Compliance Overview

MailCurrent.io is committed to maintaining the highest standards of compliance with international data protection regulations and industry best practices. Our compliance program ensures that your data is handled with the utmost care and security.

Data Protection

Compliant with GDPR, CCPA, and other major data protection regulations.

Security Standards

SOC 2 Type II compliance and industry-leading security practices.

GDPR Compliance

We are fully compliant with the General Data Protection Regulation (GDPR) and provide comprehensive data protection measures for our EU customers.

Data Subject Rights

Right to access personal data
Right to rectification
Right to erasure ("right to be forgotten")
Right to data portability
Right to object to processing

Data Protection Measures

Privacy by design principles
Data minimization practices
Consent management
Data breach notification procedures
Regular privacy impact assessments

CCPA Compliance

We comply with the California Consumer Privacy Act (CCPA) and provide California residents with specific rights regarding their personal information.

Consumer Rights

Right to know what personal information is collected
Right to know whether personal information is sold or disclosed
Right to say no to the sale of personal information
Right to access personal information
Right to equal service and price

Our Practices

We do not sell personal information
Clear privacy notices and disclosures
Easy-to-use opt-out mechanisms
Non-discrimination policies
Regular compliance audits

SOC 2 Type II Compliance

We maintain SOC 2 Type II compliance, demonstrating our commitment to security, availability, processing integrity, confidentiality, and privacy.

Security

Access controls
Network security
Vulnerability management

Availability

99.9% uptime SLA
Disaster recovery
Business continuity

Processing Integrity

Data validation
Error handling
Quality assurance

Email Compliance

We adhere to email industry standards and anti-spam regulations to ensure legitimate email delivery.

CAN-SPAM Act

Clear sender identification
Honest subject lines
Unsubscribe mechanisms
Physical address inclusion
Honor opt-out requests promptly

Technical Standards

SPF (Sender Policy Framework)
DKIM (DomainKeys Identified Mail)
DMARC (Domain-based Message Authentication)
Bounce handling
Complaint processing

Data Residency & Sovereignty

We understand the importance of data location and provide options for data residency based on your requirements.

Data Centers

Multiple geographic regions
Redundant infrastructure
Local data processing
Cross-border data transfer controls

Compliance Features

Data localization options
Encryption key management
Audit logging
Data retention policies

Third-Party Compliance

We work with trusted partners who maintain their own compliance certifications and security standards.

Payment Processing

Stripe is PCI DSS Level 1 compliant for secure payment processing.

Infrastructure

Cloudflare provides DDoS protection and security services with their own compliance certifications.

Monitoring

Our monitoring and analytics partners maintain their own security and compliance standards.

Compliance Monitoring & Auditing

We maintain continuous compliance monitoring and regular auditing to ensure ongoing adherence to standards.

Regular Audits

Annual SOC 2 audits
Quarterly security assessments
Monthly compliance reviews
Penetration testing

Monitoring

Real-time security monitoring
Compliance dashboard
Automated alerts
Incident response procedures

Compliance Contact

For compliance-related questions, data subject requests, or to report compliance concerns:

Data Protection Officer

Email: [email protected]
Subject: Data Protection Inquiry

Compliance Team

Email: [email protected]
Subject: Compliance Inquiry

Response Time

We respond to all compliance inquiries within 72 hours and process data subject requests within 30 days as required by applicable regulations.