Terms of Service and Acceptable Use Policy
Revised March 2021
By using Mailsac by Forking Software LLC (also “mailsac.com” “mailsac”, “we”, “us”, “this/the service”, “this/the website”, “this/the site”), you (also “user”, “the user”, “end user”, “customer”, “account”) accept these terms and the Privacy Policies (separate agreement) and agree to ABIDE BY THEM AT ALL TIMES WITH NO EXCEPTION, and with no right to a refund in the event of terms violation.
You accept that any of these policies and procedures will be available on the website but that THESE TERMS MAY CHANGE AT ANY TIME WITHOUT NOTICE - you have been warned. We recommend subscribing to the public repository where this document’s source is hosted.
Terms and policies apply to paid and unpaid features of Mailsac.
“Enterprise” (“enterprise”) plans are paid subscriptions to Mailsac services which include the name “Enterprise” or “enterprise” within them, affording additional assurances and features throughout the agreement. End users accessing the service via an account with a current paid Enterprise plan subscription are “enterprise customers.”
The parties will comply with all applicable laws, rules and regulations, including without limitation to those arising out of data privacy or any other rights or obligations set forth in this Agreement.
Each party represents and warrants that:
it has full authority to enter and execute and perform its obligations under this Agreement;
this Agreement will constitute a legal, enforceable and binding obligation between the parties;
its execution and performance of this Agreement will not violate any law or breach any other agreement with or obligation to any third party.
Illegal is defined as against the law in the United States, the State of California, Sacramento, and the applicable jurisdictions of the end user (you).
This website can never be used to break the law.
You will not send unsolicited spam to or from this service and you will comply with CAN-SPAM as well as applicable international, national, and local spam laws in your jurisdiction and the State of California, United States.
This website and its overseers may cooperate with legal enforcement authorities to uphold law enforcement, without necessarily notifying the user of such corporation.
This website can never be used for malicious activity, terrorist activity, planning illegal activities, discussing illegal activities, gambling, pornography, or condoning illegal activities.
This website can never be used to spread spam, untruth, gambling, pornography of any kind whether legal or illegal.
Apparent terrorism or threatening behavior, harmful messages or usage to conduct intolerant or hateful or discriminatory actions, whether carried out, intended, or simulated, proven or unproven, will be blocked and removed without notice, and potentially handed over to the proper authorities.
This website RESERVES THE RIGHT TO BLOCK OR DELETE MAIL WITHOUT ANY NOTICE OR REASON, INCLUDING DATA RETAINED BY PAID USERS. The user agrees to take action outside Mailsac services to engage in a backup strategy, when persistence is desired or required. ALL MAILSAC DATA, INCLUDING EMAIL CONTENTS AND EMAIL ADDRESSES, MUST BE CONSIDERED EPHEMERAL BY THE USER.
You agree to be a good citizen of this service and will not engage in any activity which degrades the quality, experience or integrity of it, and accept that if we determine you are degrading the service for others, your usage may be limited in a way which may be undesirable to you.
This service reserves the right to delete or block any email for any reason without notice and without stating any reason.
Unless otherwise indicated, by using the service you acknowledge that all of your incoming emails are public, not private, and unsecured, and not under copyright or ownership.
This service makes no guarantees about how long email will be retained, neither minimum nor maximum, or that email will be accepted or received.
This service is offered for use with NO WARRANTIES and MAKES NO PROMISES THAT IT WILL FUNCTION AS INTENDED OR UNINTENDED. There is no “service level agreement” nor any guarantee of service uptime. We provide uptime system metrics, such as https://status.mailsac.com, on a purely information basis. Nor is status or uptime information required to be available.
Personal (where personal is non-business and non-commercial) use of this website is free, though it may require the user to register for an account and provide information such as a legal name, username, email address, phone number, physical address, and password. We will store the password using a one-way hash which cannot be retrieved by Mailsac.
Using this service for any business operations, even once, necessitates the purchase of a subscription-based license. Incorporated or non-incorporated business use is prohibited without a paid recurring active commercial subscription.
Mailsac services and customer assets (aka “entitlements”) such as email addresses or custom domains, API keys, or other service features, will be locked or released publicly if an account’s payment status becomes past due (aka “delinquent” or “unpaid invoice”). Past due accounts will receive courtesy payment reminder emails. MAILSAC IS NOT RESPONSIBLE FOR MISSED EMAIL NOTIFICATIONS RESULTING IN CANCELED SERVICE.
Public and Private Email
This site provides public disposable email services and mixed public-private email testing services. Email inboxes that are not purchased (aka private) are public and have no expectation of privacy.
Private addresses will not be accessible publicly and access to messages will be provided only to those with:
a validated username and password, which grants a temporary access “session” which may be stored in a cookie
a validated API key (smtp key, api access key, or other key)
If you believe your username, password, or API key has been compromised, you agree to:
change your compromised password, or delete the compromised API key
and contact the Mailsac support email address immediately.
Mailsac does not accept responsibility for damages done by compromised accounts. Users acknowledge that overseers and associates (internal or external parties) may have access to inbox contents for the purpose of ongoing business operations, but that access and insight will be limited based on direct need, such as but not limited to:
billing and subscription help
troubleshooting SMTP or API issues reported by you, or issues alerted by Mailsac telemetry systems
system integration support from Mailsac to you
comprise the standard reasons for such access
We may aggregate information included in emails, inbound and outbound metadata, email attachments, or email body information, for sale or sharing with third parties or customers. This aggregated information is useful for understanding system trends, spam and viruses sent by malicious systems.
Receipt, Delivery, and Message Accuracy Guarantees
EMAIL MESSAGE RECEIPT AND DELIVERY IS NOT GUARANTEED. Mailsac.com has many processes and systems in place built up over years, which result in high availability and reliability. Nonetheless the service does NOT provide a Service Level Agreement or any certainty of either receiving OR sending mail.
While this service does not intend for messages to be altered, there may be arbitrary changes whether during transit or storage which are made without knowledge of the user. The user’s account username and IP address may be attached to inbound or outbound email messages.
We cannot guarantee accuracy of any email content. Furthermore this service does not know the quality, truthfulness, correctness, or origination of messages received. Email messages may contain viruses. Users acknowledge this and will not hold Mailsac responsible for the content of messages. Users acknowledge that outside parties often send malicious code, phishing (intentionally misleading content), and spam in email messages, and Mailsac is unable to accurately determine whether messages are malicious or not. Spam ratings and spam scores are for informational purposes only - the user acknowledges these may indicate non-spam is spam, and spam is non-spam.
The user acknowledges:
SMTP and its variants are insecure by design
SMTP is a fail-prone protocol
SMTP is a “legacy” technology which lacks modern security best practices
the SMTP protocol is not guaranteed to be transmitted under encryption
when encrypted in transit, email may use broken or insufficient encryption algorithms
stored emails may not be encrypted at rest
third parties (including but not limited to routers, ISPs, intermediary providers, email providers including Mailsac) may decrypt and store email, even though it was not the message’s final destination
Mailsac strives for encrypted traffic (HTTPS with TLS, SMTP with TLS), however internal traffic or even public API / UI traffic may be transmitted unencrypted
Sending Outbound Mail
Outgoing mail may be purchased at cost and may be delivered (relayed) by a third party OR Mailsac. The user and sender of this mail is responsible for the content they send. Delivery cannot be guaranteed. Messages which fail to be delivered (including but not limited to “bounces”) will not be refunded. Contact Mailsac support if delivery appears to be failing and we may be able to assist with troubleshooting, but again we make no guarantees about outbound message delivery.
Outgoing mail may be marked as spam by receivers or intermediary deliverers. Mailsac is not responsible for email delivered by Mailsac being marked as spam, and WILL NOT refund such mail which is marked as spam or undelivered or unviewed.
Sending spam email is a serious offense which may result the user’s account being immediately disabled.
IN THE EVENT THAT LEGAL EXPENSES OR FINANCIAL JUDGEMENTS ARE INCURRED FOR THE SENDING OF EMAIL MESSAGES BY A MAILSAC USER, THE USER AGREES TO ACCEPT FINANCIAL RESPONSIBILITY FOR THE PAYMENT OF THOSE FEES OR JUDGEMENTS. WHETHER SENT INTENTIONALLY OR UNINTENTIONALLY BY THE MAILSAC ACCOUNT OWNER, THE USER ACCEPTS FULL RESPONSIBILITY FOR THE MESSAGES SENT. The user is responsible for mail sent from their account even during a period that the account was compromised. It is the responsibility of the account holder (user) to secure their account and contact support via when it appears to have been compromised.
Inbound and outbound email traffic is throttled due to various dynamic factors, including but not limited to: IP addresses, email addresses, domains, frequency of inbound or outbound mail. Mailsac may ban traffic automatically, on a permanent or temporary basis. Entire domains and companies may be banned. For an up-to-date list of banned traffic, contact Mailsac support.
We reserve the right to throttle API and SMTP (inbound or outbound) traffic, even for paid customers on unlimited plans. Throttling is necessary to ensure quality of service for all other customers.
This service follows a best-effort policy to maintain uptime. No service level agreement (SLA) exists, for any customer, paying or non-paying, personal or commercial. No SLA is offered on any Mailsac website, including but not limited to: mailsac.com, Mailsac API, SMTP services, forums, documentation, or blog.
Customers wanting service uptime guarantees must contact a Mailsac account executive to purchase a Service Level Agreement (SLA) superceding this agreement.
Support response times are not guaranteed, but support will make a best effort to respond promptly. Support is not offered in any language other than US English.
Mailsac provides an API service, with free and paid tiers. This service is not responsible for adverse effects in any situation, and offers no compatibility guarantee. We reserve the right to change the API without notice. No guarantees are made on the following:
API uptime or downtime
API changes or API versioning
API support for a particular programming language
API help in any language other than English
We make our best effort to produce bug free software and accurate documentation. However, the user acknowledges that the service may perform sub-optimally and in a way that is unexpected, and in such cases Mailsac is not responsible. We make no guarantees that the service will function as described or intended, but we hope it does so. There is no guarantee that documentation about the service, including the API or email routing or email privacy, will be accurate.
Deleted data (including messages/email) are removed from the servers and the databases using standard deletion practices. However, we cannot guarantee that backups may not exist or that business partners (such as hosting companies) will delete this data. Services which crawl publicly available content (most emails on this website are public) may retain that information indefinitely and this website is not responsible. This website makes no guarantees about retention practices but intends to have deleted content be deleted. Standard application logs and failed attempts to pass data between internal services may be retained for troubleshooting. Mailsac is a best-effort, disposable-first email service and API. Mailsac is not a service that is intended to be used for storage of important information. Saved or “starred” messages are intended to be retained up to the indicated limits on an account, but this is not guaranteed, and starred messages may be removed when older than other stored messages.
The user agrees that Mailsac is never responsible for lost data. It is the user’s responsibility to backup or retain any data they may wish to keep.
If data retention or secure deletion is a concern it is recommend that the user should not use this service, and should find another service upon which to rely.
Usage metrics are tracked. Usage includes but is not limited to:
IP addresses of site users and API users and SMTP connections
IP addresses or user accounts of derivable data from service activities
Analytics on received SMTP messages are recorded. We may track which users or IP addresses view which email addresses and messages for internal purposes, and to create features for users or organizations to track their usage.
We do not share this analytics data of individual usage with third parties, except when it is necessary to comply with verified requests of fraud, hacking, or other legally dubious behavior. We use the data internally to study spam, study traffic, respond to scaling needs, and to provide more useful services, or to aggregate anonymously into products. We may choose to sell anonymized or aggregated usage data.
Refunds are not provided. All purchases are final. Refunds may be provided at the discretion of Mailsac and its overseers. As a general rule, refunds are never given for any reason. In the event the service is down or ceases to operate, any unused services and remaining service purchases are not refunded. We make exceptions on a case-by-case basis with no guarantee as to the methods for determination. ALL SALES ARE FINAL WHETHER SERVICES HAVE BEEN RENDERED OR NOT.
We may make exceptions to this refund policy on a case-by-case basis.
If the lack of notification of terms changes presents a concern, contact support for a different arrangement.
Enterprise customers are exempt from this section related to updates to this agreement being fluid and not triggering a notification to the end user.
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS OF MAILSAC BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
For non-Enterprise customers, Mailsac software is provided WITHOUT WARRANTY OF ANY KIND OR IMPLIED OF FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
This service retains the right to revoke or deny access to anyone at anytime, with or without stated reason. Likewise any user may cease using the service and request that data be removed, in accordance with the data and retention policies outlined herein and in the jurisdictions indicated herin. As indicated above, refunds are not given.
Unless another agreement signed by Mailsac exists, payments for services are made up front using a credit card. Serivces will not be rendered until paid in full and cleared with Stripe.com. Returned or stopped payments will be subject to a $30 charge to be paid by the customer of Mailsac via credit card. Accounts in past-due status will be locked and unusable until paid in full.
Enterprise customers may have payments arrangements other than via credit card, if agreed by both parties. Mailsac may submit invoices for fees and expenses to the customer electronically at an accounts payable email address provided by the customer. Payments shall be made net thirty (30) days after receipt of invoice by the customer. Mailsac services will not be started or restarted until the business day following receipt of payment or purchase order by Mailsac from the customer.
For Enterprise customers, Mailsac warranties that all Intellectual Property delivered under this agreement will be of original development by Forking Software LLC or subject to appropriate license and will not infringe or violate any patent, copyright, trade secret, trademark, or other intellectual property right of a third party.
When service is not delivered under an Enterprise agreement, no such Intellectual Property warranty is provided.
Mailsac agrees to render services consistent with the “California Consumer Privacy Act” (“CCPA”) Cal. Civ. Code Title 1.81.5, § 1798.100 et seq. Requests related to Personally Identifiable Information (PII) or CCPA may be sent to the Mailsac support email listed in this agreement, and Mailsac will make every effort to respond within 20 days.
The user agrees to remove confidential information and PII (“sensitive information”) from Mailsac systems at the earliest extent possible through features provided to the user in the Mailsac platform, such as, but not limited to:
deleting email messages containing the sensitive information, or
bulk deleting all email for a custom domain when containing the sensitive information.
The user agrees that Mailsac is not responsible for damage caused by sensitive information made public through the Customer’s use of the Mailsac platform, such as, but not limited to:
user making email for a custom domain public by changing settings, or
user sharing public links to private content with embedded access credentials.
If either party discovers or receives notice of an actual breach of security relating to sensitive information in its possession or control, it will immediately notify the other of such breach, and will promptly investigate and take all reasonable steps to cure the breach.
For Enterprise customers, Mailsac will provide an outline of business practices related to cybersecurity and continuity. This agreement is subject to the practices contained within th Information Assurance Program. As the Information Assurance Program is a living document, the customer may elect to receive updates to it by providing Mailsac with an email address, or contacting Mailsac support. Only electronic copies of the Information Assurance Program will be provided (no physical copies or mail).
For Enterprise customers only, Mailsac shall maintain, and shall implement when necessary, a written business continuity plan (“BCP”) that permits it to recover from a triggering event and continue providing Services to user within the specified recovery time objectives. The BCP will be written and maintained in the Mailsac Information Assurance Program, available upon request to Enterprise customers.
Each party agrees to indemnify, defend, and hold harmless the other party from and against any loss, cost, or damage of any kind (including reasonable outside attorneys’ fees) to the extent arising out of its breach of this Agreement, and/or its negligence or willful misconduct.
The parties will, at their own cost and expense, obtain and maintain in full force and effect during the term of this Agreement the following insurance coverages:
Commercial General Liability
Cyber Security Liability
If a clause of this agreement is found to be invalid or violated, the rest of this agreement still stands.
Both parties may assign this agreement, or any rights or obligations hereunder, including the right to enforce all of its terms:
In connection with a merger, acquisition, corporate reorganization, change in control or sale of all or substantially all of its assets.
To an Affiliate which is an Affiliate at the time of such assignment.
No waiver by any party at any time of any other provision of this agreement will be deemed a waiver or breach of any other provision of this agreement or consent to any subsequent breach of the same of any other provision.
This agreement will be governed in all respects, including validity, interpretation and effect, by the laws of the State of California without regard to principles of conflicts of law therein. Jurisdiction and venue for any claims shall be lie in: