Privacy

Postdex is a transactional email API. We store the data you send through us (recipient addresses, subjects, bodies, headers, tags) so you can see send logs and we can route bounces. We never use that data to train models, sell to third parties, or send marketing on top of it.

What We Store

Account profile (email, name), team profile, API key prefixes + hashes (never plaintext keys), domain DNS configuration, every email you send through the API for 30 days (or longer on paid plans), and the SES event stream attached to each send.

What We Don't Store

Plaintext API keys. Plaintext DKIM private keys (they're encrypted with AES-256-GCM at rest). The contents of webhook signing secrets after you've saved them.

Where Data Lives

Postgres + Redis hosted on our infrastructure in France (OVH). Email send itself flows through Amazon SES in your selected region.

Subprocessors

Amazon Web Services (SES for sending, SNS for webhook ingest). Cloudflare for edge TLS. We don't use any analytics processors yet.

Contact

Questions, deletion requests, or anything else, email kevin@postdex.io.