Who we are
The servers where user data is stored are located in Vancouver, British Columbia, Canada.
We take steps where possible to limit the personal data we collect. The following are the ways in which we may collect personal data:
1.Visiting our website. We keep records of the activity that takes place on our website, including a record of Internet Protocol Addresses (IP addresses) used by website visitors and account holders. We use this information to analyse market trends, gather broad demographic information, and to prevent abuse of our services.
2.Creating an account. When you create an account, we will ask for a Name and an Alternate Email (for backup). As part of the account creation process, your IP address will be recorded. We use this information to analyse market trends, gather broad demographic information, and to prevent abuse of our services. During account creation we store a Unique ID which is uploaded to our Analytics service. Once your account is created, we discard the connection between this Unique ID and your account.
3.Making a purchase. When you make a purchase through the Topmail website, we use Braintree (a wholly owned subsidiary of Paypal) to process your payment. We do not store your credit card number on our servers.
4. Signing in to your account and our record of your activity. When you sign into your account, either by using a web browser or using other software, we will record certain information about your activity. When you perform actions such as reading or moving an email, we will also record these actions. We record this information to help resolve customer support queries, maintain services, and for the purpose of preventing abuse. Information we record may include your IP address, your browser type, browser language, date and time of the action, account usernames, sender and recipient email addresses, file names of attachments, subjects of emails, URLs in the bodies of unencrypted email, and any other information that we deem necessary to record for the purposes of maintaining the system and preventing abuse.
5. Communicating with us. When you communicate with us, you may provide us with personal data about yourself. Your communication with us may be retained in our system.
How we store your data
1. When you sign up for an account, you consent to your account and any other account data being stored on the Topmail servers.
2.If you have an encrypted email in your account, it will be stored on the Topmail servers encrypted. If you have an unencrypted email in your account, it will be stored on the Topmail servers unencrypted.
How we use your data
1.We do not analyse the email in your account for the purpose of displaying advertisements.
2.We do not and will never share your account data with any third-party except as specified in this policy. We will never sell your account data under any circumstances.
3.We do not and will never share your email address with mailing lists. We will never initiate contact with you unless the communication is account related, or unless you have consented to such communication.
4.You have the option to report email you receive as spam. Doing so will transmit a copy of the message you are reporting to the provider of the software we use on our servers to filter spam. Reporting email as spam improves the filter’s ability to detect email as spam.
5.If you send an email using Topmail mail, your IP address will not appear in the headers of the email. The IP address that will appear in the headers of the email will be that of our servers. We keep a record of your IP address when you sign in to your account and send an email.
6.When you are signed into your account, Topmail displays your recent sign-in activity including the time, date, approximate geographic location, and the IP address of the ISP you used to access the Internet. We do this to assist you in identifying any unauthorized access to your account by a third party. The information we use to display this is gathered from our records; we do not track your actual location.
7.We use third-party services for some parts of our website such as our help system. When you use these services your account name and your name will be come part of your user account on that service.
How long do we retain your data?
The following outlines how our data retention policy affects the email in your account and your account data:
1.Email in your account will stay in your account as long as your account is active. If you delete an email, or the entire contents of your account, it will be removed from your account at that time.
2.If you delete your account or request we delete your account for you, your account and the email in the account will be removed from our servers at the time of deletion. Deleting your account will not delete records of your activities.
3.The records we keep of your activities are permanently deleted after approximately 18 months. Records that are stored for statistical purposes may be kept indefinitely.
4.Your email and data may reside in our backups for a period of approximately three weeks subsequent to an email or an account being deleted.
5. Accounts that have been created and are never used may be deleted.
For information on how you can close and delete your account, please email email@example.com
6.If you let your paid subscription lapse then your account may be suspended.
For information on how you can cancel your subscription and delete your account, please email firstname.lastname@example.org
Disclosure of account data
Under normal circumstances, we do not and will never disclose account data to anyone other than the owner of an account. We will always attempt to authenticate any requests that require the disclosure of account data to ensure they come from the account owner. If we are unable to successfully authenticate a request, we do not disclose any account data.
We will only disclose account data in the following circumstances:
1.If we receive an order enforceable under the laws of British Columbia, Canada, compelling us to disclose account data for a specific user account. The account data we disclose may include data in an unencrypted format. Because such orders generally state that we are not permitted to disclose the existence of the order to a user, we will not disclose to any user the existence, or nonexistence, of any order we may have received.
2.Where there are exigent circumstances, such as where the safety or well-being of an individual or individuals is in imminent danger, and we believe in good faith that the disclosure of account data is reasonably necessary to protect against such harm, we will disclose account data. This may include but is not limited to the welfare of a child, or an act of terrorism.
3.We comply with Canadian Bill C-22 as enacted into law in Canada. “An act respecting the mandatory reporting of Internet child pornography by persons who provide an Internet service”. This means that should we become aware of a user that is using the Topmail service for the transmission or storage of Internet child pornography, we are required to report this to the appropriate authorities and preserve data in the user’s account. As a result of this notification, we may receive an order enforceable in British Columbia, Canada, requiring the disclosure of account data.
We do not include any personal data in cookies. We do not share cookie information with other websites under any circumstances.
We do not use any third-party advertising providers on our website.
We do not analyse your email for the purpose of displaying advertisements. Our spam filters analyse email for the purpose of preventing spam, viruses, and abuse.
Access to your personal data
We only collect personal data from users that is relevant to the purposes outlined above. We take reasonable steps to ensure that the personal data we collect is reliable, accurate, and complete. Users can access the personal data held in their customer record by contacting us at: email@example.com
Compliance with EU Data Protection Directive 95/46/EC
The European Commission recognises that the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) provides adequate protection for the transfer of personal information and health information from the EU to Canada.
More information on this can be found here:
We value your opinions and appreciate your comments. If you have any questions or concerns, please contact us: firstname.lastname@example.org