Privacy Policy

Last updated: 22 February 2026

This Privacy Policy explains how Dependal Ltd (“Dependal”, “we”, “us”) collects and uses personal data when you visit our website, use our dashboard, or use our transactional email API and related services (the “Service”).

1. Who we are

Dependal Ltd is the controller of personal data processed for our own business purposes (for example, account management and billing). When we process email content and recipient data on behalf of our customers for message delivery, we typically act as a processor.

2. Data we collect

Depending on how you use the Service, we may process:

  • Account data: name, email, authentication identifiers, organisation details.
  • Usage and technical data: API keys/identifiers, request metadata, timestamps, IP address, user agent, logs.
  • Email delivery data: sender domain, recipient address, message metadata, delivery/bounce/complaint events.
  • Support data: messages you send to support and related context.

3. How we use data

We use personal data to:

  • Provide, secure, and operate the Service (including sending and event logging).
  • Prevent abuse and maintain deliverability (including enforcing suppressions and throttles).
  • Authenticate users and administer accounts.
  • Provide customer support and respond to enquiries.
  • Comply with legal obligations and enforce our terms/policies.

4. Legal bases

Where we act as controller, we process data based on:

  • Contract (to provide the Service).
  • Legitimate interests (to secure the Service, prevent abuse, and improve reliability).
  • Legal obligation (where applicable).

Where we act as processor, our processing is governed by our customer’s instructions and applicable data protection law.

5. Sharing and subprocessors

We use third-party providers to operate the Service. This may include infrastructure and email delivery providers. For example, we use Amazon Web Services (AWS) to host and operate service components.

We may also share information where required for security, abuse prevention, or legal compliance.

6. International transfers

Our providers may process data in different countries. Where applicable, we use appropriate safeguards for international transfers.

7. Data retention

We retain data only as long as necessary for the purposes described above, including to provide auditability, troubleshoot issues, and maintain suppressions and abuse controls. Retention periods may vary by data type and customer configuration.

8. Security

We implement reasonable technical and organisational measures designed to protect personal data, including access controls and monitoring. No method of transmission or storage is 100% secure.

9. Your rights

If we are the controller of your personal data, you may have rights such as access, correction, deletion, restriction, and objection. To exercise rights, contact privacy@dependal.com.

10. Contact

Email: privacy@dependal.com
Support: support@dependal.com