Skip to main content

Data Protection

Detailed information about Tempory Mail's data protection commitments, GDPR compliance, and your user rights

Data Protection

Last Updated: July 28, 2025

Effective Date: July 28, 2025

At Tempory Mail, we take data protection seriously and ensure full compliance with international data protection standards. This page details our data protection approach and your rights.

Our Data Protection Commitments

Core Principles

  • **Privacy by Design**: Data protection at the heart of our service

  • **Data Minimization**: Collecting only necessary data

  • **Purpose Limitation**: Using data only for stated purposes

  • **Transparency**: Clear and understandable data practices

  • **Accountability**: Fulfilling our data protection obligations

    • International Compliance

    βœ… **GDPR (EU General Data Protection Regulation)**

    βœ… **CCPA (California Consumer Privacy Act)**

    βœ… **LGPD (Brazilian General Data Protection Law)**

    βœ… **PIPEDA (Canadian Personal Information Protection Act)**

    βœ… **DPA (UK Data Protection Act)**

    GDPR Compliance

    Rights for EU Users

    #### 1. Right to be Informed (Articles 13-14)

  • **Transparent Information**: Clear information about data processing

  • **Easy Access**: Easy access to information

  • **Plain Language**: Simple and clear explanations

    • #### 2. Right of Access (Article 15)

  • **Data Copy**: Obtaining a copy of your processed data

  • **Processing Details**: Learning how your data is used

  • **Third-Party Sharing**: Finding out who it's shared with

  • **Retention Period**: Learning how long it's stored

    • #### 3. Right to Rectification (Article 16)

  • **Incorrect Information**: Correcting inaccurate information

  • **Incomplete Information**: Completing incomplete information

  • **Free of Charge**: Correction without any fees

    • #### 4. Right to Erasure - "Right to be Forgotten" (Article 17)

  • **Unnecessary Data**: Deletion of data no longer needed

  • **Consent Withdrawal**: Deletion when consent is withdrawn

  • **Unlawful Processing**: Deletion of unlawfully processed data

    • #### 5. Right to Restrict Processing (Article 18)

  • **Accuracy Issue**: Restriction while data accuracy is disputed

  • **Objection Period**: Restriction while objection is being assessed

  • **Legal Reasons**: When needed for legal proceedings

    • #### 6. Right to Data Portability (Article 20)

  • **Structured Format**: Receiving your data in machine-readable format

  • **Transfer to Another Service**: Moving your data to another service

  • **Direct Transfer**: Direct transfer when possible

    • #### 7. Right to Object (Article 21)

  • **Legitimate Interest**: Object to processing based on legitimate interest

  • **Direct Marketing**: Object to marketing-related processing

  • **Profiling**: Object to automated decision-making

    • Legal Basis

    #### Service Provision

  • **Basis**: Legitimate interest (GDPR Article 6(1)(f))

  • **Interest**: Providing temporary email service

  • **Assessment**: Balancing with user rights

    • #### Security

  • **Basis**: Legitimate interest (GDPR Article 6(1)(f))

  • **Interest**: Ensuring service security

  • **Duration**: Maximum 7 days IP log retention

    • #### Advertising

  • **Basis**: Consent (GDPR Article 6(1)(a))

  • **Consent**: Clear and freely given consent

  • **Withdrawal**: Can be withdrawn at any time

    • CCPA Compliance

    Rights for California Users

    #### 1. Right to Know

  • **Collected Data**: Learning what personal information is collected

  • **Usage Purposes**: Understanding why it's collected

  • **Sharing**: Finding out who it's shared with

    • #### 2. Right to Delete

  • **Deletion Request**: Request deletion of your personal information

  • **Exceptions**: Data needed for legal obligations

  • **Confirmation**: Confirmation of deletion process

    • #### 3. Right to Opt-Out of Sale

  • **Opt-out**: Exit from personal information sales

  • **Notice**: "Do Not Sell My Personal Information" option

  • **Implementation**: Effective within 48 hours

    • #### 4. Right to Non-Discrimination

  • **Equal Service**: Regardless of your privacy choices

  • **No Price Difference**: No extra charges for privacy choices

  • **Service Quality**: Same quality of service

    • Other Regulations

    LGPD (Brazil)

  • **Legal Basis**: Legitimate interest for service provision

  • **Consent**: Clear consent for advertising

  • **Rights**: Access, correction, deletion rights

    • PIPEDA (Canada)

  • **Consent**: Consent for advertising cookies

  • **Access**: Right to access personal information

  • **Complaints**: Right to complain to privacy commissioner

    • Data Security

    Technical Measures

  • **Encryption**: TLS 1.3 for data transmission

  • **Server Security**: Up-to-date security patches

  • **Access Control**: Limited and authorized access

  • **Monitoring**: 24/7 security monitoring

    • Organizational Measures

  • **Staff Training**: Regular data protection training

  • **Security Policies**: Written security procedures

  • **Incident Response**: Data breach response plan

  • **Regular Audits**: Security assessments

    • Data Breach Notification

    Under GDPR

  • **72 Hours**: Notification to supervisory authority

  • **Without Delay**: Notification to users (in case of high risk)

  • **Transparency**: Clear information about the breach

    • Notification Content

  • **What Happened**: Nature of the breach

  • **When**: Time of breach detection

  • **What Data**: Types of data affected

  • **What We're Doing**: Measures taken

  • **Recommendations**: Recommendations for users

    • Age Restrictions

    Protection of Children's Data

  • **Minimum Age**: 13 years old

  • **Under 16**: Parental consent required in EU

  • **Special Protection**: Special attention to children's data

  • **Deletion**: Priority deletion of children's data

    • Age Verification

  • **Declaration**: User age declaration

  • **Suspicion**: Additional verification in case of doubt

  • **Quick Deletion**: Rapid deletion of children's data

    • Exercising Your Rights

    Request Process

    1. **Contact**: Email to [email protected]

    2. **Identity Verification**: Identity verification for security

    3. **Assessment**: Assessment within 30 days

    4. **Response**: Detailed written response

    5. **Implementation**: Implementation of approved requests

    Required Information

  • **Full Name**: Your complete name

  • **Request Type**: Which right you want to exercise

  • **Details**: Details of the request

  • **Identity**: Identity verification information

    • Response Times

  • **GDPR**: 30 days (extendable by 1 month)

  • **CCPA**: 45 days (extendable by additional 45 days)

  • **Urgent Cases**: Initial response within 48 hours

    • Data Transfers

    International Transfers

  • **Adequacy Decisions**: Countries with EU adequacy decisions

  • **Standard Contractual Clauses**: Safe transfer guarantees

  • **Binding Corporate Rules**: For group companies

    • Security Measures

  • **Encryption**: Encryption during transfer

  • **Access Control**: Limited access rights

  • **Monitoring**: Transfer monitoring and logging

    • Complaint Rights

    Supervisory Authorities

    If you believe your data protection rights have been violated, you can file a complaint:

    #### EU Countries

  • Each EU country's data protection authority

  • Right to complain in your local language

  • Free complaint process

    • #### Other Countries

  • **USA**: State Attorney General offices

  • **Canada**: Privacy Commissioner

  • **Brazil**: ANPD (Autoridade Nacional de Proteção de Dados)

    • Before Complaining

    1. **Direct Contact**: Contact us first

    2. **Problem Resolution**: Let's try to solve the problem together

    3. **Reasonable Time**: Allow reasonable time for resolution

    Special Protection for Children

    Under 13 Years

  • **No Service**: We don't provide service to under 13s

  • **If Detected**: Immediate account closure

  • **Data Deletion**: Immediate deletion of all data

    • 13-16 Years (EU)

  • **Parental Consent**: Legal parental consent required

  • **Special Protection**: Additional protection measures

  • **Limited Processing**: Minimal data processing

    • Contact

    Data Protection Questions

    Email: [email protected]

    Subject: "Data Protection Request"

    Languages: Turkish, English, German, French

    Response Time: Initial response within 48 hours

    Emergency Situations

    For suspected data breaches:

    Email: [email protected]

    Subject: "URGENT: Data Security"

    Response: Within 2 hours

    Legal Representative

    For GDPR representative:

    Email: [email protected]

    Subject: "GDPR Representative"

    ---

    Summary

    Data Protection Principles

    βœ… **Privacy by Design**: Built-in protection

    βœ… **Data Minimization**: Only necessary data

    βœ… **User Control**: Full control over your data

    βœ… **Transparency**: Clear and honest information

    βœ… **Security**: Highest security standards

    βœ… **Accountability**: Responsible data processing

    Main Rights

    | Right | GDPR | CCPA | Timeline |

    |-------|------|------|----------|

    | Information | βœ… | βœ… | Immediate |

    | Access | βœ… | βœ… | 30 days |

    | Rectification | βœ… | βœ… | 30 days |

    | Erasure | βœ… | βœ… | 30 days |

    | Portability | βœ… | ❌ | 30 days |

    | Object | βœ… | βœ… | Immediate |

    ---

    This data protection document is effective from July 28, 2025 and applies to all users of the Tempory Mail service.*