Legal

Privacy Policy

Last updated: 1 May 2026

1. Introduction

MX Moat ("we", "us", "our") is committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR) and applicable EU data protection law. This policy explains what data we collect, why we collect it, and how we use it.

2. Data we collect

When you sign up or contact us, we collect the following personal data:

  • Your name and email address
  • Your domain name(s)
  • The plan you selected
  • Any information you include in contact messages

When your domain is protected by MX Moat, our gateway processes inbound email metadata including sender IP addresses, sending server hostnames, and email headers. We do not read or store the content of your emails.

3. How we use your data

We use your personal data to:

  • Provide and manage your MX Moat service
  • Respond to your enquiries
  • Send service-related communications (onboarding, billing, security alerts)
  • Improve our service and detect abuse

We do not sell your personal data to third parties. We do not use your data for advertising purposes.

4. Legal basis for processing

We process your personal data on the following legal bases under GDPR:

  • Contract performance: processing necessary to deliver the MX Moat service you requested
  • Legitimate interests: improving service reliability and detecting threats
  • Legal obligation: where required by applicable law

5. Data retention

We retain your account data for as long as your service is active, plus a period of 12 months after termination to comply with legal obligations. Email metadata processed by the gateway is retained for a maximum of 90 days for operational purposes.

6. Your rights

Under GDPR you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing
  • Data portability
  • Lodge a complaint with your national supervisory authority

To exercise any of these rights, please contact us using the details below.

7. Data transfers

MX Moat is operated from within the European Union. We do not transfer your personal data outside the EEA except where required to deliver the service, and only where adequate safeguards are in place.

8. Contact

For any privacy-related questions or to exercise your rights, please contact us via our contact page or by email at info@mxmoat.com.