Email-Connection Privacy Policy

Effective Date: 01.01.2026

This Privacy Policy (“Policy”) explains how Email-Connection Ltd. (“Email-Connection”, “we”, “us”, or “our”) collects, uses, and protects personal data in accordance with the EU General Data Protection Regulation (GDPR), UK GDPR, and other applicable privacy laws.

This Policy applies to visitors to our website www.email-connection.com, our customers, and the end users whose data we process on behalf of our customers through our email delivery and automation platform (the “Services”).

1. Roles and Responsibilities

Under the GDPR:

• Email-Connection acts as a Data Controller when processing personal data of its own customers, prospects, suppliers, and website visitors.
• Email-Connection acts as a Data Processor when processing data that our customers (the “Controllers”) collect from their users and send or manage through our Services.

We take both roles seriously and implement appropriate technical and organizational measures to ensure data protection in each context.

2. Data We Process as a Data Controller

When you interact directly with Email-Connection—by visiting our website, creating an account, requesting a demo, subscribing to updates, or communicating with us—we may collect the following data:

• Business and contact information: name, company name, email address, phone number, job title, and billing details.
• Account information: login credentials, subscription preferences, and service usage history.
• Technical information: IP address, device type, browser, operating system, and activity logs (collected via cookies and analytics tools).
• Communication history: messages sent to or from our sales, support, or marketing teams.

Purposes for Processing

We process this data to:

• Provide and manage your account and services.
• Send invoices and manage billing.
• Communicate product updates, offers, and support messages.
• Analyze website usage and improve our Services.
• Comply with legal or regulatory requirements.

Legal Bases

Processing is based on:

• Performance of a contract (e.g., providing our Services).
• Legitimate interests (e.g., business development, service improvement).
• Consent (e.g., for marketing communications).
• Legal obligation (e.g., accounting and tax compliance).

You can withdraw consent for marketing at any time by clicking “unsubscribe” in our emails or contacting dpo@email-connection.com.

3. Data We Process as a Data Processor

When customers use our Services to send, receive, or manage emails, Email-Connection processes data on their behalf. This may include:

• Recipient names, email addresses, and related metadata.
• Email content, subject lines, attachments, and campaign details.
• Interaction data such as opens, clicks, bounces, and unsubscribes.
• Technical delivery data such as message IDs, IP addresses, timestamps, and routing logs.

We process this information solely under our customers’ instructions, as described in the applicable Data Processing Agreement (DPA).

We do not use, sell, or share our customers’ end-user data for independent marketing or analytics purposes.

4. Data Sharing and Sub-Processors

We may share limited data with trusted third-party service providers (“Sub-Processors”) who assist us in operating the Services—such as infrastructure hosting, analytics, payment processing, and customer support.

Each Sub-Processor is bound by written data protection terms consistent with GDPR Article 28 requirements.

A current list of Sub-Processors is available upon request at dpo@email-connection.com.

We do not sell or rent personal data to third parties.

5. International Data Transfers

Email-Connection operates globally.

If personal data is transferred outside the European Economic Area (EEA) or UK, such transfers occur only where adequate safeguards are in place — such as Standard Contractual Clauses (SCCs) approved by the European Commission or other legally recognized mechanisms ensuring equivalent data protection.

6. Data Retention

We retain data only as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations.

• Data processed as a Controller is retained for as long as you maintain an active business relationship with us or as required by law.
• Data processed as a Processor is retained, archived, or deleted according to the customer’s written instructions and our contractual agreements.

7. Security Measures

Email-Connection implements appropriate technical and organizational security measures, including:

• Encrypted data transmission (TLS/SSL)
• Secure infrastructure and access controls
• Data segregation between customers
• Regular monitoring and vulnerability testing
• Employee confidentiality and privacy training

We also maintain an internal incident-response protocol for any suspected data breach and, where required, will notify affected customers and supervisory authorities within applicable legal timeframes.

8. Your Data Protection Rights

Depending on your location, you may have the following rights under applicable law:

• Access – to obtain a copy of your personal data.
• Correction – to rectify inaccurate or incomplete information.
• Erasure – to request deletion of your data (“right to be forgotten”).
• Restriction – to limit processing in certain circumstances.
• Portability – to receive your data in a structured, machine-readable format.
• Objection – to object to certain types of processing (e.g., marketing).
• Withdrawal of consent – at any time, where processing is based on consent.

Requests can be sent to dpo@email-connection.com.

If we process your data on behalf of a customer (as Processor), we will forward your request to that customer (the Data Controller) for handling.

9. Cookies and Tracking

We use cookies and similar technologies to operate and improve our website, analyze usage, and enhance user experience.

For more details, please see our Cookie Policy.

10. Legal Compliance and Enforcement

Email-Connection complies with the GDPR, UK GDPR, and other applicable privacy regulations.

We maintain documentation of all processing activities as required by Article 30 of the GDPR and provide our customers with a Data Processing Agreement upon request.

If a data breach occurs, we will notify the affected Controllers and supervisory authorities in accordance with Articles 33 and 34 of the GDPR.

11. Updates to This Policy

We may update this Privacy Policy periodically to reflect operational or regulatory changes.

The latest version will always be available at https://www.email-connection.com/privacy.html.

Material updates will be communicated via email or website notice.

12. Contact Information

Email-Connection Ltd. – Data Protection Office
Email: dpo@email-connection.com
Website: https://www.email-connection.com

If you are an EU or UK resident, you have the right to lodge a complaint with your local data protection authority.