Sign Up
Sign In
Sign Up
Sign Up

Privacy Policy

 

  1. Data Protection Overview

General Information

This Privacy Policy explains what personal data we collect when you use our website or services, how we use that data, and what rights you have. Personal data means any information that can identify you directly or indirectly.

Data Collection on This Website

Who is responsible for data processing?
Data is processed by the website operator:

Mailtale
Kevin Lasarz
Möhringer Landstraße 108
70563 Stuttgart – Germany

How do we collect your data?

  • You provide data directly, e.g., by filling out forms.
  • Technical data (e.g., browser type, operating system, access time) is collected automatically when you use the website.
  • If you use our service via Google OAuth, we may access and process data from your Google Business Profile (see section “Google API Data”).

Why do we collect your data?

  • To ensure proper functionality of the website
  • To provide our core service (automated review responses)
  • For contract initiation and fulfillment
  • To improve the user experience and our services
  1. Hosting and Data Security

Our data is securely processed and stored in data centers provided by Amazon Web Services (AWS), located in Frankfurt, Germany.
These facilities are certified under ISO 27001, ISO 27017, and ISO 27018 standards.
For more information, visit the AWS Compliance Page.

  1. Processing of Google User Data

When you connect your Google Business Profile to our service via OAuth, the following data may be accessed:

  • Review content (text, star rating, creation date)
  • Reviewer name (if publicly visible)
  • Business information (e.g., name, location, categories)
  • Response history

This data is used exclusively for the following purposes:

  • To generate automated review responses
  • To display and manage reviews in your Mailtale dashboard
  • To calculate review score improvement forecasts (Rating Improvement Calculator)
  • To support multi-location account management
  • To analyze user sentiment and trends

We do not share this data with third parties. All data is processed and stored solely to fulfill the services you opted into.

We fully comply with Google’s
Limited Use Requirements,
including:

  • Not using data for advertising
  • Not selling or transferring user data
  • Limiting access to only the data needed to provide core functionality
  • Using secure and up-to-date data handling practices
  1. Data Retention

We retain your personal and Google API data only as long as necessary for the stated purposes or to comply with legal obligations.
You may request deletion of your data at any time, unless we are legally required to retain it (e.g., for tax or contractual obligations).

  1. Your Rights

You have the right to:

  • Request access to your stored data
  • Request correction or deletion of your data
  • Withdraw consent for future data processing
  • Request restriction of data processing under specific conditions
  • File a complaint with the relevant data protection authority

To exercise your rights, please contact us at: [Insert Email Address]

  1. Data Transfer and International Access

No data is transferred outside the EU. All data is hosted in Germany under strict EU-GDPR compliance.

  1. Updates

This Privacy Policy is regularly reviewed and updated to reflect changes in our services, applicable laws, or data handling practices.
Last updated: 15th of May 2025