Documentation Pricing Support
Try PageMailer

Privacy Policy & Data Processing Agreement

Last updated: August 1, 2025

At PageMailer, we respect your privacy and are committed to protecting personal data. This document serves both as our Privacy Policy and as our Data Processing Agreement (DPA) under the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and similar data protection laws.

By using PageMailer, you, as the Data Controller, engage PageMailer as your Data Processor to process personal data solely for the purposes described herein.

1. Definitions

  • “Controller”: The natural or legal person who determines the purposes and means of the processing of personal data. This is you, the customer.
  • “Processor”: The natural or legal person who processes personal data on behalf of the Controller. This is PageMailer.
  • “Processing”: Any operation performed on personal data, whether automated or not, such as collection, storage, alteration, transmission, or deletion.

2. Subject Matter of Processing

When generating emails from your Confluence pages, we temporarily process the following data:

  • Images: SVGs are converted to PNG; other image formats (JPEG, PNG, GIF) are compressed and sometimes resized, depending on their original size (sent to our first party API for processing).
  • Links: Metadata (title, description, preview image) may be fetched from links in the page if needed for layout (sent to our first party API for processing).
  • Page content: The Confluence page is rendered as an email (done within Atlassian infrastructure).

⚠️ We do not store any content, metadata, or images after processing. No personal data is stored or retained by PageMailer after the email has been generated and delivered.

3. Duration of Processing

Processing occurs only during the generation of the requested email and ends immediately upon delivery to your configured email provider (e.g., Gmail). No personal data is stored after processing is complete.

4. Nature and Purpose of Processing

The sole purpose of processing is to transform Confluence page content into a properly formatted email and deliver it to your chosen email provider. We do not:

  • Use the data for any other purpose.
  • Store, log, or retain the data.
  • Perform analytics, tracking, or advertising on the data.

5. Categories of Data Subjects

Depending on your Confluence content, processing may involve data relating to:

  • Your organization’s Confluence users’ name and avatar when using @mentions
  • Any individuals whose personal data appears in the page content

PageMailer does not determine which personal data is included; this is entirely under the Controller’s control.

6. Obligations of PageMailer (Processor)

PageMailer will:

  1. Process data only on documented instructions from the Controller, including with respect to transfers of personal data to a third country, unless required by law.
  2. Ensure confidentiality of anyone authorized to process the personal data.
  3. Not engage sub-processors without your prior consent. (Note: The only third parties involved are your configured email provider(s), such as Gmail, which you control.)
  4. Implement appropriate technical and organizational measures to protect the personal data during processing.
  5. Assist the Controller in fulfilling obligations regarding data subject rights, data protection impact assessments, and breach notifications, to the extent applicable.
  6. Delete or return all personal data after processing is complete.

7. Obligations of the Controller

You, as the Controller, are responsible for:

  • Ensuring you have a lawful basis for processing the personal data you provide.
  • Ensuring the data does not infringe on the rights of data subjects.
  • Configuring and managing your chosen email provider in compliance with applicable laws.

8. International Transfers

PageMailer does not transfer personal data internationally, except to your configured email provider if that provider is located outside your jurisdiction, as well as its own first-party API located in the United States (if your company operates outside of the United States and relies on Atlassian infrastructure outside the U.S).

You are responsible for ensuring your email provider(s) offers adequate protection.

9. Your Rights (Data Subjects)

Under GDPR and CCPA, you have the right to:

  • Access, rectify, or delete your personal data
  • Restrict or object to processing
  • Lodge a complaint with a supervisory authority

Because we do not store your data, most rights requests will not apply; however, we will assist you in addressing any inquiries. Contact us via support.

10. Contact

For privacy or data processing questions, please contact support.

This Privacy Policy & DPA forms part of the agreement between you and PageMailer and is effective for as long as you use the service.