In accordance with GDPR Article 28, Section 3, our data processing agreement includes assurances that:

  • MailSlurp agrees to process personal data only on written instructions of your company.
  • Everyone who comes into contact with data at MailSlurp is sworn to confidentiality.
  • MailSlurp uses appropriate technical and organizational measures to protect the security of the data.
  • MailSlurp will not subcontract to another processor unless instructed to do so in writing by your company, in which case another DPA will need to be-signed with the sub-processor (pursuant to Sections 2 and 4 of Article 28).
  • MailSlurp will help your company uphold its obligations under the GDPR, particularly concerning data subjects' rights.
  • MailSlurp will help your company maintain GDPR compliance with regard to Article 32 (security of processing) and Article 36 (consulting with the data protection authority before undertaking high-risk processing).
  • MailSlurp severs and databases are based in the US and data will be processed in the United States.
  • You can download a copy of our data processing agreement in PDF format.