Last reviewed
2026-05-19
These pages describe the current Mailionaire private-alpha and prelaunch posture. Signed order forms, invoices, or pilot agreements take precedence where they define more specific terms.
Controller and contact
Mailionaire is operated by GetCandidates LLC. The controller contact for privacy requests is privacy@allbound.ch. Product support requests can be sent to support@mailionaire.ch.
GetCandidates LLC, Hermetschloostrasse 35, 8048 Zurich, Switzerland.
VAT number: CHE-474.485.371.
For signed pilots or invoices, the contracting entity details in that document also apply.
Data we process
Account and contact data, including email address, customer display name, plan, quota, billing state, and portal session metadata.
Provisioning data, including approved root domains, mailbox counts, job status, redacted job logs, audit events, consent state, and customer-visible recovery data.
Provider connection data supplied by the customer, including registrar, EmailBison, Pax8, Microsoft tenant, and BYO tenant details needed to verify or run the service.
Payment and subscription identifiers from Stripe. Card details are handled by Stripe, not stored in Mailionaire.
Operational telemetry such as request IDs, security events, rate-limit events, and minimal logs needed to operate and secure the product.
Why we process data
To provide the portal, API, MCP endpoint, provisioning workflow, support, billing, abuse prevention, and security monitoring.
To verify customer-controlled provider credentials and route orders only for approved domains and workspaces.
To maintain auditability for state-changing actions and customer-safe recovery after failed or partial jobs.
To comply with tax, accounting, contractual, security, and legal obligations.
Legal bases
Contract performance or pre-contractual steps when processing is needed to provide the service.
Legitimate interests for security, abuse prevention, service reliability, support, and product operation.
Legal obligations for billing, accounting, incident handling, and regulatory requests.
Consent where a specific integration or customer action requires it, such as Microsoft admin consent.
Controller and processor roles
Mailionaire acts as controller for its own account administration, billing, security, abuse prevention, support, and product operations.
For customer-supplied domains, mailbox instructions, provider credentials, connected workspaces, and provisioning outputs, Mailionaire generally acts as processor or service provider for the customer unless a signed agreement says otherwise.
Customers remain responsible for the lawfulness of their outreach, tenant administration, domain use, campaign recipients, and provider-account instructions.
Subprocessors and third-party systems
Mailionaire uses subprocessors and customer-selected third-party systems only where needed for the product. Current alpha dependencies are documented in the trust packet.
Infrastructure and deployment providers for the portal, API, worker, database, and operational hosting.
Stripe for checkout, subscription, invoice, and payment portal workflows.
Resend or configured mail delivery for portal magic-link email.
Microsoft, Pax8, Porkbun, and EmailBison where the customer connects or authorizes those systems for provisioning.
International transfers
Mailionaire is operated from Switzerland and uses EU/Swiss-oriented infrastructure where practical. Some connected providers or support systems may process data in Switzerland, the EEA, the United Kingdom, the United States, or other countries depending on the customer's selected provider configuration. Where required, transfers rely on adequacy decisions, standard contractual clauses, data processing terms, or another lawful transfer mechanism.
Retention and deletion
Raw customer secrets are intended to stay out of logs, public status, customer-visible artifacts, and repository state.
Provider credentials remain stored only while needed for the connected service and can be rotated or disconnected.
Portal magic-link tokens are short-lived. Customer API tokens are stored as hashes, and raw token values are shown only when generated.
Operational job and audit records are retained while needed for service durability, customer support, abuse investigation, accounting, and legal requirements.
Billing records are retained according to tax, accounting, Stripe, and contractual requirements.
Offboarding requests should include export, revoke, rotate, and delete steps for vendor-held alpha access.
Your rights
Depending on the applicable law, you may request access, correction, deletion, restriction, objection, portability, or information about processing. Contact privacy@allbound.ch. You may also contact the Swiss Federal Data Protection and Information Commissioner or, where applicable, an EU supervisory authority.
Cookies and tracking
The portal uses essential cookies for sign-in, magic-link confirmation, token handoff, and session security. The current product surface does not rely on advertising tracking or cross-site analytics cookies.
Security
The product uses customer-scoped tokens, signed portal sessions, rate limits, request size limits, redacted errors, security headers, and audit logging. No web application can be made risk-free, so incidents are handled according to the alpha incident response summary.
Changes to this policy
This policy will be updated as Mailionaire moves from private alpha toward public launch, adds subprocessors, changes retention practices, or introduces non-essential tracking.