Privacy Policy

Effective Date: December 31, 2025

plop.email ("Plop," "we," "us," or "our") is operated by Comonad Limited (company number: 15713725). We respect your privacy and are committed to protecting the personal data we process when you use the plop.email service (the "Service"). This Privacy Policy explains how we collect, use, store, and protect your personal data, and the choices you have about your information.

1. Data We Collect

When you use the Service, we may collect and process the following categories of information:

• Account information: Name, email address, organization details, authentication data, and billing metadata.
• Inbox content: Email messages, headers, metadata, and attachments that you route to Plop inboxes for storage and processing.
• Usage data: Log data about how you interact with the Service, including IP addresses, device and browser data, API request metadata, and feature usage.
• Configuration data: Settings you provide such as mailbox names, tags, routing preferences, and webhook targets.
• Support communications: Information you share when contacting support or collaborating with us.

2. How We Use Your Data

We use your data to:

• Provide, operate, and maintain the Service.
• Store, index, and deliver inbox content per your instructions.
• Improve reliability, performance, and security.
• Communicate about product updates, support, and billing.
• Comply with legal obligations and enforce our Terms.

3. Legal Bases for Processing

We process personal data based on contractual necessity, legitimate interests, compliance with legal obligations, and consent where required (for example, marketing communications or non-essential cookies).

4. Data Sharing & Disclosure

We may share data with:

• Service providers: Infrastructure, analytics, email delivery, and payment processors that help us run the Service.
• Legal authorities: When required by law or to protect the rights, safety, and security of Plop and our users.
• Business transfers: If we undergo a merger, acquisition, or asset sale.

We do not sell your personal data.

5. International Transfers

We may process data in countries where our providers operate. When transferring data internationally, we apply appropriate safeguards consistent with applicable law.

6. Data Retention

We retain data for as long as needed to provide the Service and comply with legal obligations. Inbox content is retained according to your settings or until you delete it. Usage data may be retained for analytics and security purposes.

7. Your Rights

Depending on your location, you may have rights to access, correct, delete, or export your personal data, and to object to or restrict certain processing. To exercise these rights, contact us at the address below.

8. Security

We use administrative, technical, and physical safeguards designed to protect your data. No system is completely secure, and you are responsible for maintaining the security of your account credentials.

9. Children's Privacy

The Service is not intended for individuals under 18, and we do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy with a new effective date.