← All providers

Mailgun

EmailLow RiskVerified 2026-03-05
Visit website
Overview
HeadquartersπŸ‡ΈπŸ‡ͺ SEStockholm
Parent CompanySinch AB(πŸ‡ΈπŸ‡ͺ SE)
US IncorporatedNo
CLOUD Act ExposureNo
NotesSSAE-16 SOC I & II, ISO 27001, and HIPAA certified per official security page. Sinch acquired Pathwire (Mailgun parent) in 2021.
Regions (2 in 2 countries)
πŸ‡ΊπŸ‡Έ US
US Β· Virginia
πŸ‡©πŸ‡ͺ DE
EU Β· Frankfurt
Compliance & Data

Certifications

βœ“ SOC 2βœ“ ISO 27001βœ“ GDPRβœ“ HIPAAβœ— PCI DSS

Data Types Handled

EmailPII
Applicable Laws (4)

Applies to businesses meeting revenue or data volume thresholds that handle California residents' data.

Max fine: USD 7,500 per intentional violationvia πŸ‡ΊπŸ‡Έ US
CLOUD ActUnited States

Any US-incorporated provider or subsidiary may be compelled to disclose data regardless of where it is stored.

Max fine: Contempt of court penaltiesvia πŸ‡ΊπŸ‡Έ US

Cross-border transfers to non-adequate countries require SCCs, BCRs, or other safeguards.

Max fine: 4% of global annual turnover or EUR 20Mvia πŸ‡©πŸ‡ͺ DE, πŸ‡ΈπŸ‡ͺ SE
FISA Section 702United States

US providers may be subject to surveillance orders targeting non-US persons, creating risk for EU data subjects.

Max fine: Contempt of court penaltiesvia πŸ‡ΊπŸ‡Έ US