Privacy Policy

Nexmail, Inc. — Effective Date: February 10, 2026 • Last Updated: February 10, 2026

Nexmail, Inc. ("Nexmail," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered email marketing platform and related services (collectively, the "Services"). By accessing or using our Services, you agree to this Privacy Policy.

Our Services are designed for businesses, including eCommerce brands and marketing agencies. We provide AI-powered email marketing software that generates email copy and designs, builds campaign calendars, integrates with platforms like Klaviyo and Shopify, tracks performance, and uses AI to optimize future campaigns.

1. Information We Collect

1.1 Information You Provide to Us

When you create an account or use our Services, we collect:

  • Account Information: Name, email address, business name, and login credentials
  • Billing Information: Payment details processed securely through our third-party payment processor, Stripe
  • Company Metadata: Industry, brand voice, product information, and other business-related data you provide to personalize your experience

1.2 Information from Third-Party Integrations

When you connect third-party platforms (such as Klaviyo, Shopify, or other email marketing and eCommerce platforms) to our Services, we may collect:

  • Campaign Performance Data: Email engagement metrics including open rates, click-through rates, and revenue data
  • Product Information: Product catalog data from your eCommerce platform
  • Order and Revenue Data: Transaction data tied to your campaigns
  • Email Content: Email templates and content from connected platforms

Important Note: Nexmail does not directly collect personal information about your end customers (such as email addresses or purchase history of individual consumers) unless accessed via integrations strictly for analytics purposes. We process this data solely to provide campaign performance insights and optimization recommendations to you.

1.3 Automatically Collected Information

We automatically collect certain information when you use our Services, including:

  • Usage Data: Information about how you interact with our platform, features used, and time spent
  • Device Information: IP address, browser type, operating system, and device identifiers
  • Cookies and Tracking Technologies: We use cookies for authentication, session management, performance analytics, and tracking email component engagement via unique URLs, including heatmap-style engagement tracking at the component level

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and Improve Services: To generate and personalize AI-driven email copy and designs, build campaign calendars, and deliver our core platform functionality
  • Campaign Optimization: To improve campaign recommendations, power benchmarking and performance dashboards, and optimize future campaigns using AI
  • AI Model Training: To train and improve our internal optimization models using aggregated and anonymized data. Individual customer identities and specific campaign details are not exposed in our AI training processes. Machine learning is primarily used to enhance design generation and personalization for your own account
  • Account Management: To process billing, manage your account, and communicate with you about our Services
  • Platform Development: To develop new features, enhance existing functionality, and improve overall user experience
  • Security and Compliance: To detect and prevent fraud, maintain platform security, and comply with legal obligations
  • Communications: To send you service-related notifications, updates, and marketing communications (which you can opt out of at any time)

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

3.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our Services, including:

  • Cloud Hosting Providers: Such as Amazon Web Services (AWS) and Google Cloud Platform (GCP) for data storage and infrastructure
  • Payment Processors: Stripe processes payment information on our behalf
  • Email and SMS Platforms: Platforms like Klaviyo that you integrate with our Services
  • Analytics Providers: Third-party analytics services to help us understand platform usage
  • AI Infrastructure Providers: Services that support our AI model processing and optimization

These service providers are contractually obligated to use your information only as necessary to provide services to us and are prohibited from using it for their own purposes.

3.2 Business Transfers

If Nexmail is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

3.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, or government agencies).

3.4 With Your Consent

We may share your information with other third parties when you have given us explicit consent to do so.

4. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes described in this Privacy Policy:

  • Account Data: We retain your account information while your account is active
  • Campaign and Performance Data: We retain campaign data for benchmarking and analytics purposes unless you request deletion
  • Deleted Accounts: When you delete your account, we will delete or anonymize your personal information within 90 days or longer, unless you request earlier deletion. Some information may be retained longer if required by law or for legitimate business purposes (such as fraud prevention)

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encrypted API integrations using OAuth 2.0
  • Encryption in transit using HTTPS/TLS
  • Role-based access control and token-based authentication
  • Secure cloud hosting infrastructure
  • Restricted internal data access
  • Comprehensive logging and monitoring

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

6. Your Rights and Choices

Depending on your location and applicable law, you may have certain rights regarding your personal information:

6.1 Access and Portability

You have the right to request access to the personal information we hold about you and to receive a copy of that information in a portable format.

6.2 Correction and Update

You can update your account information at any time through your account settings. If you need assistance, contact us at accounts@nexmail.com.

6.3 Deletion

You have the right to request deletion of your personal information. You can delete your account through your account settings or by contacting us. Please note that we may retain certain information as required by law or for legitimate business purposes.

6.4 Disconnect Integrations

You can disconnect third-party integrations (such as Klaviyo or Shopify) at any time through your account settings.

6.5 Marketing Communications

You may opt out of receiving marketing emails from us by clicking the "unsubscribe" link in our emails or by contacting us directly. You will continue to receive transactional and service-related communications.

6.6 Do Not Sell My Personal Information

We do not currently sell personal information. If our practices change in the future, we will update this Privacy Policy and provide you with the ability to opt out of such sales as required by applicable law, including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

7. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, as well as the categories of sources, purposes for collection, and third parties with whom we share your information
  • Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions
  • Right to Correct: You have the right to request correction of inaccurate personal information
  • Right to Opt-Out: While we do not currently sell personal information, if we do in the future, you will have the right to opt out of such sales
  • Right to Non-Discrimination: You have the right to not be discriminated against for exercising your privacy rights

To exercise these rights, please contact us at accounts@nexmail.com. We will verify your identity before processing your request.

8. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and equivalent laws:

  • Right of Access: You have the right to obtain confirmation of whether we process your personal data and to access that data
  • Right to Rectification: You have the right to correct inaccurate or incomplete personal data
  • Right to Erasure: You have the right to request deletion of your personal data under certain circumstances
  • Right to Restriction: You have the right to request restriction of processing of your personal data
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used format
  • Right to Object: You have the right to object to processing of your personal data for certain purposes
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority

We process personal data on the following legal bases: (1) performance of our contract with you, (2) compliance with legal obligations, (3) our legitimate business interests, and (4) your consent where required. When we transfer personal data outside the EEA, we use appropriate safeguards such as standard contractual clauses.

9. International Data Transfers

Nexmail is based in California, United States. If you access our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.

These countries may have data protection laws that differ from those in your country. By using our Services, you consent to the transfer of your information to the United States and other countries. We take appropriate measures to ensure that your personal information remains protected in accordance with this Privacy Policy.

10. Children's Privacy

Our Services are intended for businesses and individuals who are at least 18 years old. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

11. Third-Party Links and Integrations

Our Services may contain links to third-party websites or integrate with third-party platforms (such as Klaviyo and Shopify). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing them with any personal information.

12. Email Marketing Compliance (CAN-SPAM)

We comply with the CAN-SPAM Act and other applicable email marketing regulations. Our Services are designed to help you conduct compliant email marketing campaigns. You are responsible for ensuring that your use of our Services and your email marketing practices comply with all applicable laws, including obtaining proper consent from your subscribers and providing clear unsubscribe mechanisms.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this Privacy Policy. If we make material changes, we will notify you by email or through a prominent notice on our platform prior to the changes taking effect.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Nexmail, Inc.
Email: accounts@nexmail.com

We will respond to your inquiries in a timely manner and work to address your concerns.

Thank you for trusting Nexmail with your business.