Missive Email Privacy

Luis Manjarrez
by Luis Manjarrez

Missive was built with privacy in mind. It's a fundamental part of our business, as it should be for every company dealing with people's communications. Honesty and transparency are also at the core of our values.

The above sounds nice and all, but actions speak louder than words. That's why we have created this blog post to answer some of the most frequently asked questions regarding Missive's reliability, privacy and security practices.

To kick things off, a few key points:

  • Missive does not sell any kind of data to any third parties.
  • All data stored in our database and cloud storage is encrypted at rest.
  • Missive is fully GDPR compliant.
  • We've successfully passed security audits by security firm Bishop Fox, as required for apps handling Google user data.

You can consult our full privacy and security policies.

Good, now let's answer some questions!

Can you access my emails?

Technically speaking, it would be false to claim we cannot read your emails. Missive imports your emails via IMAP like any email app does, and stores them in a database. This includes text content and attachments.

Storing this data in our own database is the technical foundation of a collaborative product like Missive. Thus, we naturally have access to the database that contains your emails in order to manage and maintain it in good shape for Missive to operate properly.

This is the same situation as with your main email provider (Gmail, Office 365, etc).

That said, only a few of our engineers have access to the database in question. Even for these people, getting to your actual email content is not trivial. We built internal tools that allow our engineers to do their daily job (eg. see what is going on in the system, number of emails processed, etc.) but none of these tools display email contents.

Needless to say, we are not in the business of scanning, sharing, or selling any of our users’ data. We never access a user’s data unless this user has specifically granted us permission and asked us to investigate a bug with their account, for instance.

Can people know if I've opened their emails?

No. Missive automatically blocks read trackers and 1x1 images to prevent senders from spying on what you do with their email. We currently block read trackers from these services.

Where are Missive's servers located?

Missive's servers are hosted on Amazon Web Services (AWS). All our servers currently originate from the US East 1 (N. Virginia) region. AWS is used by companies and organizations such as Nasdaq, Netflix, the CDC, etc.

If you need a list of IP address ranges to whitelist on your server, you can use the following file provided by AWS:

https://ip-ranges.amazonaws.com/ip-ranges.json

If I were to migrate Missive, I won't see you close shop in a year or two, right?

Definitely not. We are completely bootstrapped, meaning we don't depend on investors' whims or decisions. We control 100% of our company and we've been in the market for over 5 years. We've been cash positive and profitable for some years now. We enjoy a healthy and growing monthly revenue rate.

There are over 1000 organizations using Missive, including big names like Pipedrive and Buffer.

As a pioneer and key player in the collaborative email space, it's safe to say we're in for the long run.

Do you sell or share my data?

No. Never have, never will.

We don't even collect cookies or identifiable data points on our public website! Unlike most companies out there, who use this for website analytics and metrics. Not us.

Can I get a copy of my data?

Absolutely. As a GDPR-compliant company, you have the right to access, correct, export, and delete all personal data associated with your account.

To request any of the aforementioned actions, please contact us at privacy@missiveapp.com

How do I delete all data from Missive?

Please know this action cannot be undone.

  1. Login to Missive
  2. Go to your Organizations settings
  3. Remove all members from your organization
  4. Click the Billing tab, downgrade to the Free plan
  5. Delete all your email accounts, if any
  6. Delete all your integrations, if any
  7. Delete your organization
  8. Go to the Login & Security setting tab, enter the password if requested, scroll down, delete your Missive account

You will immediately be logged out of Missive with no means of logging back in.

Within 30 days, all traces of your Missive data and activity will be permanently deleted from our database, cloud storage, backups, and logs.

If you have any other questions regarding privacy, feel free to send us an email!

Luis
Luis Manjarrez

Growth at Missive
Follow me on Twitter