Privacy Policy

Last updated: January 2026

Overview

Transmit ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our email platform.

Information We Collect

Account Information

When you create an account, we collect your email address, name, and password (hashed). We use this to authenticate you and provide our services.

AWS Credentials (BYOK Mode)

If you choose to use our "Bring Your Own Key" (BYOK) mode, you provide your own AWS SES credentials. These credentials are encrypted using AES-256-GCM before storage. They are decrypted only in memory during email operations and are not intentionally logged or stored in plaintext. In our default Managed Mode, you do not need to provide any AWS credentials.

Email Data

We process email metadata (sender, recipient, subject, timestamps) for analytics and delivery tracking. Email content is processed but not stored long-term unless required for specific features you enable.

Usage Data

We collect analytics on how you use our platform to improve our services. This includes pages visited, features used, and error logs.

How We Use Your Information

  • To provide and maintain our services
  • To process and deliver emails through our managed infrastructure (Managed Mode) or your own AWS SES account (BYOK Mode)
  • To send you important updates about our services
  • To respond to support requests
  • To improve our platform and develop new features

Data Security

We implement industry-standard security measures:

  • AES-256-GCM encryption for sensitive credentials
  • TLS encryption for all data in transit
  • Edge-native architecture minimizing attack surface
  • Regular security reviews

Data Retention

We retain your data for as long as your account is active. Email logs are retained based on your plan tier (7-90 days). You can request deletion of your account and associated data at any time.

Third Parties

We use the following third-party services:

  • Cloudflare - Infrastructure and edge computing
  • AWS - Email delivery engine (we use Transmit's infrastructure for Managed Mode, and your infrastructure for BYOK Mode)
  • Clerk - Authentication

Data Processing Locations

Our services are built on Cloudflare's global edge network, meaning your requests may be processed at the nearest Cloudflare data center. Database storage is located in Cloudflare's D1 infrastructure. Email delivery is processed through AWS SES in the US region (for Managed Mode) or your configured region (for BYOK Mode).

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your data
  • Object to data processing

Contact

For privacy-related inquiries, contact us at reply@xmit.sh