Privacy Policy

1. Introduction

ParseBounce is operated by Epic Solutions Limited, a company registered in Scotland, United Kingdom ("the Company", "we", "our", or "us"). This Privacy Policy explains how we collect, use, and safeguard your information when you use our email delivery monitoring and sending service ("the Service").

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address
• Name (if provided via OAuth)
• Authentication provider information (Google OAuth or magic link email)

2.2 Email Event Data (Tracking)

When you connect an email service provider (AWS SES, SendGrid, Mailgun, SparkPost, Postmark, or Mandrill), we receive and process:

• Email recipient addresses
• Email subject lines
• Delivery status (delivered, bounced, complained)
• Bounce and complaint details
• Timestamps of email events
• Provider-specific message IDs
• Custom tracking identifiers you attach to messages

Important: We do not receive or store the content (body) of your emails through webhook tracking. We only process delivery metadata.

2.3 Email Sending Data

When you use our email sending features, we process:

• Contact lists and email addresses you upload or manage
• Custom data fields associated with your contacts
• Email templates and campaign content you create
• Sending statistics (opens, clicks, bounces, unsubscribes)
• Email provider credentials you configure (encrypted at rest)

2.4 Billing Information

Payment processing is handled entirely by Stripe. We do not store your credit card numbers or bank account details. We receive from Stripe:

• Subscription status and plan type
• Billing email address
• Payment history (amounts, dates, invoice IDs)

2.5 Usage Data

We automatically collect:

• Event counts and usage statistics
• Feature usage patterns
• Error logs for debugging purposes

3. How We Use Your Information

We use collected information to:

• Provide and maintain the Service
• Process and display email delivery analytics
• Send emails on your behalf through the sending features
• Send usage alerts and notifications
• Manage your subscription and billing
• Improve and optimize the Service
• Communicate important updates
• Prevent abuse and ensure security

4. Data Storage and Security

4.1 Storage

Your data is stored securely on Amazon Web Services (AWS) infrastructure, primarily in the US East (N. Virginia) region. We use:

• AWS cloud infrastructure for data storage and processing
• Encryption at rest for all stored data
• Encryption in transit (TLS/HTTPS) for all communications
• AWS KMS for encryption of sensitive data such as provider credentials

4.2 Retention

Email event data is retained according to your subscription plan:

• Free: 1 day
• Personal: 7 days
• Pro: 30 days
• Business: 90 days
• Enterprise: Custom (up to 365 days)

Account data and contact lists are retained until you delete your account or remove the data. Campaign sending history is retained for 90 days, after which it is archived.

4.3 Security Measures

We implement industry-standard security measures:

• End-to-end encryption for webhook data
• Secure API authentication with JWT tokens
• KMS encryption for stored provider credentials
• Access controls and audit logging

5. Data Sharing

We do not sell your data. We may share data with:

• Service Providers: AWS (hosting), Stripe (payments) — only as necessary to provide the Service
• Email Providers: When you use the sending features, your email content and recipient data is transmitted to your configured email provider (e.g., AWS SES, SendGrid) for delivery
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Your Rights

Under applicable data protection laws (including UK GDPR), you have the right to:

• Access your personal data
• Correct inaccurate data
• Delete your account and associated data
• Export your data in a portable format
• Object to processing of your data
• Restrict processing in certain circumstances
• Opt out of marketing communications

To exercise these rights, contact us at privacy@parsebounce.com. We will respond within 30 days.

7. Data Processing Basis

We process your personal data on the following legal bases:

• Contract: Processing necessary to provide the Service you have subscribed to
• Legitimate Interest: Improving the Service, preventing fraud, and ensuring security
• Consent: Where you have given explicit consent, such as for marketing communications
• Legal Obligation: Where processing is required by law

8. Cookies

We use essential cookies for authentication and session management. These are necessary for the Service to function and cannot be disabled. We do not use third-party tracking or advertising cookies.

9. Third-Party Services

We integrate with:

• Google OAuth: For optional authentication. Subject to Google's Privacy Policy
• Stripe: For payment processing. Subject to Stripe's Privacy Policy
• AWS: For infrastructure and email delivery. Subject to AWS Privacy Policy

10. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect data from children.

11. International Data Transfers

Your data is processed and stored on AWS infrastructure in the United States. As a UK-based company, we ensure that any transfer of personal data outside the UK is protected by appropriate safeguards in compliance with UK GDPR, including reliance on adequacy decisions and standard contractual clauses where applicable.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through the Service. The "Last updated" date at the top indicates when the policy was last revised.

13. Contact Us

For privacy-related questions or concerns, contact us at:

Epic Solutions Limited — privacy@parsebounce.com