Privacy Policy
Last updated: May 7, 2026
This Privacy Policy describes how MSH Software ("we", "us", or "our") collects, uses, and protects your personal data when you visit postfix-milter.com ("the Website") or purchase our software products.
By using the Website, you agree to the collection and use of information in accordance with this policy.
Information we collect
Information you provide directly
- Account and purchase data - name, email address, billing address, and payment information when you purchase a license or create an account.
- Support requests - any information you include when contacting us for support, such as email address, technical details, and correspondence.
- Download requests - email address if required to access downloads.
Information collected automatically
- Log data - IP address, browser type, browser version, pages visited, time and date of visit, and time spent on pages.
- Cookies - small data files placed on your device. See our Cookie Policy for details.
- Usage data - general analytics about how the Website is used (pages viewed, referral sources, etc.).
How we use your information
We use the information we collect to:
- Process and fulfill software license purchases.
- Send license keys, download links, and purchase confirmations.
- Provide customer support.
- Send important product updates, security notices, and release announcements.
- Improve the Website and our software products.
- Comply with legal obligations.
- Detect and prevent fraud.
We do not use your personal data for automated decision-making or profiling.
Legal basis for processing (GDPR)
If you are located in the European Economic Area (EEA), we process your personal data under the following legal bases:
- Contract - processing necessary to fulfill a purchase or provide support you requested.
- Legitimate interests - improving our products, preventing fraud, and ensuring Website security.
- Legal obligation - compliance with applicable laws and regulations.
- Consent - where you have explicitly opted in (e.g., marketing emails).
Sharing your information
We do not sell, trade, or rent your personal data to third parties. We may share your data with:
- Payment processors - to complete transactions. Payment processors handle payment data directly and are bound by their own privacy policies and PCI-DSS standards.
- Hosting and infrastructure providers - who host the Website and related services, under strict data processing agreements.
- Legal authorities - when required by law, court order, or to protect the rights and safety of MSH Software or others.
Data retention
We retain your personal data for as long as necessary to:
- Maintain your license records and provide support.
- Comply with legal, accounting, or reporting obligations.
- Resolve disputes and enforce our agreements.
Purchase records are typically retained for 7 years to comply with tax and accounting requirements. You may request deletion of non-essential data at any time (see Your rights below).
Your rights
Depending on your location, you may have the following rights regarding your personal data:
- Access - request a copy of the personal data we hold about you.
- Rectification - request correction of inaccurate or incomplete data.
- Erasure - request deletion of your personal data, subject to legal retention requirements.
- Restriction - request that we limit the processing of your data.
- Portability - request your data in a structured, machine-readable format.
- Objection - object to processing based on legitimate interests.
- Withdraw consent - where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, contact us at contact@mshsoftware.com.
If you are in the EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.
Data security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include:
- Encrypted transmission (HTTPS/TLS) for all data exchanged with the Website.
- Access controls limiting who can view personal data internally.
- Regular review of data collection and storage practices.
No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
International transfers
Your data may be transferred to and processed in countries outside your country of residence. Where data is transferred outside the EEA, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses) to protect your personal data in accordance with this policy.
Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For significant changes, we will provide a more prominent notice. We encourage you to review this page periodically.