Letterbox

 Contact forms without the hassle

Privacy Policy

Introduction
  • This privacy policy explains how Letterbox collects, uses, and protects your personal information
  • Letterbox is operated by Eray by Flurdy Ltd
  • By using Letterbox you agree to the practices described in this policy
What information we collect
  • Account information: your email address and password when you register
  • Contact form data: form names, recipient names and email addresses that you configure
  • Messages: the content of messages sent through your contact forms, if archiving is enabled
  • Technical data: IP addresses and basic server logs for security and operational purposes
  • Payment information: billing details are collected and stored by our payment provider Braintree, not by Letterbox directly
How we use your information
  • To operate the Letterbox service and deliver messages from your contact forms
  • To manage your account, membership, and billing
  • To communicate with you about your account or service changes
  • We do not use your information for marketing purposes or sell it to third parties
How we store and protect your data
  • Your data is stored on servers within the EU
  • Passwords are hashed and never stored in plain text
  • All connections are encrypted via TLS/HTTPS
  • We try to store as little information as possible about you, your forms, and your messages
Who we share your data with
  • We do not sell or share your personal information with third parties for their own purposes
  • Your recipient email addresses are shared with our email delivery providers solely to deliver messages
  • Payment details are processed by Braintree (a PayPal service)
  • We may disclose information if required by law or to protect the security of the service
Cookies
  • Letterbox stores an encrypted session cookie in your browser to keep you logged in
  • This cookie contains your email address but no other personal information
  • We do not use tracking cookies or third-party analytics cookies
Data retention
  • Account data is retained for as long as your account is active
  • Archived messages are retained for a minimum of 30 days and may be purged after that to manage storage
  • Server logs and backups containing incidental personal data are retained for a limited time
  • You can delete your archived messages at any time through your account settings
Inactive and incomplete accounts
  • Accounts with no login activity for 12 months or more may be disabled after warning emails are sent
  • Accounts without a verified email or active contact forms after a reasonable period following registration may be disabled and subsequently deleted
  • Accounts with an active paid membership are exempt from automatic inactivity or incompleteness actions
  • We will send at least two warning emails before disabling any account
  • When an inactive account is disabled, your data (account details, forms, recipients, archived messages) is retained and the account can be reactivated by logging in
  • Incomplete accounts that remain disabled for a reasonable period (at least 30 days) will be permanently deleted along with all associated data
  • This policy does not affect your right to request deletion of your account and data at any time, as described in the Terms & Conditions
Your rights
  • You can access and update your account information through your profile page
  • You can delete your contact forms and recipients at any time
  • You can delete your archived messages at any time
  • You can request a copy of your personal data by contacting us
  • You can request deletion of your account and associated data by contacting us
Children
  • Letterbox is not intended for use by children under 16 and we do not knowingly collect data from children
Changes to this policy
  • We will notify you of material changes to this privacy policy by email
  • By continuing to use Letterbox after changes are posted, you agree to the updated policy
Contact
  • For privacy-related questions or requests, contact us