Login

GDPR Compliance

Last Updated: March 06, 2025

Introduction to GDPR

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. At Mailisto.AI, we are committed to ensuring that all our services are GDPR compliant.

Data Controller and Data Processor

Under GDPR, Mailisto.AI acts as a Data Processor when processing data on behalf of our customers. Our customers, who determine the purposes and means of processing personal data, act as Data Controllers. We have implemented technical and organizational measures to ensure that data processing is performed in accordance with GDPR.

Your Rights Under GDPR

The GDPR provides the following rights for individuals:

  • Right to be informed: You have the right to be informed about the collection and use of your personal data.
  • Right of access: You have the right to request a copy of the information that we hold about you.
  • Right to rectification: You have the right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to erasure: In certain circumstances, you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing: You have the right to request that we restrict the processing of your personal data.
  • Right to data portability: You have the right to have the data we hold about you transferred to another organization.
  • Right to object: You have the right to object to certain types of processing such as direct marketing.
  • Rights in relation to automated decision making and profiling: You have the right to challenge automated decisions and request human intervention.

How We Process Your Data

Mailisto.AI processes personal data in accordance with GDPR principles:

  • Lawfulness, fairness, and transparency: We process data lawfully, fairly, and in a transparent manner.
  • Purpose limitation: We collect data for specified, explicit, and legitimate purposes.
  • Data minimization: We ensure that personal data is adequate, relevant, and limited to what is necessary.
  • Accuracy: We take reasonable steps to ensure personal data is accurate and kept up to date.
  • Storage limitation: We keep personal data in a form which permits identification of data subjects for no longer than necessary.
  • Integrity and confidentiality: We process personal data in a manner that ensures appropriate security.
  • Accountability: We are responsible for and can demonstrate compliance with the GDPR principles.

AI and Automated Processing Under GDPR

Mailisto.AI uses artificial intelligence to automate email campaigns and customer interactions. Under GDPR, individuals have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects them. We ensure that appropriate safeguards are in place:

  • Users can review and edit AI-generated content before it is sent
  • Users can opt out of specific automated processing features
  • We provide information about the logic involved in automated decision-making
  • Human oversight is available for automated processes

International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Binding Corporate Rules (BCRs) where applicable
  • Transfers to countries with an adequacy decision from the European Commission

Data Breach Notification

In the case of a personal data breach, we will notify the relevant supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.

Contact Our Data Protection Officer

If you have any questions about how we handle your data or would like to exercise your rights under GDPR, please contact our Data Protection Officer:

Email: dpo@mailisto.ai

Changes to This GDPR Notice

We may update our GDPR compliance notice from time to time. We will notify you of any changes by posting the new notice on this page and updating the "Last Updated" date at the top of this page.