Version 2.1 — effective from 16/05/2026
Last updated: 2026-05-15
\n\nThis Privacy Notice describes how personal data of users interacting with the services provided by Target SMTP ("we", "Data Controller") through the website https://targetsmtp.it and the related services are processed. It is drafted pursuant to Regulation (EU) 2016/679 ("GDPR") and Italian Legislative Decree 196/2003 as amended.
\n\n| Name | Target SMTP |
| Registered office | Italia |
| P.IVA (Italian VAT number) | |
| Codice Fiscale (Italian tax code) | |
| PEC (certified email) | |
| Phone | |
| Contact email | info@targetsmtp.it |
The Data Protection Officer can be contacted for any matter relating to the processing of personal data and the exercise of the rights granted by the GDPR.
\n| Name | |
| Address | |
| Dedicated email | privacy@targetsmtp.it |
| Purpose | Legal basis (Art. 6 GDPR) |
|---|---|
| Service delivery (authentication, email sending, dashboard) | Performance of Contract — Art. 6(1)(b) |
| Tax, accounting and administrative obligations | Legal Obligation — Art. 6(1)(c) |
| System security, abuse prevention, rate limiting | Legitimate Interest — Art. 6(1)(f) |
| Service communications and support | Performance of Contract — Art. 6(1)(b) |
| Aggregate anonymous statistics | Legitimate Interest — Art. 6(1)(f) |
| Newsletter, direct marketing | Consent — Art. 6(1)(a), revocable at any time |
| Third-party analytics and cookies | Consent — Art. 6(1)(a) |
| Category | Retention |
|---|---|
| User account | For the duration of the contract + 30 days after deletion |
| Email metadata (sender, recipients, outcome) | 30 days |
| Email contents (body, attachments) | Deleted after delivery, max 7 days in case of error |
| Application and security logs | 90 days |
| Billing data | 10 years (civil and tax obligation) |
| Analytics / marketing cookies | Maximum 13 months from consent |
At the end of the retention period, data are deleted or irreversibly anonymized, unless required otherwise by law.
\n\nData are processed internally by authorized and trained personnel. They may be disclosed to sub-processors appointed pursuant to Art. 28 GDPR; the up-to-date list is available at Sub-Processors. All sub-processors are bound by data processing agreements (DPAs) ensuring adequate levels of protection.
\nData are not transferred, sold or exchanged with third parties for commercial purposes.
\n\nPrimary servers are located within the European Union. Where a technology provider operates outside the EEA, the transfer takes place exclusively on the basis of:
\nAs a Data Subject, you may exercise the following rights at any time:
\nRequests can be submitted by email to privacy@targetsmtp.it or, for registered users, directly from the Privacy & GDPR section of their personal area. We will respond within 30 days of receiving the request.
We implement Technical and Organizational Measures (TOMs) appropriate to the risk:
\nIn the event of a personal data breach likely to result in a risk to the rights and freedoms of natural persons, we will notify the supervisory authority within 72 hours of becoming aware, pursuant to Art. 33 GDPR. Data Subjects will be informed without undue delay if the breach is likely to result in a high risk to their rights and freedoms (Art. 34 GDPR).
\n\nWe use automated systems for: anti-spam filtering, sender reputation scoring, rate limiting and abuse prevention. These processes do not produce significant legal effects on the Data Subject and can always be reviewed manually upon request.
\n\nThis Notice may be updated at any time. Material changes are communicated by email to registered users and/or via notice on the website with at least 30 days' prior notice before they take effect. The current version is always available on this page; archived versions are available upon request.
\n\nFor any question regarding the processing of personal data or to exercise the rights provided by the GDPR, you can write to:
\nTarget SMTP
\nItalia
\nEmail: privacy@targetsmtp.it
\nPEC: