Acceptable Use Policy

PLEASE READ THIS ACCEPTABLE USE POLICY (THE “AUP”) CAREFULLY BEFORE USING ANY SERVICES AVAILABLE AT CAMPAIGNMONITOR.COM (THE “SITE”). IF YOU DO NOT ACCEPT THIS AUP, DO NOT USE THE SERVICES. YOU MAY NOT USE THE SERVICES IF YOU ARE OUR COMPETITOR.

This AUP (as modified from time to time by Campaign Monitor in its sole discretion) is a legal agreement between You (“Customer”, “You”, “Your”) and Campaign Monitor Pty Ltd (“Campaign Monitor”, “Company”) and defines the terms and conditions under which You are allowed to use the Services (as defined below). This AUP forms a part of the Agreement and takes effect as soon as You begin using the Services.

By using the Services, You agree that the provision and receipt of Services are expressly conditioned on the acceptance of the terms in this AUP. If You enter into this AUP or use the Services on behalf of an entity, You represent and warrant that You have the authority to accept this AUP on the entity's behalf.

In order to use the Services, You must:

  • be at least 18 years old;
  • complete the registration process;
  • agree to this AUP; and
  • provide true, complete, and up to date contact information to Company.

By using the Services, You represent and warrant that You meet all the requirements listed above. Company may refuse to provide You with the Services, suspend or close Your account, and change eligibility requirements at any time in accordance with the terms of this Agreement.

SECTION 1. DEFINITIONS.  In addition to terms defined elsewhere in this AUP, the definitions below will apply to capitalized words in this AUP. Capitalized words in this AUP that are not otherwise defined herein shall have the meaning ascribed in the Agreement.

A. “Agreement” means, as applicable, either the: 1) Terms of Use Agreement located at campaignmonitor.com/policies/#terms-of-use, as updated from time to time; or 2) a superseding written agreement for use of the Services executed by and between Company and Customer.

B. “Cookie Notice” means the Company’s Cookie Notice located at campaignmonitor.com/policies/#cookie-policy, as updated from time to time.

C. “Documentation” means the information provided by Company describing operation and use of the Service(s), by any means of delivery, whether at Customer’s request or otherwise, along with any other information provided to Company’s clients generally, and all such items as updated from time to time.

D. “Malicious Code” means harmful or malicious code, files, scripts, agents, programs, or the like designed or intended to have, or capable of performing or facilitating, any of the following functions: disrupting, disabling, harming, corrupting, or otherwise impeding in any manner the operation of, or providing unauthorized access to, a computer system, database, or network (or other device on which such code is stored or installed), including but not limited to viruses, worms, time bombs, and Trojan horses.

SECTION 2. CUSTOMER AND USER OBLIGATIONS.

A. Customer agrees to, and where applicable, shall ensure that Users agree to:

i. keep contact information for Customer’s Account updated and promptly respond to queries from Company;

ii. use commercially reasonable efforts to prevent unauthorized access to or use of the Services, and notify Company promptly of any such unauthorized access or use;

iii. be responsible for ensuring that User’s computer systems, technology, or other similar items used in connection with the Services do not interfere with or disrupt the integrity or performance of the Services; and

iv. use the Services in compliance with Laws, the Agreement, and this AUP, as well as the Anti-Spam Policy available at cmgroup.com/anti-spam-policy/.

B. Privacy, Cookies & Tracking Technologies. Customer understands and acknowledges that the Privacy Notice explains how Company handles data processed by and through the Services. Customer agrees to adopt, maintain, and post its own privacy notice or policy that: 1) takes into account the data processing activities described in the Privacy Notice; and 2) complies with all requirements imposed by Laws (particularly as such notice relates to notice, consent, and disclosure in connection with the collection, sharing, and use of any information about a Contact). In addition, Customer acknowledges that the Services employ the use of cookies and similar tracking technologies (“Cookies”), as further described in Company’s Cookie Notice. Accordingly, Customer represents and warrants that it has taken all necessary and appropriate steps to comply with Laws, including, if applicable, by ensuring that each Contact is provided with clear and comprehensive information about, and consents to, the storing and accessing of cookies and/or other information on the Contact’s device where such activity occurs in connection with the provision of the Services. Customer shall promptly notify Company if it is unable to comply with the above obligations.

C. Security Requirements. Customer represents and warrants that while using the Services, Customer will:

i. use commercially reasonable security measures to protect any Customer Data transmitted to the Services, including, but not limited to, encrypting any Customer Data transmitted to the Services; and

ii. cooperate with Company’s reasonable investigations of service outages, security problems, and/or any suspected breach of the Services, any Ordering Documents, and/or this Agreement or any of its incorporated documents.

D. Customer Cooperation. Customer represents and warrants that while using the Services, Customer will immediately act upon Company’s reasonable requests to remove and/or adapt Customer Data and/or Customer’s use of the Services (e.g. to avoid hindrance of Services’ performance to other customers). Customer shall, upon request, or as needed throughout the term: 1) respond to any third-party complaints (including, but not limited to, the complaints of any Contacts or providers of any Third Party Services), 2) promptly provide any applicable information documenting the relationship or consent of the involved parties, and 3) otherwise reasonably cooperate in mitigating the impact of any such complaint.

SECTION 3. ACCESS LIMITS. The Services may be accessed by no more than the specified number of Users set forth in Customer’s Ordering Document (unless such Ordering Document specifies unlimited Users). User licenses cannot be shared or used by more than one User; provided, however, User licenses may be reassigned to replace former Users who no longer access the Services. Customer shall not use the Services: (a) in excess of the limitations set forth in the Documentation; and/or (b) in a manner adversely affecting the Services’ usability for Company and/or its Affiliates, including for Company and/or its Affiliates other clients.  

SECTION 4. RESTRICTIONS ON USE.

A. Except where the following restrictions are prohibited by Law, Customer shall not, and shall not permit any Users or third parties to, directly or indirectly:

i.  inaccurately represent its organization or impersonate any other person, whether actual or fictitious;

ii.  access or use the Services except as permitted in the Agreement and this AUP

iii.  host images or content on Company servers or through the Services for any purpose other than for the purpose of using the Services as permitted in the Agreement and this AUP;

iv.  use the Services to store or transmit Malicious Code;

v.  interfere with or disrupt the integrity or performance of the Services or third party data contained therein;

vi.  use the Services in any other manner that puts an excessive burden on the bandwidth of the Services; 

vii.  attempt to gain unauthorized access to the Services or their related systems or networks by any means or methods, nor access the Services outside the scope of the Services as ordered via the applicable Order Form 

viii.  attempt to probe, scan, or test the vulnerability of the Services or perform any penetration testing against or on the Services;  

ix.  use the Services to encourage or facilitate any illegal activities; or violate any Laws, including but not limited to those related to e-commerce, infringement, defamation or privacy; or

x.  use the Services to compete with the Services or Company in any manner.

B. Intellectual Property Restrictions. Customer shall not (and shall not permit any third party to):

i.  except as expressly permitted in writing by Company, sell, resell, rent, or lease the Services or any part of the Services;

ii.  remove or alter trademark, logo, copyright, or other proprietary notices or labels from the Services; 

iii.  copy, frame or mirror any part or content of the Services, other than in connection with Customer’s permitted use of the Services for Customer’s own internal business purposes, 

iv.  create derivative works based on the Services;

v.  reverse engineer, reverse assemble, decompile, or attempt to discover or extract the source code, object code, underlying structure, or algorithms, found at or through the Services or any software, documentation, or data related to the Services; or  

vi.  access the Services for the purposes of (a) building a competitive product or service; (b) copying or reproducing any features, functions or graphics of the Services; (c) monitoring the availability, performance or functionality of the Services; or (d) benchmarking or conducting any activities that are competitive with the Services or Company. No rights are granted to Customer other than as expressly set forth in the Agreement.

C. Customer Content. Customer acknowledges and agrees that Customer is responsible for the nature and content of all of the Customer Content, including but not limited to, the accuracy, quality, integrity and legality of the Customer Content and the means by which Customer and its Users acquire Customer Content. Except where the following restrictions are prohibited by Law, Customer shall not, and shall not permit any Users or third parties to, directly or indirectly, use the Services to process, store, transmit, link to, display, or solicit content:

i.  about or relating to:  (a) individuals under 18 years of age; and/or (b) pornography, nudity, adult novelty items, or escort services; financial information, stock trading, FOREX, mortgages or other loans, insurance, debt collection, credit repair, offers to make money online or work from home businesses, payday lender related content, the production, sale, exchange, storage, or marketing of cryptocurrencies, initial coin offerings, or penny stocks; gambling related content (including, but not limited to, poker, casino games, horse and dog racing, and betting on college and pro sporting events); horoscopes, dating services, daily deals, coupons, paid surveys, lead generation services, affiliate or multi-level marketing, or Ponzi schemes; DJ/nightclub or event/club promotions/party lists; the selling of personal data of any kind, list brokers or list rental services; recruitment or job-seeking services; firearms, bombs, grenades, or other weapons; pharmaceuticals, drugs (illegal or otherwise), diet advice, nutritional advice, or supplements; illegal goods or software (including but not limited to pirated computer programs or viruses); violence against any governments, organizations, groups, or individuals or which provides instruction, information or assistance in causing or carrying out such violence; or any other content that Company deems inappropriate in Company’s sole discretion;

ii.  except as approved by Company in writing, about or relating to: loans, insurance, horoscopes, dating services, daily deals, coupons, paid surveys, recruitment or job-seeking services, or tobacco and/or related products;

iii.  that is defamatory, libelous, offensive (including hate speech, blatant expressions of bigotry, prejudice, racism, hatred, or excessive profanity), obscene, lewd, lascivious, filthy, threatening, excessively violent, harassing, false, misleading, fraudulent, or otherwise objectionable (as determined by Company in Company’s sole discretion); 

iv.  that materially violates the: (1) industry standards, policies and applicable guidelines published by generally recognized industry associations; or (2) carrier guidelines and usage requirements; and/or

v.  that violates or infringes: 1) Company’s reasonable recommendations and/or instructions; 2) any applicable Laws; and/or 3) the rights of a third party (including a third party’s privacy and/or intellectual property rights) or such third party’s applicable terms of use.

D. Sensitive PII. Customer understands and acknowledges that the Services are not configured to process, receive, and/or store Sensitive PII. “Sensitive PII” is defined as: 1) protected health information (“PHI”), as that term is defined under the Health Insurance Portability and Accountability Act (“HIPAA”); 2) "nonpublic personal information" (‘NPI”) as defined under the Gramm-Leach-Bliley Financial Modernization Act of 1999 (“GLBA”); 3) data on any minor under the age of thirteen, including any such information that would be subject to the Children Online Privacy Protection Act (“COPPA”); 4) card holder data under the Payment Card Industry Data Security Standard; 5) personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation (the “special categories of personal data” identified in Article 9 of GDPR); or 6) social security numbers, driver’s license or state identification number or other government related identifier, financial account numbers (i.e., credit card, checking account, savings account, etc.), medical, employment, criminal records, or insurance numbers, passport numbers, or other highly sensitive personally identifiable information. As such, Customer agrees not to, and not to permit Users to transmit, request, provide Company with access to, submit, store, or include any Sensitive PII through the Services. Customer agrees that Company may terminate this Agreement immediately, without refund, if Customer is found to be in violation of this clause.

SECTION 5. COMPANY’S RIGHTS.

A. Monitoring. Company reserves the right to inspect and monitor Customer’s Account and Customer Content at any time, without notice, to ensure compliance with the terms of this AUP and the Agreement.  In connection with the foregoing, Customer agrees to promptly provide records and/or other information requested by Company. Company reserves the right to limit Customer’s access to Customer’s Account at any time if Company believes, in its sole discretion, that Customer or its Users have violated or may violate any terms set forth in this AUP or the Agreement.

B. Disclosure. Company shall have the right to disclose communications between (i) Customer and (ii) its email recipients and other users of its services to the extent required by Law, including, without limitation as required by legal process or court order.

C. Right to Remove, Suspend, Terminate. Company may, in its sole discretion, remove any Customer Content, suspend, or terminate Customer’s use of the Services for any actual or alleged breach of this AUP or the Agreement at any time. For clarity, removal, suspension, or termination pursuant to this clause will not terminate Customer’s obligation to pay any fees owed to Company.

SECTION 6. SMS TERMS

A. Applicable Definitions

i.  “Carrier Requirements” means the terms and conditions set by wireless carriers and other parties (including, without limitation, Subcontractors) that provide SMS services.

ii.  “SMS Services” mean, providing Services as follows: designation of short codes or long codes for use with Customer’s messaging campaigns; the collection of SMS messages from Customer as agreed to by the parties; the transmission of such SMS messages to Mobile Subscribers (as defined below) who either (1) opt-in electronically to SMS Services through Customer; or (2) are identified by Customer as individuals who have opted in to SMS Services through Customer.

B. Consent. Customer shall use SMS Services only to send SMS messages to mobile subscribers (“Mobile Subscribers”) that have consented, in accordance with Law and has Permission as defined in Company’s Anti-Spam Policy, to receive such messages and that have not opted out from receipt of such messages.  Customer agrees that it will provide verification of consent by any mobile Subscriber or other party receiving SMS messages via the SMS Services to Company upon Company’s request.  If Customer fails to provide verification of consent, Company reserves the right to suspend the SMS Services until Customer provides such verification. If Customer fails to provide verification within thirty days of suspension, Company reserves the right to terminate Customer’s access to the SMS Services without refund.

C. Restriction on use of SMS Services. Customer agrees that it may not, and may not encourage or allow any Users to, use the SMS Services in the following prohibited ways:

i.  Unless otherwise agreed by Company in writing, Customer shall not to transfer, resell, lease, license or otherwise make Services available to third parties or offer them on a standalone basis;

ii.  If Customer has purchased or is otherwise using a short code, then Customer will not change its use of that short code from the use stated in Customer’s application to the carrier for approval of the short code without first obtaining an amendment to Customer’s application or re-applying to the carrier for approval of the short code under the new use;

iii.  Use the SMS Services to access or allow access to Emergency Services;

iv.  Use the SMS Services in any manner that materially violates the: (a) industry standards, policies and applicable guidelines published by (i) the CTIA (Cellular Telecommunications Industry Association), (ii) the Mobile Marketing Association, or (iii) any other generally recognized industry associations; (b) carrier guidelines and usage requirements;

vi.  Use the SMS Services in connection with unsolicited or harassing messages (commercial or otherwise), including unsolicited or unwanted phone calls, SMS or text messages, voice mail, or faxes;

vii.  Use the SMS Services to harvest or otherwise collect information about individuals, including email addresses or phone numbers, without their explicit consent or under false pretenses; and/or

viii.  Use the SMS Services in a way to evade unwanted message detection and prevention mechanisms (including, without limitation, spreading similar or identical messages across many phone numbers).

D. Customer Content. Customer shall be solely responsible for any content submitted to Company and/or transmitted through the SMS Services and delivered to Mobile Subscribers and will ensure that such Customer Content: 1) is appropriate for the Mobile Subscriber; 2) does not otherwise violate any applicable Laws; 3) is not subject to any cause of action for defamation or invasion of privacy; and 4) is in compliance with this AUP, and the Agreement. Customer shall obtain and maintain all Intellectual Property Rights necessary to transmit any Customer Content to its Mobile Subscribers.  Company assumes no liability for any Customer Content or any SMS messages transmitted by Customer in violation of applicable Law.

E. Phone Numbers and Short Codes. 

i.  Porting Phone Number(s). Company, in its sole discretion, may approve or reject any request from Customer to either port in or port out a phone number for use in connection with the SMS Services.  Customer agrees to fully cooperate with Company in making a request to port a phone number in or out of the Services, including completing any necessary forms. Customer agrees to pay any fees and/or costs associated with porting a phone number in or out of the Services.

ii.  Short Codes.  Company, in its sole discretion, may approve or reject any request from Customer to use a short code in connection with the Services. If Customer is using a short code in connection with the SMS Services, Customer agrees will not change its short code use case approved by the applicable telecommunications provider and Company without Company’s prior written approval.  Customer agrees to pay any fees or costs associated with applying for, or using, a short code in connection with the Services.

iii.  Withdrawal of Phone Numbers.  Company may change the phone number(s) or short code(s) associated with Customer’s account at any time.

F. Identification and Opt Outs.

i.  Identification. Each message must identify the Customer (the person who obtained the consent) except in follow-up messages of an on-going conversation.

ii.  Opt Outs.  In addition to any obligations pursuant to Laws, the initial message that you send to a mobile Subscriber must include opt out instructions as approved by Company (e.g., “Reply STOP to unsubscribe”)

G. Compliance

i.  Carrier Requirements.  Customer acknowledges that transmission of SMS messages is subject to Carrier Requirements and that the Carrier Requirements are subject to change. Customer agrees to comply with any Carrier Requirements. Customer acknowledges and agrees that each carrier reserves the right to suspend SMS Services for any Customer and/or User at any time.

ii.  Compliance with Laws. SMS Services are subject to various legal compliance requirements depending on the nature of Customer’s text messaging campaign, the location from where Customer is sending text messages, and the location of SMS recipients. Customer agrees to comply with all applicable Laws and industry standards related to its use of the SMS Services, including without limitation, Laws and standards which require specific information be included wherever the short code or long code is advertised, or where individuals are invited to sign up for short code or long code messages. Customer should consult with its legal counsel to ensure that its text messaging campaign conforms to all applicable legal compliance requirements.

iii.  Disclosure. In addition to any obligations under this AUP and the Agreement, Customer warrants that it will comply with all applicable privacy requirements concerning communications using the SMS Service between (i) Customer and (ii) its Mobile Subscribers and other users of its services, including without limitation Customer’s privacy policy, to the extent such policy places greater limitations on use of Mobile Subscribers’ data than applicable Law.

 

September 20, 2022

Privacy Notice

LAST UPDATED: July 10, 2018

OVERVIEW

Createsend.com Email Newsletter Software (a registered business name of Campaign Monitor Pty Ltd.) and its affiliates (collectively, "Campaign Monitor", "we" or "us") respect your privacy. This privacy notice ("Notice") explains who we are, how we collect, use and share information that identifies you (directly or indirectly) (“Personal Information”), and how you can exercise your privacy rights.

This Notice covers the Personal Information we collect: (1) about Users of Campaign Monitor’s Services (see Section 2); (ii) about our User's Subscribers (generally recipients of emails sent through the Campaign Monitor Services) (see Section 3); and (ii) through our Websites and in connection with our events, recruitment, sales and marketing activities (see Section 4).

If you are resident in the EEA, please review the section headed "Your Data Protection Rights" for further information about the privacy rights available to you.

We recommend that you read this entire Notice to ensure you are fully informed.

However, to make it easier for you to review those parts of this Notice which apply to you, we have divided up the document into the following sections:

1. THE BASICS

a. About Us.

Campaign Monitor is a company headquartered in New South Wales, Australia. We provide email marketing software products and services that allow our Customers and their Users to build and send out marketing emails to their Subscribers. Through our application, our Customers can also store information about and track the engagement of their Subscribers.  You can find out more about us and our products here.

b. Key Terms.

In this Notice, the terms below have the meanings defined below:

i. "Customer" means the entity we have contracted with to provide the Services, which if you are an User, generally refers to the entity of which you are an employee, contractor, member or other participant.

ii. "Subscribers" means any individual: 1) whose information is stored or collected by our Users on or via the Services; and/or 2) to whom Users send emails to or otherwise engage or communicate with via the Services.

iii. "Services" means the Campaign Monitor email marketing software, products, applications, tools, and/or related services.

iv. "User" means any individual who has registered to use and access the Services under the Customer account and who directly builds, sends, collaborates on and/or reviews emails or forms through the Services.

v. "Website" means any website we own and operate (such as www.campaignmonitor.com and any sub-domains).

2. CAMPAIGN MONITOR USERS

This section applies to Personal Information we collect and process when you engage with us as a User of the Service. If you are not yet a User, Section 4 (applicable to visitors to our Websites) may be more applicable to you and your data.  In this Section, "you" or "your' refer to Users.

a. Information We Process.

i. Information You Provide To Us. You may provide Personal Information to us through the Services – for example, when you sign up for a Campaign Monitor account to access the Services, consult with our customer success or support teams, send us an email or communicate with us in any other way. We will usually let you know prior to collection whether the provision of Personal Information we are collecting is compulsory or may be provided on a voluntary basis and the consequences, if any, of not providing the information. The information you provide to us, may include:

1. Registration Information. You need a Campaign Monitor account to use the Services as a User. When you register for an account, we ask you to provide contact information such your name, email address, telephone number, job title, and organization name.

2. Billing Information. If you purchase our Services, you may also need to provide us with payment and billing information such as your credit card details and billing address. We will also maintain a record of your purchases, transactional information, your Services history and usage, and any communications and responses.

ii. Information Collected Automatically. When you use the Services, we automatically collect certain information about your device and use of the Services. We may use cookies and other tracking technologies to collect some of this information. Our use of cookies and other tracking technologies is discussed more below, in more detail below and in our Cookie Notice.

1. Device Information. We collect information from your device and applications you use to access our Services,  such as your IP address, device attributes (for example: hardware model, operating system, web browser version, as well as unique device identifiers and characteristics), connection information (for example, name of your mobile operator or Internet Service Provider, browser type, language and time zone, and mobile phone number); and device locations (for example, internet protocol (IP) addresses and Wi-Fi information).

2. Log data. Our web servers keep log files that record data each time a device accesses those servers and those log files contain data about the nature of each access, including originating IP addresses. We may also access metadata and other information associated with files that you upload into our Services, such as images.

3. Information relating to your use of the Services. We collect usage data about whenever you interact with our Services,  which may include the dates and times you access the Services, page views, which activities and features are used of our Services, crash logs, storage configuration settings, and technical data relating to the device(s) you are using to access and use the Services and the performance of the Services in doing so.

iii. Information We Obtain From Third Party Sources. We may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us to update, expand and analyze our records and provide Services that may be of interest to you. This Personal Information may include (for example), information such as your name, employer, job title, email address, phone numbers, and other company, contact, and/or employment information.

b. Why We Process Your Information.

We process your Personal Information for our legitimate interests, which include:

i. To Provide the Services. We process your Personal Information to provide the Services as follows: i) to identify who you are, including both for identification and authentication purposes; ii) to enable you to login and access your account; iii) to respond to your inquiries; iv) to provide you with customer support; v) to send you information as part of the Services; and vi) to provide you with information about your account, including renewals and changes in Services or your account status.

ii. To Market To You. To contact you  with marketing and promotional information (in accordance with your marketing preferences) about products and services that we or our Affiliates offer, to provide advertising to you on third party sites (based on your browsing activities on the Website), and to send you information regarding us, our Affiliates, and/or our partners (see the section headed "Your Data Protection Rights" for information about how you can opt-out of receiving marketing communications from us at any time). Marketing data purchased from third parties may be combined with information we already have about you and may be used to create more tailored advertising and products.

iii. To Customize Services to You. To help us deliver a better and more personalized experience (for example, it enables us to tailor our Services according to your interests); and to build a profile about you so as to help direct you to other relevant features and Services we offer and help you in using our Services, by making recommendations for you to optimize use of our Services.

iv. To Improve Our Services. To create new Services, features, content or make recommendations; improve our Services for you and all Users; and to fix bugs and troubleshoot product functionality.

v. For Business Analytics. To infer your geographic location based on your IP address; to track behavior at the aggregate/anonymous level to identify and understand trends in the various interactions with our Services; and to conduct internal business analysis based on meta-data about usage, feature adoption and forecasting.

vi. To Prevent Abuse/Illegal Activities. To screen for and prevent undesirable or abusive activity. For example, we have automated systems that screen content for phishing activities, spam, and fraud.

vii. For Legal Records. To identify who you are, including both identification and authentication purposes; to carry out our obligations and enforce our rights arising from any contracts entered into between you and us (including for billing and collection); and to respond to legal requests or prevent fraud. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

c. How We Share Your Information.

In the following limited situations, we may disclose information that we collect or that you provide to us:

i. to our contractors, service providers and other third parties who provide data processing services to us and with whom the sharing of your Personal Information is necessary to undertake the work e.g. to process billing, to analyze data, host data, to provide customer support and to deliver online and offline marketing communications about us and/or our Affiliates that we think will interest you.

ii. as required by law, such as to comply with any court order, subpoena or other law or legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a governmental or regulatory request.

iii. to enforce our rights arising from any contracts entered into between you and us and for billing and collection.

iv. to Affiliates of our corporate group for customer support, marketing, technical operations, and account management purposes.

v. to a buyer or other successor in the event of a merger, sale or transfer of some or all of Campaign Monitor's assets.

d. Cookies And Tracking Technologies.

We (and our partners and vendors) use various tracking technologies (such as cookies and similar technologies like pixels and web beacons) to collect and store information when you use the Services.  For example, cookies allow us to collect information such as your IP address, browser, email client type and other similar details. We use this information to measure the performance of our application and to provide analytics information and enhance the effectiveness of our Services. We use page tags (also known as web beacons) in the emails we send to our Users. This means when you receive and engage with marketing messages we send to you, web beacons track certain behavior such as whether the email sent to you was delivered and opened. Links within these emails are tracked to show individual recipient’s clicks. For more information, read about our cookies and other tracking technologies in more detail in our Cookie Notice.

e. Children.

i. Our Services are not intended for and may not be used by minors. "Minors" are individuals under the age of 13 (of under a higher age if permitted by the laws of their residence).  We do not knowingly collect Personal Information from Minors or allow them to register. If it comes to our attention that we have collected personal data from a Minor, we may delete this information without notice. If you have reason to believe that this has occurred, please contact customer support.

ii. Customers and their Users are responsible for ensuring that their emails and data collection practices comply fully with applicable children's data privacy protection legislation, such as the United States' Children’s Online Privacy Protection Act (“COPPA”), including where relevant by obtaining parental consent prior to the collection of Personal Information. We rely upon our Customers to disclose whether or not their use is subject to COPPA.

f. Legal Basis For Processing Personal Information (EEA Residents Only).

i. If you are a User resident in the EEA, then our legal basis for collecting and using Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.  However, where we are processing your Personal Information for our own purposes we normally rely on our legitimate interest to collect Personal Information from you, except where such interests are overridden by your data protection interests or fundamental rights and freedoms. Where we rely on our legitimate interests to process your Personal Information, they include the interests described in the sections above headed "Why We Process Your Information".

ii. In some cases, we may rely on your consent or have a legal obligation to collect Personal Information from you or may otherwise need the Personal Information to protect your vital interests or those of another person. If we rely on consent to collect and/or process your Personal Information, we will obtain such consent in compliance with applicable laws.

iii. If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us using the contact details provided under the “Contact Us” heading below.

g. Data Retention.

i. We retain Personal Information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a Service you have requested or to comply with applicable legal, tax or accounting requirements).

ii. When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymise Personal Information. If this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

iii. We will retain information we process on behalf of our Customers as a data processor for as long as needed to provide Services to our Customers (unless deletion is requested at an earlier time by the Customer) and as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.

3. CAMPAIGN MONITOR USERS’ SUBSCRIBERS (GENERALLY EMAIL RECIPIENTS)

This section applies to Personal Information we collect and process about our User's Subscribers as a data controller when providing the Services. In this Section "you" or "your" refers to a Subscriber.

IMPORTANT NOTE:  Our Services are intended for use by our Customers. Their Users control the content of any Personal Information uploaded to the Services, the content of emails sent, forms built, and information provided at the point of data collection. Therefore, most of the time we collect and process Personal Information about our Customers’ Subscribers (like you), as a processor on behalf of our Customers (the controller). Campaign Monitor is not responsible for the privacy or security practices of our Customers, which may differ from those described in this Notice. We require our Customers to comply with all applicable laws and regulations and to provide Subscribers with notice of the collection of data as outlined in this Notice. To understand how Customers and their Users will use your Personal Information, you will need to directly contact the User who sent you the email or whose online form you filled out.

a. Information We Process.

i. Information We Receive About Subscribers from Users.   A User may provide Personal Information about you to us through the Services in connection with their use of the Services– for example, when a User imports and/or collects email addresses and other Personal Information about their Subscribers.

ii. Information Collected Automatically. When you interact with the Services (for example receive or open an email sent through the Services), we automatically collect certain information about your device and interaction with any content provided to you through the Services. We may use cookies and other tracking technologies to collect some of this information. Our use of cookies and other tracking technologies is discussed in more detail below in more detail below and in here. The information we automatically collect through the Services may include:

1. Device Information. We collect information from your device and applications you use to view emails sent via our Services,  such as your IP address, device attributes (for example: hardware model, operating system, web browser version, as well as unique device identifiers and characteristics), connection information (for example, name of your mobile operator or Internet Service Provider, browser type, language and time zone, and mobile phone number); and device locations (for example, internet protocol (IP) addresses and Wi-Fi information).

2. Email Engagement Data. Emails sent by or on behalf of our Users through the Services include page tags (also known as web beacons) that allow the sender to collect information about who opened those emails. Additionally, your engagement with any links in emails sent using the Services (for example, when you click a link) is reported to the User. Our use of cookies and other tracking technologies is discussed in more detail in our Cookie Notice.

b. Why We Process Your Information.

We process your Personal Information for our legitimate interests, which include:

i. In Connection With Support Queries. To respond to an enquiry which you may submit to us. For example, our customer support team may use your email address to communicate with you if you have contacted us about an email you received, but we will not send marketing to you unless you have otherwise opted-in to marketing.

ii. To Improve Our Product & Ensure Functionality.

1. To ensure the full functionality of the Service. We collect information using cookies about your interaction with an email sent to you through the Services. These cookies are used to ensure that the full functionality of our Services is operational; to ensure that the Service experience works well across all possible devices; and to fix bugs and troubleshoot product functionality.

2. To track behaviour at the aggregate/anonymous level to identify and understand trends in the various interactions with our Services (for example, by inferring geographic location to produce aggregated data around Subscriber location trends as they relate to open rates). This data will be aggregated and anonymized so we can examine patterns in terms of Subscribers’ preferences as they relate to email engagement. We collect and use all this data for our (and our Customer’s) legitimate interests, like providing our Customers with metrics around probability of engagement related to email sending times, locations, content and also to help our Customers understand industry trends in marketing.

3. Our use of cookies and other tracking technologies is discussed more below, in more detail below and in our Cookie Notice.

iii. To Prevent Abuse/Illegal Activities. To screen for and prevent undesirable, abusive, and/or illegal activity. We use your IP address and a Campaign Monitor auto-generated Subscriber ID for abuse monitoring purposes (so we can identify a User who abused the Services by sending spam email or sent an email in any other manner contrary to our usage policies and/or to facilitate a User in complying with their own legal obligations). We also have automated systems that screen content for phishing activities, spam, and fraud.

iv. For Legal Records. To enforce our agreements where applicable (for example we keep a record of the number of emails sent to individual Subscribers for to bill for Services used by our Customers). To respond to legal requests or prevent fraud, we may need to disclose any information or data we hold about you. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

c. How We Share Your Information.

In the following limited situations, we may disclose Subscriber information to someone other than the Customer or their User:

i. to our contractors, service providers and other third parties who provide data processing services to us and with whom the sharing of your Personal Information is necessary to undertake the work e.g. to process billing,  to analyze data, host data, deliver content and to provide customer support and other business related functions.

ii. to comply with any court order, law or legal process, including responding to a governmental or regulatory request.

iii. to Affiliates of our corporate group for customer support, technical operations, and account management purposes.

iv. to a buyer or other successor in the event of a merger, sale or transfer of some or all of Campaign Monitor's assets.

d. Cookies And Tracking Technologies.

We (and our partners and vendors) use various technologies to collect and store information when you interact with a User's email campaign or other content delivered through the Services, and this may include using cookies and similar tracking technologies, such as pixels and web beacons.  For example, we use page tags (also known as web beacons) in the emails we send on behalf of our Users. When you receive and engage with a User's campaign, web beacons track certain behavior such as whether the email sent through the Services was delivered and opened. They also allow us to collect information such as your IP address, browser, email client type and other similar details. Links within these emails are tracked to show individual recipient’s clicks.  We use this information to measure the performance of our User's email campaigns, to improve email deliverability and open rates and to provide analytics information and enhance the effectiveness of our Services as described in more detail above. For more information, read about our cookies and other tracking technologies in more detail in our Cookie Notice.

e. Legal Basis For Processing Personal Information (EEA Residents Only).

i. If you are a Subscriber who is a resident in the EEA, then our legal basis for collecting and using Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it. However, where we are processing your Personal Information for our own purposes we normally rely on our legitimate interest to collect Personal Information from you, except where such interests are overridden by your data protection interests or fundamental rights and freedoms. Where we rely on our (or our Customer’s) legitimate interests to process your Personal Information, they include the interests described in the sections above headed "Why We Process Your Information".

ii. In some cases, we may have a legal obligation to collect Personal Information from you or may otherwise need the Personal Information to protect your vital interests or those of another person.

iii. If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us using the contact details provided under the “Contact Us” heading below.

f. Data Retention.

i. We retain Personal Information we collect from you where we have an ongoing legitimate business need to do so (for example, to prevent abuse or illegal activities, retain our legal records, or to comply with other applicable legal, tax or accounting requirements).

ii. When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymise Personal Information. If this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

iii. We will retain information we process (as a data processor) on behalf of our Customers for as long as needed to provide Services to our Customers (unless deletion is requested at an earlier time by the Customer) and as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.

iv. To have any Personal Information that is retained by us on behalf of the Customer deleted, please contact the Customer (the controller of that data).

4. CAMPAIGN MONITOR WEBSITE VISITORS

This Section applies to Personal Information that we collect and process through our Websites (for example when you visit our website and sign up for our marketing lists or apply for a job at Campaign Monitor) and in the usual course of our business, such as in connection with our events, sales and marketing activities.

a. Information We Process.

i. Information You Provide To Us. Certain parts of our Websites  may ask you to voluntarily provide Personal Information (such as your name, contact details and company name). For example, when registering for an account, expressing an interest in obtaining additional information about Campaign Monitor or our Services, subscribing to marketing, applying for a job, or otherwise contacting us. We may also collect Personal Information, such as your contact and professional background details and feedback, when you attend our events, take part in surveys, or through other business or marketing interactions we may have with you. You may choose to provide additional information when you communicate with us or otherwise interact with us, and we will keep copies of any such communications for our records.

ii. Information Collected Automatically. When you visit our Websites, like most website owners, we may also collect certain information automatically from your device, such as your device type, browser type, broad geographic location (e.g. country or city-level location), the referring website, what pages your device visited, and the time that your device visited our Website. In some countries, including countries in the European Economic Area, this information may be considered Personal Information under applicable data protection laws.  We (including our service providers) may use cookies, pixel tags and other similar tracking technologies to collect this information. Our use of cookies and other tracking technologies is discussed more below, in more detail below and in our Cookie Notice.

iii. Information We Obtain From Third Party Sources.  We may receive Personal Information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us to update, expand and analyze our records, identify new customers, and provide Services that may be of interest to you. This Personal Information may include (for example), information such as your name, employer, job title, email address, phone numbers, and other company, contact, and/or employment information.

b. Why We Process Your Information.

i. To Provide You With Information You Have Requested. To respond to your requests or provide you with information requested by you, including where you apply for a job at Campaign Monitor or request information about our products or Services.

ii. To Market To You. To contact you  with marketing and promotional information (in accordance with your marketing preferences) about products and services that we or our Affiliates offer, to provide advertising to you on third party sites (based on your browsing activities on the Website), and to send you information regarding us, our Affiliates, and/or our partners (see the section headed "Your Data Protection Rights" for information about how you can opt-out of receiving marketing communications from us at any time). Marketing data purchased from third parties may be combined with information we already have about you and may be used to create more tailored advertising and products.

iii. For Business Analytics. To infer your geographic location based on your IP address; to track behavior at the aggregate/anonymous level to identify and understand trends in usage and the various interactions with our Websites and marketing content; determining the effectiveness of our marketing; and to conduct internal business analysis based on meta-data about usage, feature adoption and forecasting to improve our Websites and Services.

iv. For Website Optimization. To administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, and statistical purposes; to improve user experience while interacting with the website; to understand how our Website is used and to improve our Website to ensure that content is presented in the most effective manner for you and your computer; and as a part of our efforts to keep our Website safe and secure.

v. For Legal Records. To comply with and enforce applicable legal requirements, agreements and policies.

c. How We Share Your Information.

In the following limited situations, we may disclose information that we collect or that you provide to us:

i. to our contractors, service providers and other third parties who provide data processing services to us and with whom the sharing of your Personal Information is necessary to undertake the work e.g. to process billing, analyze data, host data, provide customer support, and to deliver online and offline marketing communications about us and/or our Affiliates that we think will interest you.

ii. as required by law, such as to comply with any court order, subpoena or other law or legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a governmental or regulatory request.

iii. to enforce our rights arising from any contracts entered into between you and us and for billing and collection.

iv. to Affiliates of our corporate group for customer support, marketing, technical operations, and account management purposes.

v. to a buyer or other successor in the event of a merger, sale or transfer of some or all of Campaign Monitor's assets.

d. Cookies And Tracking Technologies.

We (and our partners and vendors) use cookies and similar tracking technology (collectively "Cookies") on our Websites to collect and use Personal Information about you: (i) to ensure we are complying with our legal obligations (for example, we use cookies to infer your location and if, for example, you are in the EEA, we can ensure that we are compliant with regulations in the EEA); (ii) to serve targeted advertising to you, (iii) to analyse trends, administer the Website, track users' movements around the Website, and (iv) to gather demographic information about our user base as a whole. In addition, certain third parties, such as analytics companies, may use automatic information collection technologies to collect information about you when you use our Website. The information they collect may be associated with your Personal Information or they may collect information about your online activities over time and across different websites, apps and other online services websites. For more information, read about our cookies and other tracking technologies in more detail in our Cookie Notice.

e. Legal Basis For Processing Personal Information (EEA Residents Only).

i. If you are a website visitor or other prospective customer who is a resident in the EEA, then our legal basis for collecting and using Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.  However, where we are processing your Personal Information for our own purposes we normally rely on our legitimate interests to collect Personal Information from you, except where such interests are overridden by your data protection interests or fundamental rights and freedoms. Where we rely on our legitimate interests to process your Personal Information, they include the interests described in the sections above headed "Why We Process Your Information".

ii. In some cases, we may rely on your consent or have a legal obligation to collect Personal Information from you or may otherwise need the Personal Information to protect your vital interests or those of another person. If we rely on consent to collect and/or process your Personal Information, we will obtain such consent in compliance with applicable laws.

iii. If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us using the contact details provided under the “Contact Us” heading below.

f. Data Retention.

i. We retain Personal Information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with information you have requested or to comply with applicable legal, tax or accounting requirements).

ii. When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

5. GENERAL INFORMATION

a. Your Data Protection Rights (EEA Residents Only).

If you are resident in the EEA, you have the following data protection rights:

i. You can access, review, change, update or delete your Personal Information at any time by submitting a request to support via this support form.

ii. To remove your Personal Information from a Website testimonial or request removal of your Personal Information from our blog or community forum, please submit a request to support via this support form. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why.

iii. In addition, you can object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information. To exercise these rights, please submit a request to support via this support form.

iv. You can opt out of receiving marketing communication we send you at any time. You can exercise this right by clicking on the “unsubscribe” link in the emails we send you or by visiting our preference center, //www.campaignmonitor.com/preference-center. To opt-out of other forms of marketing (such as postal marketing or telemarketing), please contact us at [email protected]. For data privacy concerns, use the contact details provided under the “Contact Us” heading below.

v. If we have collected and process your Personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.

vi. You have the right to complain to a data protection authority about our collection and use of your Personal Information.  For more information, please contact your local data protection authority. Contact details for data protection authorities in the European Economic Area ("EEA"), are available here.

Please note that because most of the information we store can only identify a particular browser or device, and cannot identify you individually, you will need to provide us with some additional information to enable us to identify the Personal Information we hold about you and ensure that accurately fulfil your request. You may also be required to provide ID.

Further Information for Subscribers:  As described in this Notice, for much of the Personal Information we collect and process about you through the Services, we act as a processor on behalf of our Customers. In such cases, if you want to exercise any data protection rights that may be available to you under applicable law or have questions or concerns about how your Personal Information is handled by Campaign Monitor as a processor on behalf of our Customers, you should contact the relevant Customer that has contracted with Campaign Monitor for use of the Services, and refer to their separate privacy policies. If you are having difficulties finding this Customer, you can contact us through our support team and we will try our best to help you.

b. Third-Party Websites And Apps.

This Notice only applies to the Campaign Monitor Website and Services. We are not responsible for the privacy practices or disclosures of third parties that use or access the Campaign Monitor Website or Services. In addition, the Website or Service may contain links to third-party websites and apps. Any access to and use of such linked websites or apps is not governed by this Notice, but instead is governed by the privacy policies of those third parties. We are not responsible for the information practices of such third parties.

c. How Do We Keep Your Personal Information Secure?

i. We use appropriate technical and organizational security measures to protect any Personal Information we process against unauthorized access, disclosure, alteration, and destruction. More details of our security measures are available for review here.

ii. Unfortunately, nobody is truly and completely safe from hackers. Although we do our best to protect your Personal Information, we cannot guarantee security, no Internet transmission can ever be guaranteed 100% secure, and so we encourage you to take care when disclosing Personal Information online and to use readily available tools, such as Internet firewalls, secure e-mail and similar technologies to protect yourself online.

d. International Data Transfers.

i. The Website and the Services are provided, supported, and hosted in the United States. If you are using the Website or Services from outside the United States, be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your Personal Information, in the United States and other countries. These countries may have data protection laws that are different to the laws of your country.

ii. However, we have taken appropriate measures to require that your Personal Information will remain protected in accordance with this Notice and have implemented appropriate safeguards to require that your Personal Information will remain protected in accordance with this Privacy Notice. These include implementing the European Commission’s Standard Contractual Clauses for transfers of personal information between our group companies, which require all group companies to protect personal information they process from the EEA in accordance with European Union data protection law. We have implemented similar safeguards with our third party service providers and partners. Further details can be provided upon request.

e. Changes To This Privacy Notice.

We may revise this Notice from time to time in response to changing legal, technical or business developments. The most current version of this Notice will govern our use of your Personal Information. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if and where this is required by applicable data protection laws. You can see when this Notice was last updated by checking the “last updated” date displayed at the top of this Notice.

f. Contact Us.

Thanks for taking the time to learn about our privacy notice. We hope it was clear and reassuring.

To execute a Data Protection Agreement (often referred to as a "Data Processing Agreement or "DPA"), please submit a request to support via this support form.

For general data privacy questions related to the Campaign Monitor Services, please email [email protected].

To communicate with our Data Protection Officer, please email [email protected].

If you have any questions, please contact us:

Campaign Monitor Address:

123 Mission Street, 26th Floor

San Francisco, CA 94105

Email: [email protected]

Important Note: If you are resident in the EEA, the "data controller" of the Personal Information described in this Privacy Notice is Campaign Monitor.