Mailpro protects your personal data through layered controls — encryption in transit and at rest, restricted access, daily backups, audit logs, and Cloudflare-powered network protection. Data lives in our Swiss data center under GDPR-aligned safeguards.

Quick rule: only a small number of authorised staff can reach your data, and every access is logged. Sensitive data is encrypted with SSL/TLS in transit.

Encryption

  • SSL/TLS for every transfer between your browser, the API, the SMTP gateway, and our servers
  • Bcrypt password hashing — we never store cleartext passwords
  • Encrypted backups stored on the same Swiss infrastructure

Access controls

  • Per-user permissions inside your workspace (admin, editor, read-only)
  • Activity logged per user
  • Optional two-factor authentication for every account
  • Authorised staff access on a need-to-know basis with a duty of confidentiality

Network and infrastructure protection

  • Cloudflare — CDN and Web Application Firewall block intrusions, abusive traffic, and DDoS at the edge
  • Regular penetration tests and 24/7 infrastructure monitoring
  • Documented business continuity and disaster recovery plans

Payment data

Card payments are handled by PCI-compliant partners (Datatrans AG, Stripe, PayPal, PostFinance). Mailpro never sees or stores raw card numbers — only a payment token tied to your account.

Mailpro AI and external processors

When you use Mailpro AI features, the prompt content you submit is transmitted to a third-party AI provider (such as OpenAI) and processed under their security controls. We do not store AI prompts beyond what is needed to deliver the requested feature.

Your role in protecting your account

Set a strong password, enable 2FA, do not share credentials, and review the user permissions for your team regularly. Notify us if you suspect unauthorised access.

Related pages

See data security overview, how long we keep data, and your GDPR rights.

Want the full picture?

Read our complete privacy policy for the dual-entity setup, third-party processors, and the full list of safeguards.

Previous question

   

Next question

You might also be interested in:

How to Fix "DMARC Policy Not Enabled"

If a deliverability tool tells you "DMARC policy not enabled", your DMARC record exists but is set to p=none. That...

Read more

SMS regulations in Italy

Marketing SMS in Italy are governed by the GDPR, the Italian Data Protection Code (Legislative Decree 196/2003 as amended by...

Read more

What Is SPF (Sender Policy Framework)?

SPF (Sender Policy Framework) is an email authentication standard that lets a domain owner publish a list of servers authorized...

Read more

How Long Do We Keep Your Data?

Mailpro keeps your data only as long as it is needed for the services you use, your legal obligations, and...

Read more

What Is a Monitoring DMARC Policy?

A monitoring DMARC policy is the safest way to start with DMARC. You publish a TXT record with p=none, which...

Read more

Unleash the Power of Professional Email Marketing

Secure, scalable, and built for impact. Join Mailpro™ today and enjoy 500 free credits to send your first campaign.
Start Sending for Free