1. Data We Collect
Badex Signature collects only the data necessary to provide the email signature service:
- User directory data — Names, email addresses, job titles, phone numbers, and department information synced from your Microsoft 365 directory via Graph API, or manually created SMTP accounts for Generic SMTP plans.
- Email metadata — Sender and recipient email addresses for signature injection and analytics. We do not store email body content.
- Usage analytics — Email open and click events for banner campaign tracking.
- Account data — Administrator email addresses and authentication credentials for dashboard access.
2. How We Use Your Data
- To inject personalized email signatures into outbound emails
- To generate and manage DKIM signing keys per domain
- To provide analytics on signature engagement
- To sync user information automatically from Microsoft 365 or manage SMTP accounts
3. Data Storage
All data is stored on servers located in the European Union. We use industry-standard encryption for data at rest and in transit. Email content is never stored — only processed in memory during signature injection.
4. Data Sharing
We do not sell, rent, or share your data with third parties. For Microsoft 365 plans, we communicate with Microsoft's Graph API for directory synchronization. For Generic SMTP plans, no external directory service is used. Email content is never stored — only processed in memory during signature injection.
5. Data Retention
User directory data is retained as long as your account is active and for 30 days after account termination. Email metadata and analytics data is retained for 90 days. You can request deletion at any time.
6. Your Rights (GDPR)
If you are located in the European Economic Area, you have the right to access, rectify, erase, restrict, and port your personal data. Contact us at privacy@badex.app to exercise these rights.
7. Security
We implement appropriate technical and organizational measures to protect your data, including TLS encryption for all data in transit, encrypted storage, and access controls limited to authorized personnel.
8. Contact
For privacy-related questions, contact us at privacy@badex.app.