Data protection

Controller

The controller responsible for data processing on this website is:

Marc Renninger, Bachstraße 6, 89447 Zöschingen, Germany

Purpose of Processing

MailMeQuiet is a Software-as-a-Service (SaaS) designed for the automated filtering and organization of emails. The service accesses the user’s email mailboxes via IMAP on behalf of the user and processes emails according to the rules defined by the user.

The processing of data is carried out exclusively for the purpose of providing and operating this functionality.

Processed Data

In the course of using the service, the following data may be processed:

Credentials for email mailboxes (stored in encrypted form)
Email metadata (e.g., sender, subject, folder)
Email content, insofar as this is necessary for evaluating the defined rules
User-defined rules, lists, and configurations
Technical log data regarding executed actions (e.g., moved emails)

Storage of Email Content

Email content is generally not stored permanently.

As part of preview or analysis functions, content may be processed or temporarily cached if this is initiated by the user and required for the functionality of the service.

Legal Basis

The processing of personal data is based on:

Art. 6(1)(b) GDPR
for the performance of the user agreement and the provision of the service.

Art. 6(1)(f) GDPR
based on our legitimate interest in operating a secure, stable, and functional service.

Data Processing on Behalf of the User

The service processes emails on behalf of the user.

The user remains the controller within the meaning of the GDPR with regard to the content of their emails and their use of the service.
MailMeQuiet processes this data solely according to the user’s instructions in order to provide the offered functionality.

Server & Hosting

Data processing takes place on servers located in Germany and operated by the hosting provider Hetzner Online GmbH, which provides the technical infrastructure for running the application.

Hetzner Online GmbH, Industriestraße 25, 91710 Gunzenhausen, Germany

To ensure secure and high-performance delivery of the web interface, we additionally use Cloudflare as a technical service provider (Content Delivery Network and security service).

The actual data processing and API communication take place directly via our own servers.

Payment Processing

Payments are processed through the payment service provider:

Paddle.com Market Limited, Judd House, 18–29 Mora Street, London EC1V 8BT Vereinigtes Königreich.

Paddle acts as the Merchant of Record and handles payment processing, invoicing, and the tax handling of transactions.

As part of the payment process, the following data may be transmitted to Paddle:

Name
Email address
Payment information
Billing and transaction data

The processing of this data is carried out by Paddle as an independent controller.

Further information on Paddle’s privacy practices can be found at:
https://www.paddle.com/legal/privacy

User Rights

Users have the right to:

access their stored data (Art. 15 GDPR)
correct inaccurate data (Art. 16 GDPR)
request deletion of their data (Art. 17 GDPR)
restrict processing (Art. 18 GDPR)
data portability (Art. 20 GDPR)

Requests regarding these rights can be sent to the contact address listed above.

Data Retention

Personal data is stored only for as long as necessary to fulfill the purpose of the contract or as required by statutory retention obligations.

Data Security

We implement technical and organizational security measures to protect the processed data against loss, manipulation, and unauthorized access.