Privacy Policy
Last updated: 2026-04-21
Finn ("we", "us") operates a transactional email API and SMTP relay at https://finn.computer. This policy explains what we collect, how we use it, and your rights.
Who we are
Finn is operated by Groupmail. For privacy-related questions, email [email protected]. For data subject rights requests (access, rectification, deletion), use the same address with the subject line "GDPR request".
What we collect
When you use Finn we collect:
- Account data: your name, email address, optional company name, invite code, and the timestamp of your signup.
- Credentials: API keys and SMTP credentials, stored as SHA-256 hashes (not reversible).
- Send metadata: for every email you send through Finn we record the recipient address, subject line, size, SES message ID, send timestamp, and delivery/bounce/complaint status.
- Technical metadata: the IP address of the machine calling our API (for rate limiting and abuse detection), the User-Agent string, and standard HTTP request logs.
- Suppression data: addresses that bounce hard or file complaints are added to your tenant's suppression list and to AWS SES's account-level suppression list.
We do not retain the body content of the emails you send. Bodies are streamed to AWS SES and discarded from our systems.
What we do with it
- Deliver your email via AWS SES.
- Enforce per-tenant rate limits, monthly quotas, and suppression rules.
- Run pre-send moderation via AWS Bedrock Guardrails when enabled.
- Monitor bounce and complaint rates to protect shared infrastructure.
- Bill you for usage via our payments processor.
- Respond to legal or law-enforcement requests where required.
We do not sell your data, share it with advertisers, or use it to train our own models.
Sub-processors
Finn relies on the following sub-processors:
| Provider | Purpose | Region |
|---|---|---|
| Amazon Web Services (SES, Bedrock, SQS) | Email delivery, content moderation, event pipeline | eu-north-1 (Stockholm) |
| Fly.io | Application hosting, managed Postgres | arn (Stockholm), fra (Frankfurt) |
| Cloudflare | DNS, edge proxy, inbound email routing | global |
| Paddle | Payments, invoicing, tax (Merchant of Record) | global |
Each sub-processor has their own privacy terms. If you enable Cloudflare one-click DNS provisioning, your Cloudflare OAuth token is encrypted at rest with AES-256-GCM before we store it.
Retention
- Account data: kept while your account is active, plus 90 days after closure for dispute resolution, then deleted.
- Send metadata: kept for 90 days, then deleted.
- Suppression list entries: kept indefinitely (required for compliance with anti-spam law).
- Request logs: kept for 30 days for security and debugging.
International transfers
Finn is operated from Ireland. Data is processed in AWS eu-north-1 (Stockholm) and on Fly.io machines in the EU. If your sub-processor relationships change, we will update this page.
Your rights
If you are in the UK, EU, or another jurisdiction with equivalent data-protection law, you have the right to:
- Access your personal data
- Correct inaccurate data
- Delete your data ("right to erasure")
- Export your data in a machine-readable format
- Object to processing
- Lodge a complaint with a supervisory authority
To exercise any of these rights, email [email protected] with "GDPR request" in the subject. We respond within 30 days.
Security
- Transport: TLS 1.2+ on all inbound and sub-processor connections.
- At rest: Postgres with
sslmode=require, managed disks encrypted at rest by the provider. - Secrets: application secrets stored via Fly.io's managed secret store, never in source control.
- Access: admin access requires HTTP Basic Auth with a brute-force limiter (5 failures → 15 minute block).
Changes
If this policy changes materially, we'll email account owners at least 14 days before the change takes effect.
Contact
[email protected] for all privacy questions.