No matter where you are in the world, where you reside, where your citizenship lies, or where your data comes from, we offer the same high standards of privacy protection to all our customers.
When we talk about “personal information” or “personal data,” we’re talking about a broad range of information. Data protection laws around the world define this concept in different ways, but in general, we mean any information that relates to an identifiable, living individual person. In other words, a person’s phone number is personal information, while a business’s phone number is not.
In addition, some data protection laws and privacy laws in certain jurisdictions differentiate between “controllers” and “processors” of personal information. A controller decides why and how to process personal information. A processor does not make decisions about personal information; it only processes personal information on behalf of a controller based on the controller’s instructions.
With this background, let’s take a high level look at the personal information MailerRocket collects and how we process it.
If you are a customer of ours, MailerRocket processes personal information in different ways when you use our products and services.
MailerRocket processes these categories of personal information differently because the direct relationship we have with you, our customer, is different from the indirect relationship we have with your end users.
When MailerRocket processes your Customer Account Data and your Customer Usage Data, MailerRocket is acting as a controller. We are also a controller for our employees’ personal data. When MailerRocket processes your Customer Content, we are acting as a processor.
If you are a visitor to our website (by which we mean any website that links back to this Privacy Notice in its footer, such as to MailerRocket.com, segment.com, or sendgrid.com), or if you are not a MailerRocket user and you are attending one of our events, like SIGNAL, we collect a minimal amount of data about you (depending on how much you’ve chosen to share with us). This might be as little as an IP address or a cookie, and it might be your contact information. We also consider this Customer Account Data. You can read below about how we process visitors’ Customer Account Data.
If you are an end user of a MailerRocket customer, this Privacy Notice does not apply to the services that our customers provide to their end users. Our customers have their own policies regarding the collection, use, and disclosure of the personal information of their end users. If you are an end user of one of our customers and want to learn about how that customer handles your personal information, we encourage you to read the customer’s privacy policy. Only the customer can assist you with requests for access or deletion.
In short, MailerRocket requires the minimal amount of data necessary to provide services to you, and the amount or type of data we collect depends on the product or service you choose or how you use it. If you choose to share additional information with us so that we can better customize your account and our services, we’ll process that with the same care and respect. We do not sell your personal information and we do not share your information with third parties for those third parties’ own business interests.
We use the information we collect and share it with our service providers primarily to provide the services you’ve requested from us, and as needed for our operational purposes (e.g., to do the things we need to do to function as a business, such as to collect payment). In addition, we may use data about our customers to detect, prevent, or investigate security incidents, fraud, or abuse and misuse of our platform and services.
When you sign up for an account with us, we ask for certain information like your contact details and billing information to facilitate payment and communication. We also collect some information automatically, like your IP address, when you log in to your account or when your software application built on MailerRocket makes requests to our APIs. We use this to understand who is using our services and how, and to detect, prevent and investigate fraud, abuse, or security incidents.
Name and contact information. When you sign up for a MailerRocket account with us, we will ask you to give us your name, email address, and optionally, your company name, and to create a password. You can also name your account (or accounts, if you have more than one). We collect this information so we know who you are — this helps us communicate with you about your account(s), recognize you when you communicate with us through the account portal or otherwise, bill you correctly, and provide other services.
Telephone number. When you first sign up for an account, we may also ask you for a telephone number (where it’s relevant to the service you’re using) so we can communicate a verification code to that telephone number and have you enter the code into our website. This helps us verify that you’re actually a human being. A MailerRocket team member may also contact you at this number to help you with onboarding unless you choose not to be contacted.
When you set up two-factor authentication for your account, we may ask you to enter a telephone number to set up the process. You have the option to use that telephone number as the method for us to communicate verification codes to you to verify that it is you logging into your account. We don’t use this two-factor authentication phone number for purposes other than providing verification codes; however, if you’ve given us your phone number in another context, such as in connection with your MailerRocket account, we may contact you that way.
Payment information. When you upgrade your trial account, we’ll ask you to provide our payment processor with your payment method information like a credit card or your Paypal account and your billing address. Our payment processor, acting on our behalf, gathers this so we can bill you for your use of our products and services. Our payment processor will share your billing address with MailerRocket. We’ll also use your billing address for tax calculation and audit purposes.
Subscriber records. For some products, we may also obtain proof of identity from you that includes a proof of address, name, physical address, or other identification information. We may also need proof of identity and physical service address. We call these “subscriber records.”
We may have to share subscriber records with local government authorities or with the local telecommunications carrier that provides connectivity services. We may also use this physical service address for tax purposes. However, we don’t share subscriber records for purposes other than this, and we treat these records with our highest confidentiality.
SIDs. When you sign up for an account with MailerRocket, we’ll automatically assign you and each of your accounts a unique ID — a SID — and we’ll automatically generate an API token for each of your accounts. These are used like a username and password to make API requests. Instead of using these API tokens, you can provision API Keys and use your API key for authentication when making requests to our APIs. We keep a record of these credentials so we know it is you making the requests when your application makes requests to our API using these credentials.
Device information and IP addresses. When you use our account portal, we collect your IP address and other data through tracking technologies like cookies, web beacons, and similar technologies. We also collect IP addresses when you make requests to our APIs and in our server logs. We use this information to understand how customers are using our platform, who those customers are (if they are a company and the IP address is associated with that company), what country they are logging in from (for analytics and export control purposes), and to help improve the navigation experience. You can learn more about cookies in the section titled “Cookies and Tracking Technologies” below.
When you use our account portal, we also collect information about your device, such as your computer or mobile device operating system type and version number, manufacturer and model, browser type, screen resolution, unique identifiers, and general location information such as city or town. We do not collect precise geographical information.
When you visit our website, sign up for a MailerRocket account or request more information about MailerRocket, we collect information automatically using tracking technologies, like cookies, and through web forms where you type in your information. We collect this information to provide you with what you request through the web form, to learn more about who is interested in our products and services, and to improve navigation experience on our pages. You can learn more about cookies in the section titled “Cookies and Tracking Technologies” below.
In some places on MailerRocket’s public-facing websites, you can fill out web forms to ask to be contacted by our Sales Team, sign up for a newsletter, register for a MailerRocket account, or take a survey. The specific personal information requested on these forms will vary based on the purpose of the form. We will ask you for information necessary for us to provide you with what you request through the form (for example, we will ask you for your email address if you want to sign up for an email newsletter and for your phone number if you want a member of our Sales Team to call you). We may also ask you for additional information to help us understand you better as a customer, such as your MailerRocket use case, your company name, or your role at your company. If you sign up to receive ongoing marketing communications from MailerRocket, like a newsletter, you can always choose to opt out of further communications through a preferences page which will be linked from any marketing email you receive from MailerRocket. You can also contact our Customer Support Team to communicate your choice to opt out.
If you contact our Sales or Customer Support Teams, those teams keep a record of that communication, including your contact details and other information you share during the course of the communication. We store this information to help us keep track of the inquiries we receive from you and from customers generally so we can improve our products and services and provide training to team members. This information also helps our teams manage our ongoing relationships with our customers. Because we store a record of these communications, please be thoughtful about what information you share with our Sales and Customer Support Teams. While we will take appropriate measures to protect any sensitive information you share with us, it is best to avoid sharing any personal or other sensitive information in these communications not necessary for these teams to assist you.
When you visit MailerRocket websites, including our web forms, we and our service providers acting on our behalf automatically collect certain information using tracking technologies like cookies, web beacons, and similar technologies. We use this information to understand how visitors to our websites are using them and which pages and features of the websites are most popular. This helps us understand how we can improve our websites and track performance of our advertisements. In addition, we use tracking technologies to help improve the navigation experience on MailerRocket websites. We don’t sell this information to third parties. For more details on our use of cookies and other tracking technologies, please read the below section titled “Cookies and Tracking Technologies.”
We use your email address to send you information about other MailerRocket products, services or events in which we think you may be interested. You can opt out of receiving marketing communications from us at any time through your marketing preferences page by clicking the “unsubscribe” link at the bottom of any marketing email you receive from MailerRocket. You can also update your communication preferences using our online form or contact our Customer Support Team to communicate your choice to opt out. Please note that it may take up to three days to remove your contact information from our marketing communications lists, so you may receive correspondence from us for a short time after you make your request. You will not be able to opt out of service emails from us, such as password reset emails, billing emails, or notifications of updates to our terms, unless you deactivate your account.
We may also use publicly-available information about you that we have gathered through services like LinkedIn, or we may obtain information about you or your company from third party providers. We use this information to help us understand our customer base better, such as your industry, the size of your company, and your company’s website URL. We also use this information to reach out to potential candidates for roles at MailerRocket.
When you visit a MailerRocket website, we process your information to market our services to you on other websites. To learn more about how we process this information and how to make choices about what is collected, please see the “Cookies and Tracking Technologies” Section below.
MailerRocket will store your Customer Account Data as long as needed to provide you with our services and to operate our business. If you ask MailerRocket to delete specific personal information from your Customer Account Data (see ‘Choices About Your Customer Account Data’ below), we will honor this request unless deleting that information prevents us from carrying out necessary business functions, such as billing for our services, calculating taxes, or conducting required audits.
More specifically, within 60 days following closure of your account, we will either delete other Customer Account Data or transform it such that it can no longer be used to identify you, with the following exceptions, depending on and in accordance with applicable law:
We use Customer Usage Data and Customer Content to provide services to you and to carry out necessary functions of our business as a communications service provider. We do not sell your end users’ personal information and we do not share your end users’ information with third parties for those third parties’ own business interests or cross-context behavioral advertising. The particular end user personal information MailerRocket processes when you, our customer, use our products and services, and the reasons MailerRocket processes end user personal information, depends on how you use our products and services and which MailerRocket products and services you use. For that reason, our API docs for each of our products and services are the best place to find information about our processing of personal information when you use that MailerRocket product and service. In many cases, you can opt to store records of your communications or other activities in your MailerRocket account, and these records may include your end users’ personal information. You may also have the option to use additional features or tools within MailerRocket’s products or services that allow you to do things such as analyze the records, including end user personal information, in your MailerRocket account. In those cases, MailerRocket will process this information to provide you with the service you request.
Details regarding how long your end user personal information may be stored on MailerRocket systems will depend on which MailerRocket products and services you are using and how you are using them.
As a MailerRocket customer, if the MailerRocket product or service you use enables you to store records of your usage on MailerRocket, including personal information contained within those records, and you choose to do so, then MailerRocket will retain these records for as long as you instruct, up until termination of your account. In some cases, use of extended storage may cost more. If you later instruct us to delete those records (please see below for information on how to delete your records), we will do so. Please note that it may take up to 30 days for the data to be completely removed from all systems.
We do not sell your personal information or the personal information of your end users. We also do not allow any personal information to be used by third parties for their own marketing purposes (except in cases where you explicitly request or provide consent for us to do so, such as at a conference when you direct us to share your information with a sponsor) or share personal information for cross-context behavioral advertising. However, we do need to share personal data in order to provide our products and services to you, such as to route a call you send through us or to store data you ask us to store. Below are the different scenarios under which we may share your data with third parties.
Telephony operators as necessary for proper routing and connectivity.MailerRocket provides an easier way for developers to build applications that make use of the publicly switched telephone network (PSTN) to send communications. Therefore, communications-related data is shared with and received from telephony operators as necessary to route and connect those communications from the sender to the intended recipient. How those telephony operators handle this data is generally determined by those operators’ own policies and local regulations.
Other communications service providers for proper routing and connectivity.MailerRocket also enables sending or receiving communications through communications service providers that do not use the PSTN, such as Viber and Facebook Messenger (referred to as Over-the-Top (OTT) communications service providers). If you choose to use MailerRocket to send or receive communications by way of these providers, MailerRocket will share communications data with these providers as necessary to route and connect those communications from the sender to the intended recipient. How those OTT communications service providers handle this data is determined by their own policies.
Third-party service providers or consultants.MailerRocket engages certain third-party vendors and service providers to carry out certain data processing functions on our behalf. These providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances they will appropriately safeguard the data.
Sub-processors.A sub-processor is a vendor that is permitted to process data for which we are a processor — in other words, Customer Content. We share Customer Content with sub-processors who assist in providing the MailerRocket services, like our infrastructure provider.
Add-on Partners.Add-ons are additional features, functionality or services offered by MailerRocket’s Add-on partners (who are third parties not affiliated with MailerRocket). MailerRocket may make Add-ons available through the MailerRocket Marketplace. Some Add-ons may need to access or collect some of your information, including personal information. If you choose to use an Add-on, MailerRocket will share your information with the Add-on partner so you can use the Add-on. MailerRocket does not control Add-on partners’ use of your information and their use of your information will be in accordance with their own policies. If you do not want your information to be shared with an Add-on partner, then you should not use the Add-on.
Compliance with Legal Obligations.We may disclose your or your end users’ personal information to a third party if (i) we reasonably believe that disclosure is compelled by applicable law, regulation, legal process, or a government request (including to meet national security, emergency services, or law enforcement requirements), (ii) to enforce our agreements and policies, (iii) to protect the security or integrity of our services and products, (iv) to protect ourselves, our other customers, or the public from harm or illegal activities, or (v) to respond to an emergency which we believe in good faith requires us to disclose data to assist in preventing a death or serious bodily injury.
If MailerRocket is required by law to disclose any personal information of you or your end user, we will notify you of the disclosure requirement, unless we are prohibited by law. Further, we object to requests we do not believe were issued properly.
Business transfers.If we go through a corporate sale, merger, reorganization, dissolution or similar event, data we gather from you may be part of the assets transferred or shared in connection with the due diligence for any such transaction. In that situation, and that situation only, we might transfer your data in a way that constitutes a sale under applicable law. If we do, we’ll let you know ahead of time, and we will require any acquirer or successor of MailerRocket to continue to process data consistent with this Privacy Notice.
Aggregated or de-identified data.We might also share data about our customers with third parties if the data has been de-identified or aggregated in a way so it cannot be used to identify you or your end users.
Accessing and Controlling Account Data. As part of the services we provide to our customers, we provide you with a number of self-service features at no additional cost within the MailerRocket console itself, including the ability to access your data, update any incorrect data, download a copy of your data, delete your data, or restrict the use of your data. You can make various choices about your Customer Account Data through the account portal when you log into your MailerRocket account. Any other requests about your data you cannot make through these self-service tools, you can request by emailing support@MailerRocket.com or contacting Customer Support.
Closing Your Account and Deletion. To request closure or deletion of your MailerRocket account, you can email us at support@MailerRocket.com or contact Customer Support. Please be aware that closure or deletion of your MailerRocket account will result in you permanently losing access to your account and the data in the account. After closure of your account, certain information associated with your account may remain on MailerRocket’s servers in an aggregated form that does not identify you or your end users. Similarly, after you close your account, we will retain data — including personal information — associated with your account that we are required to maintain for legal purposes or for necessary business operations (see “How Long We Store Your Customer Account Data” section above) until it’s no longer needed.
Our Support portal provides documentation regarding how to delete the data you control and how long we retain it.
Other Choices About Your Customer Account Data. In addition, you can express other choices about your Customer Account Data (e.g., accessing it, deleting it, restricting its use, porting it, or withdrawing consent for its use) by contacting Customer Support.
In some cases, we may retain a copy of your usage records, including the personal information contained in them, to carry out necessary functions like billing, invoice reconciliation, troubleshooting, along with detecting, preventing, and investigating spam, fraudulent activity, and network exploits and abuse. Sometimes legal matters arise that also require us to preserve records, including those containing personal information. These matters include litigation, law enforcement requests, or government investigations. If we have to do this, we will delete the impacted records when we are no longer legally obligated to retain them. We may, however, retain or use records after they have been anonymized, if the law allows.
MailerRocket uses common information-gathering tools such as cookies, web beacons, pixels and other similar tracking technologies to automatically collect information as you navigate our websites, your account or when you interact with emails we sent to you.
A cookie is a piece of data contained in a very small text file that is stored in your browser or elsewhere on your hard drive. Cookies allow MailerRocket to identify your device as you navigate our websites or your account. This makes navigating and interacting with our websites or your account more efficient, easy and meaningful for you. By themselves, cookies do not identify you specifically. Rather, they recognize your web browser. So, unless you identify yourself specifically to MailerRocket, like signing into your account, we don’t know who you are just because you visited our website. MailerRocket uses both session and persistent cookies. Session cookies are cookies that disappear from your computer or browser when you turn off your computer. Persistent cookies stay on your computer even after you’ve turned it off. Additionally, the cookies on our websites fall into three categories: (1) Required Cookies, (2) Functional Cookies, and (3) Advertising Cookies. To learn more about each category of cookie, you can visit our cookie consent tool by clicking on the “Cookie Preferences” link on the bottom right of the MailerRocket website you are visiting.
Using Your Browser. For more information on how to do that, click here. To manage privacy and storage settings for flash cookies, click here.
Do Not Track. Some browsers allow a “do not track” (DNT) setting that requests that a web application disable its tracking of an individual user. When you choose to turn on the DNT setting in your browser, your browser will send a special signal to websites, analytics companies, ad networks, plug-in providers, and other web services you encounter while browsing and stop tracking your activity.
MailerRocket also uses web beacons to gather data about your use of our websites, your account, and how you interact with emails we have sent to you. Web beacons are clear electronic images that can recognize certain types of data on your computer, like when you view a particular website tied to the web beacon, and a description of a website tied to the web beacon. Additionally, we may put web beacons in marketing emails that notify us when you click on a link in the email that directs you to a MailerRocket website. We use web beacons to operate and improve our websites and email communications to you.
Information from Children. We do not knowingly permit children (under the age of 18 in India) to sign up for a MailerRocket account. If we discover someone who is underage has signed up for a MailerRocket account, we will take reasonable steps to promptly remove that person’s personal information from our records. If you believe a person who is underage has signed up for a MailerRocket account, please contact us at support@MailerRocket.com.
Our security measures. We use appropriate security measures to protect the security of your personal information both online and offline. These measures vary based on the sensitivity of the personal information we collect, process and store and the current state of technology. We also take measures to ensure service providers that process personal data on our behalf also have appropriate security controls in place. When we transfer data across borders, we also take supplementary measures to ensure that data is protected. Please note that no service is completely secure. While we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.
Security measures you can take. To protect the confidentiality of your account and protect against unauthorized use of your account, we recommend enabling two-factor authentication for your account. Additionally, you must keep your account password and Auth Token confidential and not disclose them publicly or to unauthorized individuals — this includes accidentally distributing them in a binary or checking them into source control. Please let us know right away if you think your password or Auth Token was compromised or misused. Similarly, if you provision an API Key, you should keep your secret, well... secret. You should store your API Key, Account SID, and secret in a secure location.
We may collect and use Customer Account Data or Customer Usage Data to detect, prevent, or investigate security incidents, fraud, or abuse and misuse of our platform and services. In addition, we also use records containing end user personal information to debug, troubleshoot, or investigate security incidents; to detect and prevent spam or fraudulent activity; and to detect and prevent network exploits and abuse. Specifically, we monitor text message content to detect spam, fraudulent activity, and violations of our Terms Of Service Policy. We may anonymize personal information and use it for our legitimate business needs, and, where allowed by law, this may include records containing end user personal information.
MailerRocket may use automated decision making leveraging a variety of signals derived from records we collect to help monitor, identify, and suspend accounts sending spam or engaging in other abusive or fraudulent activity. Holders of accounts suspended under these circumstances are notified of the suspension and given an opportunity to request human review of the suspension decision.
We may change this Privacy Notice from time to time, and if we do, the most current version will be available at https://app.mailerrocket.com/page/privacy-policy with the date indicating when it was last updated. These changes might be minor, such as updating an address or fixing a typo, or they might be material, such as making a change that affects your rights. If we make changes that affect your rights, we will provide advance notice to you, such as by posting a message in the MailerRocket console, or we’ll send an email via the address we have on file for you. We will comply with applicable law with respect to any changes we make to this notice and seek your consent to any material changes if this is required by applicable law.