Privacy Policy

Privacy Policy

1&1 Mail & Media Inc. ("mail.com") has created this Privacy Policy in order to demonstrate our commitment to privacy to our customers and users of this website. This Privacy Policy governs the manner in which mail.com uses, maintains and discloses information collected from its customers and users of its website.

Key Terms:

• We, us, our: mail.com or 1&1 Mail & Media Inc.
• Data Protection Officer: Data Protection Officer of 1&1 Mail & Media Inc. (dataprivacy@corp.mail.com)
• Personal information: Any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with a particular consumer or household.
• Sensitive personal information: Personal information revealing a consumer's social security number, driver's license and passport numbers, account numbers and credentials, precise geolocation, racial or ethnic origin, religious beliefs, or union membership, personal information concerning a consumer's health, sex life, or sexual orientation, contents of a consumer's mail, email and text messages where the business is not the intended recipient, genetic data, and biometric information.
• Biometric Information: An individual’s physiological, biological, or behavioral characteristics, including information pertaining to an individual’s deoxyribonucleic acid (DNA), that is used or is intended to be used singly or in combination with each other or with other identifying data, to establish individual identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.

Children

mail.com does not knowingly collect personal information from customers under 18. mail.com understands, however, that parents, guardians, or other adults often register our products for family use, including use by minors. Because some information is collected electronically, it may appear to be that of the registered mail.com customer, and will be treated as such by this Privacy Policy. If we learn that a customer under the age of 18 has submitted personal information to mail.com we will attempt to delete the information as soon as possible.

Information We Collect

mail.com may request or collect personal information from online users in a variety of ways, including through online forms for ordering products and services, and other instances where users are invited to volunteer such information. The data we collect is information that identifies you personally. In the preceding 12 months, we have collected the following categories and specific types of consumer personal information:

• Your name
• Gender
• Date of Birth
• Postal address
• E-mail address
• Telephone number
• Credit card information
• Other billing information

We save this information so that it can be available to you to be used for such purposes as customer authentication.

You can modify your personal information at any time by logging in to your account at mail.com and navigating to My Account -> Personal Data.

To delete your account in its entirety, please navigate to My Account and follow the instructions under “Delete Account.” For more information on managing your account see the help section in your mail.com account. mail.com may also collect information about how users access the website using a tracking ID unique to each user through the use of cookies.

What are Cookies?

A cookie is a piece of data stored on the user's computer tied to information about the user. We may use both session ID cookies and persistent cookies. Third parties may also be placing and reading cookies on your browser, or using web beacons to collect information in the course of advertising being services on our website. For session ID cookies, once you close your browser or log out, the cookie terminates and is erased. A persistent cookie is a small text file stored on your computer’s hard drive for an extended period of time. Your browser’s help file contains information and instructions for removing persistent cookies. Session ID cookies may be used by mail.com to track user preferences while the user is visiting the website. They also help to minimize load times and save on server processing. Persistent cookies may be used by mail.com to store whether, for example, you want your password remembered or not, and other information. Cookies used on the mail.com website do not contain personally identifiable information.

Log Files

Like most standard websites, we use log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the site, track user's movement in the aggregate, and gather broad demographic information for aggregate use. However, none of the information stored in our log files, including but not limited to IP addresses, is linked to personally identifiable information.

How We Use and Share this Information

mail.com may use the personally identifiable information collected by mail.com to contact customers regarding products and services offered by mail.com and, to the extent the user has agreed to it, by its trusted affiliates, independent contractors and business partners. We may also use this information and share it with trusted third parties for research purposes regarding the effectiveness of our website services, marketing, advertising and sales efforts, and to create links between two or more customer devices. mail.com will not share this information with a third party for a third party’s marketing purposes unless you specifically authorize such information sharing. mail.com does not sell or rent your contact information to third parties.

Furthermore, mail.com may use this information collected by mail.com for:

• Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards;
• Helping to ensure security and integrity to the extent the use of the consumer's personal information is reasonably necessary and proportionate for these purposes;
• Debugging to identify and repair errors that impair existing intended functionality;
• Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer's current interaction with the business, provided the consumer's personal information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer's experience outside the current interaction with ;
• Performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business or service provider;
• Providing advertising and marketing services, except for cross-context behavioral advertising, to the consumer;
• Undertaking internal research for technological development and demonstration;
• Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business;
• To comply with our legal and regulatory obligations;
• For the performance of our contract with you or to take steps at your request before entering into a contract;
• For our legitimate interests or those of a third party;
• Where you have given consent.

Third party cookies and tracking

We allow third-party companies to serve ads and/or collect certain anonymous information when you visit our website. These companies may use non-personally identifiable information (e.g., click stream information, browser type, time and date, subject of advertisements clicked or scrolled over) during your visits to this and other Web sites in order to provide advertisements about goods and services likely to be of greater interest to you. These companies typically use a cookie or third-party web beacon to collect this information. To learn more about this behavioral advertising practice or to opt-out of this type of advertising, you can visit network advertising.

Disclosure of Information

mail.com may disclose your personal information as it deems necessary, in mail.com‘s sole discretion, to:
(a) comply with legal process or other legal requirements, including but not limited to responding to civil or criminal subpoenas, search warrants, national security letters, court orders, or other requests for information from law enforcement officials;
(b) protect and defend the rights or property of mail.com or its officers, agents, affiliates, licensees, and customers; or
(c) carry out its obligations under or enforce this Agreement or to assign its rights under this Agreement.
mail.com may from time to time use third-party technology and/or engage third parties, including its own subsidiaries and affiliated companies, to preserve, analyze or otherwise store or process data received by mail.com from its customers. Such third-party service providers are required to treat all such data with the same degree of care as mail.com and are prohibited from disclosing such data to any other person or party, except as otherwise provided for in this Privacy Policy.
MAIL.COM RESERVES THE RIGHT (SUBJECT TO APPLICABLE LOCAL LAW), IN ITS SOLE DISCRETION, TO MONITOR YOUR ACCOUNT, INCLUDING BUT NOT LIMITED TO THE USE OF A USER'S MAIN ACCOUNT AND ANY SUB-ACCOUNTS, FOR THE PURPOSE OF INVESTIGATING VIOLATIONS OF THIS AGREEMENT OR TO ASSIST WITH CRIMINAL OR CIVIL INVESTIGATIONS.
mail.com may also disclose aggregate, anonymous data based on information collected from users to trusted third parties, investors, and potential partners. In such cases, only statistical information will be disclosed and personally identifiable data will be kept confidential. In case mail.com is sold, the information collected from users may be transferred to the new owners.

We may also collect information from the following categories of sources:

• Publicly accessible sources (e.g., property records);
• Third party (e.g., sanctions screening providers, credit reporting agencies, customer due diligence providers, advertising networks, internet service providers, social networks, data analytics providers, government entities, and data brokers);
• Cookies on our website;
• Automated information collection;
• Our IT systems, including:

• Door entry systems and reception logs;
• Automated monitoring of our websites and other technical systems, such as our computer networks and connections, CCTV and access control systems, communications systems, email and instant messaging systems.

Special Offers and Updates

On rare occasions, it is necessary to send out a strictly service-related announcement, if, for instance, our service is temporarily suspended for maintenance. Generally, users may not opt-out of these communications, though they can deactivate their account. However, these communications are not promotional in nature.

Maintenance of Information

The information provided to mail.com is saved indefinitely and may be stored on one or more databases directly or indirectly maintained by mail.com. mail.com employs industry-standard security measures to protect the confidentiality of the information. While we cannot guarantee that loss, misuse or alteration of data will not occur, we make every effort to prevent such occurrences.

Your Responsibility

You are responsible for the security of your Customer ID and passwords. Make sure you keep them in a safe place and do not share them with others. Always remember to log out after your session ends to ensure that others cannot access your private personal information. You should take this precaution even if you are not using a public computer, such as at a library or internet café, but even when using your private computer in your home.

Your California Privacy Rights

You have the right under the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA), and certain other privacy and data protection laws, as applicable, to exercise free of charge:

Disclosure of Personal Information We Collect About You:
You have the right to know, and request disclosure of:

• The categories of personal information we have collected about you, including sensitive personal information;
• The categories of sources from which the personal information is collected;
• Our business or commercial purpose for collecting, selling, or sharing personal information;
• The categories of third parties to whom we disclose personal information, if any; and
• The specific pieces of personal information we have collected about you.

Please note that we are not required to:

• Retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;
• Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; or
• Provide the personal information to you more than twice in a 12-month period.

Disclosure of Personal Information Sold, Shared, or Disclosed for a Business Purpose:
In connection with any personal information we may sell, share, or disclose to a third party for a business purpose, you have the right to know:

• The categories of personal information about you that we sold or shared and the categories of third parties to whom the personal information was sold or shared; and
• The categories of personal information that we disclosed about you for a business purpose and the categories of persons to whom the personal information was disclosed for a business purpose.

You have the right to opt-out of the sale of your personal information or sharing of your personal information for the purpose of targeted behavioral advertising. If you exercise your right to opt-out of the sale or sharing of your personal information, we will refrain from selling or sharing your personal information, unless you subsequently provide express authorization for the sale or sharing of your personal information.

To opt-out of the sale or sharing of your personal information click here.

Right to Limit Use of Sensitive Personal Information:
You have the right to limit the use and disclosure of your sensitive personal information to the use which is necessary to:
Perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services;

To perform the following services:

• Helping to ensure security and integrity to the extent the use of the consumer’s personal information is reasonably necessary and proportionate for these purposes;
• Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer’s current interaction with the business, provided that the consumer’s personal information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer’s experience outside the current interaction with the business;
• Performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business; and
• Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business; and as authorized by further regulations

You have a right to know if your sensitive personal information may be used, or disclosed to a service provider or contractor, for additional, specified purposes.

To limit the use of your sensitive personal information click here.

Right to Deletion: Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:

• Delete your personal information from our records;
• Direct any service providers or contractors to delete your personal information from their records.
• Direct third parties to whom the business has sold or shared your personal information to delete your personal information unless this proves impossible or involves disproportionate effort.

Please note that we may not delete your personal information if it is reasonably necessary to:

• Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
• Help to ensure security and integrity to the extent the use of the consumer’s personal information is reasonably necessary and proportionate for those purposes;
• Debug to identify and repair errors that impair existing intended functionality;
• Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
• Comply with the California Electronic Communications Privacy Act;
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;
• Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us
• Comply with an existing legal obligation; or
• Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.

Right of Correction:
If we maintain inaccurate personal information about you, you have the right to request us to correct that inaccurate personal information. Upon receipt of a verifiable request from you, we will use commercially reasonable efforts to correct the inaccurate personal information.

Protection Against Retaliation:
You have the right to not be retaliated against by us because you exercised any of your rights under the CCPA/CPRA. This means we cannot, among other things:

• Deny goods or services to you;
• Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
• Provide a different level or quality of goods or services to you; or
• Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

Please note that we may charge a different price or rate or provide a different level or quality of [goods and/or services] to you, if that difference is reasonably related to the value provided to our business by your personal information. We may also offer loyalty, rewards, premium features, discounts, or club card programs consistent with these rights or payments as compensation, for the collection of personal information, the sale of personal information, or the retention of personal information.

How to Exercise Your Rights
The exercise of these rights and the access to the information provided will not lead to any discriminatory treatment, nor will it negatively affect the service. You may only make a personal information request twice in a 12-month period. We will respond within 45 days of receiving a personal information request.

In addition to the above mentioned and in response to the requirements of CCPA, it is our aim to extend the transparency of the information collected and shared with third parties, which is why on pages related to data protection, such as the "Privacy Policy" and/or "Data Collection", the information referred to encompasses the data processing of the past twelve months.

You can find more information or exercise your rights under CCPA here: Do not sell my personal information.

Your GDPR Rights (only for residents in Europe)

Controller

The protection of your personal information is a top priority for 1&1 Mail & Media Inc. We adhere to the relevant data privacy laws and would like to provide comprehensive information about the handling of your data in the following notice. The responsibility for data protection lies with:

1&1 Mail & Media Inc.
100 North 18th Street Suite 400
Philadelphia, PA 19103

Data Protection Officer

Data Protection Officer of 1&1 Mail & Media Inc.

1&1 Mail & Media Inc.
100 North 18th Street Suite 400
Philadelphia, PA 19103

or e-mail: dataprivacy@corp.mail.com

Your Rights as a Data Subject

• According to the European General Data Protection Regulation (GDPR), every data subject has the right of access according to Article 15 GDPR,
• to rectification according to Article 16 GDPR,
• to erasure according to Article 17 GDPR,
• to restriction of processing according to Article 18 GDPR,
• to object according to Article 21 GDPR, and
• to data portability according to Article 20 GDPR.
• We will address your requests in accordance with the legal requirements.
• If you have any questions, please do not hesitate to contact our customer service.
• Moreover, you have the right to lodge a complaint with a data privacy supervisory authority (Article 77 GDPR).

You can also file a complaint with the supervisory authority in your country.

Click here to find the supervisory authority in your country

This is how you can exercise your rights:

Right of access by the data subject
In the customer self-care center of your mail.com account, you will find an overview of all your settings and data that you have stored with mail.com.
You can request further information from our customer help center and/or data protection officer using the contact details above.

Rectification, Erasure and Restriction of Processing
In your mail.com inbox under ‘My Account’, you can view your data and manage it yourself. If you have a contractual relationship with us, please understand that we save and process your data as required for the term of your contract. There may also be retention duties arising from legal requirements, for example commercial or tax law.

Revocation of Your Consent
You can revoke the granted consent at any time. This also applies to the revocation of declarations of consent that you provided to us before the entry into force of the EU General Data Protection Regulation, i.e. before May 25, 2018. Processing that took place before the revocation is not affected by this.
If you no longer wish to receive interest-based online advertising, you can revoke your consent using the Permission Management.

Objection According to Art. 21 GDPR, you have the right to object to the processing of your personal data that is done on the basis of Art. 6 (1) (f) GDPR (data processing is necessary for the purposes of the legitimate interests).

Your Right to Data Portability You have the right to receive your personal data in a structured, commonly used and machine-readable format, and you have the right to transmit this data to someone else. You have this right if the processing of your data is based on consent in accordance with Art. 6 (1) (a) GDPR, Art. 9 (2) (a) GDPR or a contract pursuant to Art. 6 (1) (b) GDPR. When exercising this right, you may also choose to have the affected data transmitted directly by us to another controller if this is technically feasible.
If you want to do it yourself, go to ‘My Account‘ where you will find the option of exporting your data under the item ‘Personal Data‘.

Right not to be subject to a decision based solely on automated processing
We do not use any automated decision-making as specified by Art. 22 GDPR which produces legal effects or significantly affects you.

Voluntary nature of the data provided
In cases in which data processing is based on your consent, you provide your data voluntarily and you can withdraw your consent at any time. However, in some cases, we need your information to provide our services in accordance with our GTCs, e.g. within the scope of mail.com Free Webmail, or to process this data in our legitimate interest (see next point).

Legitimate Interests
Occasionally, we also process the data of our customers on the legal basis of Art. 6 (1) (f) GDPR. When processing your data in this case, we may pursue the following legitimate interests:

• improve our products and/or services
• protect from abuse
• internal statistical purposes

Transmission of Data Abroad
Please note that this product is intended for an audience in the United States, and that the information is processed on servers located in the United States. The processing of the information therefore takes place in this territory.

We also transfer personal data in the following cases:

To our group companies for the following purposes:

• File data are transmitted to other group companies and a central file that is kept by United Internet AG, Montabaur, for the purpose of protecting all group companies. If there is a legitimate interest, this data will be made available to other group companies for a specific purpose, taking into account the customer's legitimate interests. You can view the names and locations of our group companies on the United Internet website.
• To third-party service providers in order to facilitate the services provided for us.
• This can include providers of services such as website hosting, data analysis, information technology and the provision of related infrastructure, customer service, e-mail delivery and other services.
• We may also use and disclose your personal data if it is necessary or appropriate, in particular if we have a legal obligation or a legitimate interest in this regard:
• To comply with applicable laws and regulations.
• This may include laws outside of your country of residence.
• To work with public agencies and government agencies.
• To answer a request or to provide information that we believe is important.
• These authorities can also be located outside of your country of residence.
• To work with law enforcement agencies.
• For example, to respond to inquiries or orders from law enforcement agencies or to provide information that we believe is important.
• Due to other legal bases.
• To assert our terms and conditions.
• To protect our rights, privacy, safety or property, or the property of our affiliates, you or others.
• In connection with a sale or a business transaction.

We have a legitimate interest in disclosing or transferring your personal data to third parties in the event of a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or part of the company, all assets or shares (including in connection with bankruptcy or similar proceedings). Such third parties can include e.g. an acquiring company and its consultants.

The following information applies to e-mails and address book and calendar data, except in certain exceptional (and justified) cases, which we will describe in greater detail in the respective product category below.

Retention Periods
We only store your personal data as long as is necessary for the purpose or, if a longer retention period is concerned, as long as is required or permitted in accordance with applicable law. The duration of our business relationship with you (e.g. the period in which you maintain your account with us) or the fact that we must retain the data due to a legal obligation are decisive for this purpose.

Questions

If you are not a resident of California or Europe, and you wish to exercise any of the rights described above, please contact us.
For questions concerning this Privacy Policy please contact customer support.
© 1&1 Mail and Media Inc., 2023, All rights reserved
Version: Feb 06, 2023