Cyber Mail 9000 Cyber Mail 9000
← Cyber Mail 9000

Privacy Policy

What we collect, why, who we share it with, and the controls you have over it.

Last updated — May 22, 2026

This Privacy Policy explains how McPherson Enterprises, LLC, doing business as Cyber Mail 9000 ("Cyber Mail 9000", "we", "us"), handles personal information in connection with the Cyber Mail 9000 email platform (the "Service"). It applies to our website, app, and APIs.

1. Who we are

Cyber Mail 9000 is an email marketing platform. It is operated by McPherson Enterprises, LLC, a Michigan limited liability company. For privacy questions, contact privacy@cybermail9000.com.

2. Two kinds of data — and two different roles

The Service handles two distinct categories of personal information:

  • Account data — information about you, our customer: the person who signs up for and pays for the Service. For this data we are the data controller. This policy governs it directly.
  • Subscriber data — information about your email subscribers, which you upload to or collect through the Service. For this data we are a data processor: we process it only on your instructions, to provide the Service. You are the controller of your subscriber data, and you are responsible for having a lawful basis to collect and email it. Your own privacy policy — not this one — governs your relationship with your subscribers.

3. Information we collect

Account data (you)

  • Your name and email address, used for passwordless magic-link sign-in.
  • Account and brand settings you configure — brand names, sending domains, sender identities, design preferences.
  • Billing information. Payments are processed by Stripe; we do not store full card numbers. We retain a record of purchases and plan.
  • Support communications you send us.

Subscriber data (your contacts)

  • Subscriber email addresses, names, custom fields, tags, and subscription status that you import or collect.
  • Email engagement events — sends, opens, clicks, bounces, complaints, and unsubscribes — generated as the Service delivers and tracks your campaigns.

Technical data

  • Authentication and session cookies, and a non-sensitive cookie that remembers your active brand.
  • Standard server logs — IP address, browser type, timestamps — collected by our hosting providers for security and reliability.
  • When an email is opened or a tracked link is clicked, the recipient's IP address and user agent, used to record the engagement event and to classify opens as human or automated.

4. How we use information

  • To provide, operate, secure, and improve the Service.
  • To authenticate you and protect your account.
  • To send and track email campaigns on your behalf, as you instruct.
  • To process payments.
  • To respond to support requests and send essential service notices.
  • To monitor for abuse, enforce our Terms of Service and Acceptable Use Policy, and protect sending reputation.
  • To comply with legal obligations.

We do not sell personal information, and we do not use your subscriber data for our own marketing or to train any product unrelated to delivering your email.

5. Email tracking

The Service can embed a small tracking pixel in outgoing email and rewrite links to record clicks. This is how open and click reporting works. Tracking is performed for you, on the emails you send, and the resulting data belongs to you. As the sender, you are responsible for disclosing this tracking to your subscribers where the law requires it. Tracking identifiers are encrypted and time-limited.

6. Cookies

We use only the cookies the Service needs to function: an authentication cookie to keep you signed in, and a cookie that remembers which brand you are working in. We do not use third-party advertising or cross-site tracking cookies on the application.

7. Service providers and subprocessors

We rely on a small set of infrastructure providers to run the Service. Each processes data only as needed to provide their service to us:

  • Google Firebase / Google Cloud — database, authentication, file storage, and backend functions.
  • Amazon Web Services (Amazon SES) — email delivery infrastructure.
  • Vercel — application hosting.
  • Stripe — payment processing.

Your email is delivered through your own Amazon SES account, or an SMTP provider you connect, under your agreement with that provider.

8. When we share information

We share personal information only:

  • With the subprocessors listed above, to operate the Service.
  • When required by law, legal process, or a valid government request, or to protect the rights, safety, and property of Cyber Mail 9000, our customers, or the public.
  • In connection with a merger, acquisition, or sale of assets — in which case we will give notice before your information becomes subject to a different privacy policy.
  • With your consent, or at your direction.

9. Data retention

We keep account data for as long as your account is open, and for a reasonable period afterward to meet legal, tax, and accounting obligations. Subscriber data is retained until you delete it or close your account; on account closure we delete or anonymize subscriber data within a commercially reasonable period, except where law requires us to keep records. Tracking identifiers expire automatically.

10. Security

We design the Service to keep data safe. The client application has no direct database access — every write passes through authenticated server routes, and accounts are isolated from one another. Sensitive secrets, including stored sending credentials and tracking tokens, are encrypted at rest with AES-256 and decrypted only on the server. No system is perfectly secure, but we work to protect your data and to disclose incidents responsibly.

11. Your privacy rights

Depending on where you live, you may have the right to access, correct, delete, export, or restrict the processing of your personal information, and to object to certain uses. To exercise any of these rights over your account data, contact privacy@cybermail9000.com. We will respond as required by applicable law. We will not discriminate against you for exercising these rights.

12. Subscribers' rights

If you are a subscriber on a list managed through the Service and want to access, correct, or delete your information, or to stop receiving email, contact the sender of that email directly — they control the list. They are the data controller. We will assist our customers in responding to such requests, but we cannot act on subscriber data without the customer's instruction. Every email sent through the Service includes a working unsubscribe link.

13. International data transfers

The Service is operated in the United States, and our subprocessors may process data in the United States and other countries. If you access the Service from outside the United States, you understand that your information will be transferred to and processed in the United States, where data-protection laws may differ from those in your jurisdiction.

14. Children's privacy

The Service is not directed to children. It is intended for use by businesses and adults. We do not knowingly collect personal information from children under 16. If you believe a child has provided us information, contact us and we will delete it.

15. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with a new "Last updated" date. Continued use of the Service after a change means you accept the revised policy.

16. Contact

Privacy questions or requests: privacy@cybermail9000.com
General support: support@cybermail9000.com
McPherson Enterprises, LLC d/b/a Cyber Mail 9000, Michigan, USA.
P.O. Box 266, McBain, MI, 49657