Subject matter
InboxMend processes data to provide WordPress form submission monitoring, notification status review, connected site health, dashboard visibility, alerts, reports, account administration and support.
Data Processing Agreement
This Data Processing Agreement explains how InboxMend may process connected site data on behalf of customers using the WordPress plugin and Cloud dashboard.
Last updated: 6 June 2026
Customer, website owner or agency usually acts as controller for connected site data.
InboxMend acts as processor when it processes connected site data on the customer’s behalf.
Processing depends on enabled plugin features and Cloud configuration.
Duration
Processing continues while the customer uses InboxMend, keeps a workspace or connected site active, or while data is retained for billing, security, legal or support purposes.
Nature and purpose of processing
Processing may include collection, transmission, storage, organization, retrieval, display, analysis, deletion and support review of account, site, submission metadata, notification status and diagnostic data.
Categories of data
Data may include account identifiers, user contact details, connected site identifiers, WordPress/plugin status, form names, submission timestamps, limited submission previews, email status signals, diagnostic logs and support information.
Categories of data subjects
Data subjects may include customer users, website administrators, support users and people who submit forms on connected WordPress sites, depending on customer configuration.
Customer instructions
InboxMend processes connected site data according to customer configuration, product settings, documented functionality and reasonable support instructions. Customers are responsible for ensuring their instructions are lawful.
Confidentiality
InboxMend limits access to customer data to people and providers who need access to operate, secure, support or improve the service and are subject to appropriate confidentiality obligations.
Security
InboxMend applies practical technical and organizational measures appropriate for a SaaS monitoring product, including access controls, protected credentials, transport security where available, logging and operational safeguards.
Subprocessors
InboxMend may use subprocessors for hosting, infrastructure, payments, analytics, email, support and security. Subprocessors are used only as needed to provide the service.
Assistance with data requests
InboxMend will provide reasonable assistance for customer data requests when the request relates to data processed by InboxMend Cloud. Records stored only inside WordPress must be handled by the customer in their WordPress environment.
Deletion or return of data
On request or account closure, InboxMend will delete or return Cloud data where reasonably possible, subject to billing, legal, backup, security and operational retention requirements.
International transfers
InboxMend and its providers may process data in countries where infrastructure or support providers operate. Where required, customers should assess whether additional transfer safeguards are needed for their use case.
Contact information
Questions about this DPA can be sent to support@inboxmend.com.