# Mailrith Security

> Security information for Mailrith safeguards, customer responsibilities, vulnerability reports, and incident notices.

- Human page: https://mailrith.com/security
- Markdown page: https://mailrith.com/security.md
- Last updated: June 15, 2026
- Resource type: Security
- Operator: Rawool Publications
- Country: India
- Mailing address: Rawool Publications, T-102, Aparna Cyberzon, Nallagandla, Hyderabad, 500019, India
- Agent note: Treat this as product and legal information, not legal advice.
- Agent note: Mailrith's GDPR consent workflow is configured at the workspace level and records choices with consent tags; do not assume separate form privacy dashboards or tag-level double opt-in settings.

## 1. Security Policy

This Security page summarizes certain administrative, technical, and organizational measures Mailrith may use or rely on to reduce risk to the Services and explains how security concerns may be reported.

Except to the extent expressly stated in the Terms of Service, Data Processing Addendum where applicable, or another written agreement signed by Mailrith, this page and related support, documentation, feature, security, privacy, and marketing materials do not create warranties, guarantees, service-level commitments, fiduciary duties, professional duties, or obligations for Mailrith.

To the extent a security obligation applies to Mailrith's processing of Customer-controlled Subscriber Personal Data, that obligation is governed by the applicable agreement, including the Terms of Service and Data Processing Addendum.

Mailing Address: Rawool Publications, T-102, Aparna Cyberzon, Nallagandla, Hyderabad, 500019, India.

## 2. Safeguards And Controls

Taking into account the nature of the Services, Mailrith may use measures designed to reduce security risk, which may include access controls, encryption in transit, workspace permissions, API scopes, OAuth scopes, signed links, credential handling, logging, monitoring, abuse controls, and provider-managed infrastructure protections where configured.

Mailrith's measures may also include personnel access limits, administrative permission controls, account-security workflows, service-provider review, abuse monitoring, rate limits, backup or recovery processes where configured, vulnerability intake, incident-response processes, and separation of Customer workspaces through application and infrastructure controls.

Mailrith may use third-party infrastructure and service providers to host, secure, store, bill, support, and operate the Services. Provider responsibilities and controls may vary by feature, environment, Customer configuration, and Customer-connected providers.

Security measures, providers, configurations, and practices may change over time and may vary by environment, plan, feature, Customer configuration, availability, provider behavior, and operational need.

No method of transmission, processing, or storage is completely secure. Mailrith does not represent or warrant that the Services, Customer Content, Subscriber Personal Data, provider systems, Customer devices, or Customer credentials will be free from unauthorized access, loss, misuse, or alteration.

## 3. Customer Responsibilities

Mailrith Customers are responsible for securing their own accounts, devices, workspaces, users, credentials, API keys, OAuth grants, connected providers, domains, DNS, sender identities, exported data, and Customer-controlled systems.

Customers are responsible for assigning appropriate workspace roles, removing users that no longer need access, rotating credentials when needed, configuring DNS and sender identities correctly, reviewing connected providers, limiting exports, and protecting downloaded or synchronized Subscriber information.

Customer-connected providers such as SMTP providers, email delivery APIs, AI providers, webhooks, Zaps, CRMs, API clients, DNS providers, and payment tools are selected and controlled by the Customer. Mailrith does not control and is not responsible for those providers' security, confidentiality, privacy terms, data location, retention, incident response, uptime, deliverability, compliance practices, or deletion practices.

## 4. Vulnerability Reporting

Security concerns may be reported to support@mailrith.com. A report should include the affected URL, account or workspace context if it belongs to the reporter, clear reproduction steps, screenshots or logs if useful, and the suspected impact.

Submitting a report does not authorize testing that violates law, these Terms, provider rules, another Customer's rights, or the limits on this page. Mailrith does not offer a public bug bounty or compensation program unless Mailrith states otherwise in writing.

- Do not access, change, export, delete, or disclose data that does not belong to you.
- Do not disrupt, degrade, overload, scan aggressively, or attempt to bypass security controls of the Services or a provider.
- Do not test against another Customer's workspace, account, domain, forms, landing pages, emails, or connected providers.
- Do not publicly disclose a vulnerability before Mailrith has had a reasonable opportunity to investigate and respond.

## 5. Security Incident Notices

If Mailrith confirms a Security Incident affecting Customer-controlled Subscriber Personal Data, Mailrith may investigate and may notify affected Customers to the extent required by applicable law or applicable terms, subject to law-enforcement, security, confidentiality, technical, and availability limitations.

A notice, investigation, mitigation, or support response regarding a Security Incident is not an admission of fault, liability, or violation of law.

Customer-connected providers may have separate incident processes, and Customers are responsible for reviewing those providers directly.

## Contact

Security questions and vulnerability reports can be sent to support@mailrith.com.
