • Withdraw consent

To exercise these rights, contact us at the address below.

12. International Transfers

Your data may be processed in countries outside your country of residence, including where our hosting providers and email infrastructure operate. We ensure appropriate safeguards are in place for such transfers.

13. Children's Privacy

Our service is not intended for children under 18. We do not knowingly collect data from children.

14. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by posting the updated policy on this page.

15. Contact Us

If you have questions about this privacy policy, contact us at: [email protected]

Last updated March 20, 2026