Privacy Policy

1. Who we are

Indigo INC DOOEL Skopje provides email hosting and related services for businesses and public institutions.

• Address: Skopje, North Macedonia
• Contact: privacy@goindigo.mk | support@goindigo.mk

2. What data we collect

We may process:

• Account & customer data: organization name, admin contact, email address, phone, billing details, user list, service plan.
• Service data (technical): IP address, device/browser info (for webmail/admin), login timestamps, delivery logs, error logs, mailbox quota usage.
• Email data: email content and attachments are stored and transmitted to provide the Service (inboxes, sent items, server-side filtering).
• Support data: tickets, emails, call notes, configuration information you provide.

3. Why we process data (purposes)

We use data to:

• Provide and operate mailboxes, domains, routing, spam/malware filtering, and administration
• Authenticate users and protect accounts
• Prevent abuse and ensure deliverability (anti-spam)
• Provide customer support
• Bill and manage subscriptions
• Meet legal obligations and respond to lawful requests

4. Legal bases (GDPR-style)

Where applicable, processing is based on:

• Contract (to provide Services)
• Legitimate interests (security, anti-abuse, service improvement)
• Legal obligation (tax/accounting, lawful requests)
• Consent

5. How email content is handled

• We process and store email only to deliver and provide the Services.
• Automated systems may scan emails for spam, malware, and security threats.
• We do not sell email content or use it for advertising.
• Access to email content by Indigo staff is restricted and allowed only when necessary for support, security incidents, or legal compliance, and only with appropriate authorization.

6. Sharing and third parties

We may share data only with:

• Infrastructure providers (hosting/datacenter, backups, monitoring) as processors
• Payment providers
• Security/anti-spam providers
• Authorities when required by law

We maintain a list of subprocessors at: web.goindigo.mk/subprocessors.

7. International transfers

If any service providers process data outside North Macedonia / EEA, we use appropriate safeguards (e.g., contractual protections).

8. Data retention

Typical retention (customize to your policy):

• Account/billing records: As required by law
• Mailbox data: Retained while the account is active, and deleted within a reasonable period after termination unless legally required otherwise
• Server logs: Custom retention period on request

Backups may persist for a period before being overwritten.

9. Security

We use administrative, technical, and physical measures such as:

• Access controls and least-privilege
• Encryption in transit (TLS) where supported
• Anti-spam/anti-malware controls
• Monitoring and incident response procedures

10. Your rights

Depending on applicable law, you may have rights to access, correct, delete, restrict, or object to processing, and data portability.

Requests: privacy@goindigo.mk

11. Cookies

Our cookie practices are described in the Cookie Policy.

12. Changes

We may update this policy. We will post the new version with a new effective date.