The Company is domiciled solely in Switzerland and all hosting infrastructure is also located solely within Switzerland, and thus governed by the laws and regulations of Switzerland.
Data related to the opening of an account
Any emails provided to mailr.ch through either optional email verification, or optional notification/recovery email setting in your account, are considered personal data as defined and protection by the Swiss Federal Data Protection Act (DPA).
Such data will only be used to contact you with important notifications about mailr.ch, to verify your mailr.ch account, or to send you password recovery links if you enable the option.
In order to maintain the integrity of the service, mailr.ch must take measures to avoid creation of accounts by spammers. This is because if spammers use mailr.ch to send messages, mailr.ch's IP addresses can become blocked by major mail providers such as Gmail, Yahoo, Outlook, etc.
In order to prevent the creation of accounts by spam bots or human spammers, mailr.ch uses a variety of human verification methods. You may be asked to verify using either reCaptcha, Email, or SMS. IP addresses, email addresses, and phone numbers provided are saved for a short period of time in order to send you a verification code and to determine if you are a spammer. If this data is saved for a longer period of time, it is always saved as a cryptographic hash, which ensures that the raw values cannot be deciphered by us.
Service's user data collection is limited to the following:
- Visiting our website: We employ a local installation of Piwik, an open source analytics tool, on the home page only. Piwik is not employed on any of the internal pages (app domain https://app.mailr.ch). It is not possible to link Piwik analytics data (such as IP addresses) to mailr.ch accounts. Also, we respect the “Do not track” setting in your web browser.
- Account creation: We require personal information to create an account.
- Account activity: Due to limitations of the SMTP protocol, we have access to the following email metadata: sender and recipient email addresses, the ip address incoming messages originated from, message subject, and message sent and received times. Messages sent from external providers to mailr.ch are scanned for Spam and Viruses for the protection of our users. We also have access to the following records of account activity: number of messages sent, amount of storage space used, total number of messages, last login time.
- Communicating with mailr.ch: Your communications with the Company, such as support requests, bug reports, or feature requests may be saved by our staff.
- IP Logging: mailr.ch does log the IP addresses used to access our Service.
- Payment Information: The Company relies on third parties to process credit card transactions so the Company necessarily must share payment information with third parties.
Use of external API services
Some of the features we offer in our webmail rely on external services we access via API of the corresponding service.
We use OpenWeatherMap’s API to retrieve weather information in mailr.ch’s webmail. You can disable this service in the configuration options of the mailr.ch webmail
We do not have any advertising on our site. Any data that we do have will never be shared except under the circumstances described below in section “Data Disclosure”. We do analysis on the visitors of mailr.ch to such extend as stated in section “Data Collection”
All servers used in connection with the provisioning of the Service are located in Switzerland and wholly owned and operated by the Company. Only employees of the Company have physical or other access to the servers. Data is ALWAYS stored in encrypted format on our servers or on cloud services located in Switzerland (eg. Swisscom Cloud). Offline backups may be stored periodically, but these are also encrypted.
When a mailr.ch account is closed, data is immediately deleted from production servers. Active accounts will have data retained indefinitely. Deleted emails are also instantly deleted from production servers. Deleted data may be retained in our backups for up to 14 days.
We will only disclose the limited user data we possess if we receive an enforceable court order from either the Cantonal Courts of Zurich or the Swiss Federal Supreme Court. If permitted by law, mailr.ch will always contact a user first before any data disclosure. Under Swiss law, it is obligatory to notify the target of a data request, although such notification may come from the authorities and not from the Company.
This Agreement shall be governed in all respects by the substantive laws of Switzerland. Any controversy, claim, or dispute arising out of or relating to the Agreement shall be subject to the jurisdiction of the competent courts of the Canton of Zurich, the jurisdiction of the Swiss Federal Court being expressly reserved.