This Privacy Policy explains how WinMail ("we", "us") collects and processes personal data when you use our website and Service, in accordance with the EU General Data Protection Regulation (GDPR). The data controller is Mitsidis Stavros - Mitsidou Xanthi Co., operating as WinMail, contactable at info@winmail.gr or +30 210 300 1957.
1. Data we collect
Depending on how you use WinMail, we may process:
- Account data: name, email, company and billing details.
- Contact form data: the name, email, company and message you submit.
- Sending metadata and logs: sender, recipient, subject, timestamps, delivery, bounce and complaint events needed to operate the Service.
- Technical data: IP address, browser and usage information.
2. How and why we use it
We process personal data to:
- Provide, secure and improve the Service (legal basis: performance of a contract, legitimate interests).
- Respond to your enquiries submitted through the contact form (legitimate interests / pre-contractual steps).
- Comply with legal obligations and prevent abuse and fraud.
3. Message content
When you send email through WinMail, the message content and recipient data are processed on your behalf solely to deliver the email and provide analytics. You are the controller of that recipient data; we act as your processor.
4. Sub-processors
We use third-party cloud infrastructure providers (sub-processors) to deliver email. Where data is transferred outside the EEA, it is protected by appropriate safeguards such as the EU Standard Contractual Clauses.
5. Retention
We keep personal data only as long as necessary for the purposes above or as required by law. Sending logs are retained for a limited period to support deliverability, troubleshooting and legal compliance.
6. Your rights
Under the GDPR you have the right to:
- Access, rectify or erase your personal data.
- Restrict or object to processing, and to data portability.
- Withdraw consent at any time where processing is based on consent.
- Lodge a complaint with the Hellenic Data Protection Authority (www.dpa.gr).
7. Cookies
Our website uses a strictly necessary session cookie to keep the site secure (e.g. CSRF protection). It is not used for advertising or tracking.
8. Security
We apply appropriate technical and organisational measures, including encryption in transit, access controls and hardened session handling, to protect personal data.
9. Contact
For any privacy request or question, contact Mitsidis Stavros - Mitsidou Xanthi Co. at info@winmail.gr or +30 210 300 1957.