SENDMAILER PRO – PRIVACY POLICY - DefinedBytes: Smart Solutions for Modern Business

SENDMAILER PRO – PRIVACY POLICY
Effective date: 2026-02-19

1. Who we are (Data Controller)
Trade name: DefinedBytes
Legal entity (Data Controller): DefinedBytes (sole proprietorship registered in Poland)
NIP: 8951760884
REGON: 540945171
Contact (privacy): privacy@definedbytes.com

This Privacy Policy applies to the SendMailer Pro Windows desktop application (“SendMailer Pro”, “the App”).
SendMailer Pro is distributed via the Microsoft Store.

2. What SendMailer Pro does (local-first design)
SendMailer Pro helps you create and send personalized emails from your own email accounts.
The App is designed as “local-first”:
– recipient lists, templates, attachments, and campaign configuration are stored on your PC,
– we do not provide any “DefinedBytes mailboxes” or vendor email servers,
– we do not route your email content through DefinedBytes servers.

Emails are sent through the provider you choose/configure (e.g., Gmail API, Microsoft 365/Outlook, or SMTP).

3. Data stored and processed locally on your device
Depending on the features you use, the App may store locally on your device (under your Windows user account):
– sender account configuration (e.g., host/port for SMTP, sender identity, sending method)
– authentication tokens (only if you sign in using OAuth with a provider such as Google or Microsoft)
– recipient lists and custom fields used for personalization (your contacts database)
– templates and message content you create (subject/body)
– attachments you choose to store or generate, and sending history/logs (if enabled)
– campaign settings (e.g., scheduling, send interval, account rotation, pause/retry rules, blocklist)

DefinedBytes does not receive this local data unless you explicitly choose to share it with us (for example, by contacting support and attaching logs/files).

4. Email sending and third‑party email providers
When you send an email, the App transmits the email data you choose to send (recipient addresses, subject, body, and attachments) to:
– your selected email provider’s servers / APIs (e.g., Gmail API, Microsoft services, or an SMTP server configured by you), and
– the intended recipients and their email providers / mail servers as part of email delivery.

This transmission is necessary for sending the email and is initiated by you (the user).

5. Google OAuth / Gmail API (minimum scope: gmail.send)
If you connect a Gmail account, SendMailer Pro uses Google OAuth to request permission to send email via the Gmail API using the scope:
https://www.googleapis.com/auth/gmail.send

This scope is used to send messages only, i.e., to send the message you create in the App.
The App does not request scopes to read your mailbox, list messages, or access message history.

OAuth tokens are stored locally on your device and used only to authenticate and send emails at your request.
You can revoke the App’s access at any time in your Google Account security settings.

6. Google user data processed by the App
In the context of Gmail API usage, “Google user data” relevant to SendMailer Pro includes:
– the email message data you choose to send (recipient addresses, subject, body, attachments),
– OAuth credentials/tokens required to authorize sending on your behalf (stored locally on your device).

SendMailer Pro does not upload your contact database, templates, or campaign history to DefinedBytes servers.

7. With whom we share, transfer, or disclose Google user data
This section explicitly describes with whom we share, transfer, or disclose Google user data.

We do not sell Google user data.

We do not share, transfer, or disclose Google user data to third parties for purposes other than providing the App’s user‑facing functionality you request (sending emails).

In practice, when you use Gmail API sending, the email message data you choose to send (recipients, subject, body, attachments) is disclosed only to:
a) Google (Gmail API / Gmail servers) for the sole purpose of sending the email you requested, and
b) your intended recipients and their email providers / mail servers for the sole purpose of delivering that email.

We do not disclose Google user data to advertising platforms, data brokers, information resellers, or for credit‑worthiness/lending decisions.

We may disclose information if required to comply with applicable law, regulation, legal process, or enforceable governmental request, or to protect our rights and security.

8. Google API Services User Data Policy (Limited Use) & AI/ML training
SendMailer Pro’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

We limit our use of data obtained via Google Workspace APIs (including Gmail API) to providing the user‑facing functionality of the App that you choose (sending emails).

AI/ML model training commitment:
We do not retain or use data obtained through Google Workspace APIs (including Gmail API) to develop, improve, or train generalized / non‑personalized AI or ML models.

9. Diagnostics and analytics (Microsoft App Center) – opt‑in only
SendMailer Pro can use Microsoft App Center for crash reporting (diagnostics) and usage analytics ONLY if you explicitly enable diagnostics/analytics in the App settings. This option is disabled by default.

If enabled, App Center may collect technical data such as:
– a per-installation identifier (Install-ID) and app identifier keys
– session information and device properties (e.g., device model, OS version)
– crash/diagnostic data (e.g., error logs, stack traces)
– network information (e.g., IP address as part of network communication)

We do not intentionally include your email content (subject/body/attachments) or your recipient lists in diagnostics/analytics.

10. Purchases and licensing
Purchases, licensing, and refunds are handled by Microsoft Store. We do not receive your payment card data.
Microsoft may provide us with aggregated sales/usage information in the developer portal.

11. Retention and deletion
– Local app data remains on your device until you delete it using the App (where applicable), delete it manually, or uninstall the App.
– OAuth tokens stored locally remain until you remove the connected account from the App, delete local app data, or revoke access in your provider account settings (e.g., Google Account security).
– If you enable App Center diagnostics/analytics, retention is managed by Microsoft according to their services and settings.

If you want assistance with deleting any data that might have been shared with us (for example, if you emailed us logs), contact: privacy@definedbytes.com.

12. Security
We implement reasonable measures to protect the App and any data it stores locally.
Because SendMailer Pro stores operational data on your device, device security matters. We recommend:
– protecting your Windows account with a strong password/sign‑in,
– using device encryption where available,
– keeping your operating system up to date.

13. Your rights and choices (EEA/UK and other regions)
If GDPR applies, you may have rights to access, rectify, erase, restrict processing, object, and data portability, subject to applicable law.
Because the App is local-first, you can typically exercise many of these rights by deleting or modifying your local data on your device.
For requests or questions, contact: privacy@definedbytes.com.

If you are a California resident and applicable law applies, you may have certain rights to request information or deletion, subject to legal limitations.
We do not sell personal information.

14. Changes to this policy
We may update this policy from time to time. The latest version will be published with a new effective date.