Our GDPR compliance

Everything you need to know about Alias Email's GDPR compliance.

Alias Email is committed to privacy, security, compliance, and transparency. This approach includes supporting our customers' compliance with EU data protection requirements, including those set out in the General Data Protection Regulation ("GDPR"), which has been in effect since May 25, 2018.

What is GDPR?

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).

To whom does the GDPR apply?

The GDPR applies to the processing of personal data of individuals within the EU. When you use Alias Email, we process personal data such as your email address and account information. Not all data subjects are necessarily EU individuals — but we apply GDPR-level protections to all users regardless of location.

Is Alias Email GDPR compliant?

Yes, Alias Email is compliant with the GDPR. This document outlines all the provisions we took to make sure we are complying fully with the regulation.

Information we hold

Registration and contact information. We collect information about you when you (a) register to use the Services and (b) otherwise provide contact information to us via email, mail, or through our Service. The information you provide is your email address. If you sign in via Google, we receive basic profile information from your Google account to create and link your account.

Payment information. When you purchase the Services, payment information is collected and processed by our payment provider, Paddle, which acts as the Merchant of Record. This may include your company name, company VAT (when applicable), credit card information, billing, and mailing address. We do not store any payment details on our servers — only the subscription status and order reference.

Technical, usage, and location information. With your consent, we use Google Analytics to collect anonymized usage data such as pages visited, referrer URLs, approximate location, and campaign information ("UTM" parameters). This data is only collected after you accept the cookie consent banner. We do not collect this information server-side.

Third-party platforms. We may collect information when you interact with our service on third-party sites or platforms, such as analytics sites. This may include information such as actions or the fact that you viewed or interacted with our content.

Other information. We may collect other information from you that is not specifically listed here. We may use any such information in accordance with our Privacy Policy or as otherwise permitted by you.

Data security and data breaches

We take data protection and security very seriously at Alias Email. We constantly monitor for security flaws and unauthorized access and we will take action immediately if something suspicious is detected. In an unlikely case of a data breach, we will notify the relevant supervisory authority within 72 hours as required by the GDPR, and will inform affected users if the breach is likely to result in a high risk to their rights and freedoms.

All data transfers are encrypted via HTTPS. Account data is retained for as long as the account exists and is deleted upon user request.

Data subject rights

All individual rights regarding GDPR will be enforced by our Alias Email team. If you want to exercise your GDPR rights, you can reach out to us at support@bump.email.

Those rights include:

Right to be informed: for the parties where we act as a controller, we inform our users what we do with their data.
Right to access: we can show all the data stored.
Right to object: contact us for any objection about how Alias Email is processing your personal data.
Right to be forgotten: we can erase data we hold about any individual.
Right to data portability: we can provide data held about you on request.
Right to rectification: your data can be updated from your account or manually by us on request.

Cookies we use

Below is a complete list of cookies set by Alias Email and third-party services we use. Essential cookies are required for the website to function and cannot be disabled. Analytics cookies are only set after you give consent.

Essential cookies

Cookie	Purpose	Duration
`sessionid`	Keeps you logged in and maintains your session	2 weeks
`csrftoken`	Prevents cross-site request forgery attacks	1 year
`cookie_consent`	Remembers your cookie consent choice	1 year

Functional cookies (authenticated users)

Cookie	Purpose	Provider
Crisp cookies	Live chat support widget (premium users only)	Crisp
Google Sign-In cookies	Authentication via Google account	Google
Paddle cookies	Payment processing during checkout	Paddle

Analytics cookies (require consent)

Cookie	Purpose	Duration
`_ga`	Distinguishes unique visitors (Google Analytics)	2 years
`_ga_*`	Maintains session state (Google Analytics)	2 years
`_gid`	Distinguishes unique visitors (Google Analytics)	24 hours

IP anonymization is enabled for Google Analytics. You can revoke your analytics consent at any time by clearing your cookies or using the cookie banner at the bottom of the page.