Legal
Last updated: March 16, 2026
Maximailist (“we,” “our,” or “us”) operates the Maximailist email marketing platform at maximailist.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. Please read this policy carefully. If you disagree with its terms, please discontinue use of the platform.
When you register, we collect your name, email address, company name, and password (stored as a secure bcrypt hash). We never store your password in plaintext.
We collect information you provide in your profile and settings, including your sending domain, default sender name and email, brokerage/company details, and billing information processed securely through Stripe.
When you import or add contacts to your account, we store the contact information you provide (names, email addresses, and any custom fields). You are responsible for ensuring you have proper consent to store and email these contacts.
We store the content of email campaigns you create, including subject lines, email HTML, and campaign settings. We also track campaign performance metrics: opens, clicks, bounces, unsubscribes, and complaints.
We automatically collect standard log data including your IP address, browser type, operating system, referring URLs, and pages visited. This data helps us maintain platform security and improve performance.
If you connect third-party services (such as AWS SES credentials or ZeroBounce API keys), we store these credentials encrypted using AES-256 encryption. We never transmit these credentials to third parties other than the intended service.
We use your information to provide, maintain, and improve the Maximailist platform — including sending emails on your behalf, tracking campaign performance, managing your contacts, and processing your subscription.
We may send you transactional emails (account confirmations, password resets, billing receipts) and occasional product updates. You can opt out of product update emails at any time from your account settings.
We use your information to detect and prevent fraudulent activity, unauthorized access, and abuse of our platform.
We may use your information to comply with applicable laws, regulations, and legal processes, including responding to lawful requests from public authorities.
You are solely responsible for ensuring that all email campaigns sent through Maximailist comply with applicable anti-spam laws, including CAN-SPAM (United States), CASL (Canada), and GDPR (European Union). You must have proper consent from all recipients before sending.
We automatically process email bounces and spam complaints received from AWS SES via SNS notifications. Hard-bounced addresses and addresses that report spam are automatically suppressed and will not receive future campaigns.
Every email sent through Maximailist includes a one-click unsubscribe link. Unsubscribe requests are processed immediately and permanently. You cannot manually override an unsubscribe.
We do not sell, trade, or rent your personal information or your contacts' information to third parties.
We share limited data with trusted service providers who help us operate the platform: Amazon Web Services (infrastructure and email delivery), Stripe (payment processing), and ZeroBounce (email verification, if you configure it). Each provider is bound by their own privacy policies and data processing agreements.
We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our platform prior to such a transfer.
All data is transmitted over HTTPS using TLS encryption. Sensitive credentials (API keys) are encrypted at rest using AES-256. Passwords are hashed using bcrypt with an appropriate cost factor.
The platform is hosted on Amazon Web Services (AWS) infrastructure with automated backups. AWS maintains SOC 2, ISO 27001, and other security certifications.
Access to production systems is restricted to authorized personnel. We use principle of least privilege for all internal access.
Despite our security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.
We retain your account data for as long as your account is active or as needed to provide you services.
You may request deletion of your account and associated data at any time by contacting us at [email protected]. We will delete your data within 30 days of receiving a verified deletion request, except where retention is required by law.
Deleted data may persist in encrypted backups for up to 90 days before being purged.
You have the right to access the personal information we hold about you and to request a copy of your data in a portable format.
You have the right to correct inaccurate or incomplete personal information. Most data can be updated directly from your account settings.
You have the right to request deletion of your personal information, subject to legal retention requirements.
If you are located in Canada, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA) and CASL, including the right to withdraw consent for processing of your personal information.
If you are located in the European Union or United Kingdom, you have rights under GDPR including the right to object to processing, the right to restrict processing, and the right to lodge a complaint with a supervisory authority.
We use session cookies necessary for authentication and platform functionality. These cannot be disabled as they are required for the platform to function.
We do not use third-party advertising or tracking cookies. We do not use Google Analytics or similar tracking services on our platform.
The Maximailist platform is not directed to children under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the 'Last updated' date. For significant changes, we will send an email notification to your registered email address. Your continued use of the platform after changes are posted constitutes acceptance of the updated policy.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: [email protected]
Website: maximailist.com
We aim to respond to all privacy-related inquiries within 5 business days.