Privacy Policy

MyMissionLetters ("we", "us", or "our") is committed to protecting the privacy of everyone who uses our service. This Privacy Policy explains what information we collect, how we use it, and your rights with respect to that information.

Account holders provide the following when signing up:

• Your name and email address (used for login and account communication)
• Your missionary's name and @missionary.org email address(es)
• Your preference for marketing communications

List members provide only their email address when joining an email list. List members do not create accounts and are not associated with an account holder's login credentials.

Contact and support form submissions include your name, email address, and the message you provide.

Mission archive is retained to help account holders track which emails were sent and when.

We use the information we collect to:

• Operate and deliver the Service — routing emails from authorized senders to list members
• Send transactional emails, such as welcome messages, join confirmations, and confirmations when a list member leaves a list
• Respond to support and contact requests
• Send product and service updates to account holders who have opted in
• Monitor for abuse and maintain the security of the Service

We do not sell, rent, or trade your personal information to third parties.

The core function of MyMissionLetters is to forward emails. When an authorized sender sends an email to your broadcast address, that email — including its content, formatting, and attachments — is delivered to your list members. We do not read, analyze, or store the content of broadcast emails beyond what is necessary for delivery and logging.

Authorized senders can add existing emails to a list's mission archive by either forwarding them to the list's Forward-to-Archive address (prefix forward-) or CC-ing the Direct-Archive address (prefix direct-) when composing a new email. Either flow may include content originally sent by or to third parties who haven't directly consented to having their messages stored in our service — for example, a message a missionary received from a friend or mission leader, or an email composed for a small audience that's also CC'd to Direct-Archive. By using either flow, the authorized sender takes responsibility for the appropriateness of the archive entry. Owners can delete archive entries at any time from the mission archive page; deletion removes the row, the stored HTML, the source .eml, and any attachments from our storage.

We rely on the following third-party providers to operate the Service:

• Supabase — authentication and database storage
• SendGrid (Twilio) — outbound email delivery
• Cloudflare — inbound email routing and infrastructure
• Stripe — payment processing
• Vercel — web hosting and privacy-friendly aggregate analytics
• Sentry — error monitoring; receives diagnostic context (including your account email) when an error occurs during your session, so we can triage and fix issues

These providers access your data only as necessary to perform services on our behalf and are contractually required to keep your information confidential.

We retain your account information, list members, and mission archive for as long as your account is active. If you delete your account, the following are permanently removed from our database immediately:

• Your account name and email address
• Your missionary's name and email address(es)
• All list members on every list you owned
• All mission archive and message content
• Your missionary's login (if your missionary set one up)

List member email addresses are also removed from a list when the list member leaves the list — via the leave link included in every broadcast — or when the account holder removes them manually.

Data retained by third-party providers. Some data lives outside our database with the providers we use to deliver the Service. We cannot delete this data on your behalf, but we minimize what flows to each provider:

• Stripe retains payment transaction records — including the billing information you provide during checkout, payment amounts, and timestamps — for the period required by financial-records regulations (typically seven years). We pass only an internal identifier to Stripe with each charge; we do not share your account name or email with Stripe ourselves.
• SendGrid retains email delivery event logs (sent, delivered, bounced) for 30 days. After 30 days these logs are automatically purged. We do not maintain a separate contact list with SendGrid.
• Supabase may retain authentication records briefly after an account is deleted; these are purged within Supabase's internal retention window.
• Cloudflare processes inbound emails in transit and does not retain message content beyond the short operational delivery window required to forward them.
• Sentry retains error events — including the affected user's account ID and email plus relevant request context — for the period defined in our Sentry plan (typically 30 to 90 days), after which events are automatically purged.

If you have questions about data held by these providers or wish to exercise rights under applicable data protection laws (such as GDPR or CCPA), please contact us and we'll help coordinate the appropriate request.

List members can leave any email list at any time by clicking the leave link included in every broadcast email. Upon leaving, the list member's email address is immediately removed from that list and they will receive no further emails from it.

We use session cookies to keep you logged in while using the Service. We do not use third-party tracking cookies or advertising trackers.

We use Vercel Web Analytics to understand aggregate traffic and conversion patterns on our site. Vercel Analytics does not use cookies and does not collect personally identifiable information.

We take reasonable measures to protect your information, including encrypted storage of passwords and secure HTTPS connections. However, no transmission over the internet is completely secure, and we cannot guarantee the absolute security of your data.

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. When we do, we will update the date at the top of this page. Continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

If you have questions or concerns about this Privacy Policy or how your data is handled, please reach us through the Contact page.