MailMan
U
Back

Privacy Policy

Last updated: March 27, 2026

1. Who We Are

MailMan is operated by Lexopoly Inc. ("we," "us," "our"). This policy describes how we collect, use, and protect your information when you use MailMan.

2. Information We Collect

  • Account information: Email address, name, and password (stored as a one-way hash — we cannot read your password).
  • Mailing details: Recipient names and addresses you provide for mail delivery.
  • Uploaded documents: PDF files you upload for mailing.
  • Payment information: Processed by our third-party payment provider. We do not store credit card numbers or bank account details on our servers.
  • Security scan data: When you upload a file, we scan it for malware. We retain a cryptographic hash of the file, the scan verdict, and scan duration for audit purposes.
  • API keys: If you create API keys, we store a record of each key's name and last-used timestamp for your account management.
  • Tracking information: For mailings with tracking, we store USPS tracking numbers, delivery status updates, delivery timestamps, and recipient signature names when provided by USPS.
  • Usage data: IP addresses, browser type, and access timestamps in server logs.

3. How We Use Your Information

  • To print and mail your documents via postal carriers.
  • To process payments for mailing services.
  • To generate certificates of mailing (affidavits).
  • To scan uploaded files for malware and security threats.
  • To communicate with you about your mailings and account.
  • To comply with legal obligations.

4. Data Retention

  • Uploaded PDFs: Retained for 90 days after delivery confirmation, then permanently deleted.
  • Mailing records: Retained for the lifetime of your account for your reference.
  • Security scan logs: Retained indefinitely for audit and security purposes. Scan logs contain file hashes and verdicts, not document content.
  • Account data: Retained until you request deletion.

5. Third-Party Service Providers

We use third-party providers for payment processing, postal fulfillment, email delivery, and infrastructure hosting. These providers receive only the information necessary to perform their services. We do not sell, rent, or share your personal information for marketing purposes.

6. Data Security

We protect your data with encryption in transit (TLS), hashed passwords, API key authentication, and automated malware scanning of all uploaded files. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

You may request access to, correction of, or deletion of your personal information by contacting us. Upon account deletion, we will remove your personal data, subject to any legal retention requirements.

8. Changes

We may update this policy from time to time. We will notify you of material changes via email or a notice on the service.

9. Contact

Lexopoly Inc. — [email protected]