Security Statement

MailCup Security

Information is crucial for both business pursuits and everyday life. Consequently, we hold our esteemed customers' privacy in the highest regard.

At MailCup, we place paramount importance on the trust you bestow upon us. We are unwavering in our commitment to safeguard your company's sensitive data with the same diligence we apply to our own. Our dedicated team continually enhances protective measures to shield your data from potential online threats, ensuring your peace of mind regarding the security of your personal information.

Our security program is fully open-source, providing you with transparency in understanding its workings and allowing you to use our products and services with complete confidence.

1. Key Security Practices

1.1. Cutting-edge Account Protection Mechanisms

1.1.1. Two-Factor Authentication: Recognizing that the security of your personal information depends on the resilience of your account against sophisticated hacking tactics, we've introduced two-step user verification. In addition to your username and password, accessing your account requires a unique one-time code delivered via email. This method serves as an early warning system, notifying you of potential intrusion attempts and unauthorized access through email alerts.

1.2. IP Address Access Restrictions

1.2.1. This feature provides an additional layer of protection, especially if you predominantly access your account from work or home computers with static IP addresses. After each authorization, you will receive an email containing details of the login time and the corresponding IP address. This serves as a robust deterrent against any attempts by third parties to gain unauthorized entry to your account without access to your local network.

1.3. SMTP Email Sending Limits

1.3.1. SMTP servers facilitate the sending, receiving, and relay of emails, allowing you to dispatch automated and transactional emails from anywhere. To prevent unauthorized email transmission in the event of SMTP password compromise or theft, we've implemented restrictions based on the sender's IP address.

1.4. reCAPTCHA Mechanisms

1.4.1. Our implementation of reCAPTCHA functions as a vital defense mechanism against automated website access and bot-driven attacks. Suspicious user actions trigger image recognition tests or requests for alphanumeric input, which only humans can provide.

1.5. Suspicious Login Alerts

1.5.1. Our automatic monitoring system significantly enhances the overall security of your account by automatically blocking suspicious login attempts. Additionally, it promptly notifies you when such attempts occur, particularly if they originate from unverified devices or browsers.

1.6. Vulnerability Management

1.6.1. Our unwavering commitment to maximum security and privacy is demonstrated through a proactive system for identifying and rectifying potential platform vulnerabilities. We employ a combination of automated and manual remediation processes. To further strengthen this initiative, we have instituted the Open Bug Bounty program, offering financial rewards to users who discover security vulnerabilities in our services.

1.7. Payment Data Protection

1.7.1. MailCup exclusively collaborates with certified payment systems, ensuring that we do not retain customer credit card details. All your data is securely transmitted directly to the designated payment system, adhering to stringent security protocols and SSL data encryption.

1.8. Service Availability

1.8.1. Our database servers operate with daily redundancy across all resources. These backups play a crucial role in averting data loss and ensuring swift system information recovery.

We deeply appreciate the trust you have placed in MailCup and remain steadfast in our commitment to fortify the safety and efficiency of your business operations.

Thank you for entrusting us with your confidence.