Mailsim email warming and deliverability platformBack to Home

Privacy Policy

Last updated: March 16, 2026

1. Overview

Mailsim ("we," "us," or "our") is an email warming and deliverability platform operated by FAR INDUSTRIES LLC at mailsim.io. This Privacy Policy describes what information we collect when you use our Service, how we use and protect that information, and the choices available to you regarding your data.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password. Your password is never stored in plain text — it is securely hashed using industry-standard bcrypt before being saved to our database.

Email Account Credentials

To perform email warming, you connect one or more email accounts to Mailsim. Depending on your provider, we collect either OAuth2 access and refresh tokens (for Google Workspace and Microsoft Exchange accounts) or SMTP/IMAP credentials (for custom email providers). All credentials are encrypted at rest using AES-256-GCM encryption and are never stored in plain text.

Email Activity Data

We collect metadata related to warming emails, including timestamps, subject lines, delivery status, and engagement actions (opens, replies, spam folder detection). We do not read, analyze, or store the body content of your personal or business emails — only warming-related emails generated by our system are processed.

Usage and Analytics Data

We collect general usage data such as pages visited, feature usage, login activity, IP addresses, and browser user agent strings to monitor Service performance, detect issues, and improve the user experience.

3. How We Use Your Information

We use the information we collect to:

  • Operate and deliver the email warming service, including sending, receiving, and engaging with warming emails on your behalf
  • Authenticate securely with your email provider using OAuth2 or SMTP/IMAP protocols
  • Track email deliverability metrics and calculate your sender reputation score
  • Identify warming emails that land in spam and move them to your inbox automatically
  • Generate automated replies to warming emails to simulate organic engagement
  • Provide you with real-time analytics, dashboards, and deliverability reports
  • Send you account-related communications including verification emails, billing notices, and service alerts

4. Google API Services — Limited Use Disclosure

Mailsim's use and transfer of information received from Google APIs is in compliance with the Google API Services User Data Policy, including the Limited Use requirements. In particular:

  • We access only the Gmail data strictly necessary to provide email warming functionality — this includes sending warming emails, checking mailbox placement, and performing engagement actions
  • We do not use any Gmail data for advertising, marketing analytics, or market research purposes
  • No human reads your email content unless required for security investigations, legal compliance, or with your explicit written consent
  • Gmail data is not shared with third parties except as necessary to operate or improve the Service, to comply with the law, or in connection with a business transfer such as a merger or acquisition

5. Data Security

We take the security of your data seriously and implement the following protective measures:

  • All email credentials, OAuth tokens, and sensitive data are encrypted at rest using AES-256-GCM encryption with unique initialization vectors
  • User passwords are hashed using bcrypt with a cost factor of 12, making them resistant to brute-force attacks
  • All data transmitted between your browser and our servers is encrypted using TLS/HTTPS
  • Database and infrastructure access is restricted to authorized application services only — no direct external access is permitted
  • OAuth2 refresh tokens allow us to maintain secure access to your email provider without ever storing your email password
  • Two-factor authentication (MFA) is available and enabled by default for all accounts

6. Data Retention

Your account data and email activity logs are retained for as long as your account remains active. Warming session data and page view analytics older than 90 days are automatically purged by our system. When you delete your account or disconnect an email account, all associated credentials, OAuth tokens, and warming logs are permanently removed within 30 days.

7. Third-Party Services

Mailsim integrates with the following third-party services to deliver its core functionality:

  • Google OAuth2 — for secure authentication of Google Workspace and Gmail accounts
  • Microsoft OAuth2 and Graph API — for secure authentication and email operations with Microsoft 365 and Exchange Online accounts
  • Stripe — for secure payment processing and subscription management

We do not sell, rent, trade, or otherwise share your personal data with any third parties for their own purposes. Data is only shared with the service providers listed above to the extent necessary to operate the Service.

8. Your Rights

You have the following rights regarding your data:

  • Access: View all connected email accounts, activity data, and subscription details through your dashboard at any time
  • Deletion: Disconnect any email account to immediately remove all stored credentials and warming data associated with it
  • Revoke Access: Revoke Mailsim's OAuth access at any time through your Google Account or Microsoft Account security settings
  • Data Export: Request a complete export of your account data by contacting us at info@mailsim.io
  • Account Deletion: Request full deletion of your Mailsim account and all associated data by contacting support

9. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or how we handle your data, please contact us at info@mailsim.io.