Privacy is engineered into every workflow

We collect account information provided by your teams, operational telemetry generated by the platform, and limited message metadata required for deliverability.

• Account administrators: name, work email, role, authentication logs.
• Operational logs: sending events, IP reputation metrics, policy enforcement outcomes.
• Support interactions: details you choose to share when engaging with Mecurial specialists.

Data powers deliverability, compliance automation, and platform improvements. We never sell or broker your data.

• Operate and secure the Mecurial control plane, including fraud detection and rate limiting.
• Provide analytics, dashboards, and evidence packs tied to your tenants.
• Support training, documentation, and customer success programs.

We retain message metadata only as long as required for deliverability and compliance guarantees.

• Message bodies are encrypted at rest and deleted according to your retention policy.
• Telemetry events used for analytics are aggregated and anonymized when possible.
• You may request deletion of account data via the console or by contacting privacy@mecurial.com.

Authorized administrators can manage personal data, residency, and policy enforcement.

• Role-based access ensures teams only view data required for their responsibilities.
• Audit trails track every access request, export, and policy change.
• Data processing agreements are available for regulated regions.

We comply with regional transfer mechanisms and provide deterministic residency options for regulated workloads.

• EU data may be stored within EU-only infrastructure with Standard Contractual Clauses in place.
• Sovereign routing keeps public sector workloads within approved boundaries.
• Contact privacy@mecurial.com to review regional compliance documents.