SocketLabs Email Service Privacy Policy

SOCKETLABS EMAIL SERVICE PRIVACY POLICY

EFFECTIVE: April 4, 2018

INTRODUCTION AND SCOPE

Your online privacy and trust are very important to us, so we are providing this SocketLabs On-Demand Email Service Privacy Policy (this “Policy”) to inform you of our practices regarding the way we collect, use, or otherwise process your personal data through our hosted SocketLabs On-Demand email service (“Email Service”).

This Policy specifically and exclusively applies to the following information which SocketLabs Acquisition, LLC (“SocketLabs”, “we”, “us”, and “our”) receives from and processes on behalf of our customers: a) the personal data of senders and recipients or personal data otherwise provided within email messages processed by the Email Service and b) the personal data included in email recipient lists managed by the Email Service. This Policy does not apply to personal data which we may collect or obtain otherwise such as through our websites, control panel (with the exception of email recipient list information) or otherwise, as described in the SocketLabs General Privacy Policy.

We are providing this Policy to help you make an informed decision about whether to use or continue using the Email Service. By using the Email Service, you consent to the personal data processing practices described in this Policy.

CONTROLLERSHIP

In the context of this Policy, SocketLabs acts as a data processor for the personal data we process.

CATEGORIES OF PERSONAL DATA

SocketLabs allows its customers full control over the categories of information included in the emails they send and the data they provide to us. Therefore, we cannot reasonably foresee and list all the types of data we may be asked to process, and we are unaware of the exact categories of personal data being processed. SocketLabs requires, at a minimum, a sender email address and a recipient email address. SocketLabs does not solicit sensitive personal data such as information about a person’s health, religious beliefs, ethnic origin, identification numbers, or other sensitive data and you should not provide such sensitive data to SocketLabs or include it in email messages being processed by the Email Service.

HOW WE RECEIVE PERSONAL DATA

• We may collect information automatically or otherwise about your use of the Email Service and your interactions with the Email Service such as by way of example, web signup forms or email messages processed through the Email Service. Such information may include without limitation, IP addresses, device information, geographic location, information about which email messages you opened, and which links you clicked in email messages processed by the Email Service. We use various commonly used technologies for this purpose such as cookies and web beacons (clear gifs). Please note that if you do not use cookies, you may not be able to use the Email Service or interact with emails sent through the Email Service.

• We receive your personal data when a SocketLabs customer provides us with your personal data such as without limitation, including your personal data in an email being processed by the Email Service or entering your personal data into the Email Service in order to send you an email, e.g., through an API or through the Email Service control panel.

BASIS OF PROCESSING

Within the scope of this Policy, SocketLabs acts as a data processor and processes Personal Data based on the documented instructions of the relevant data controllers.

PURPOSES OF PROCESSING

We process personal data for the purposes of providing the Email Service as a data processor on behalf of our customers and according to our Terms of Service which also includes:

• Optimizing and monitoring the Email Service
• Monitoring, analyzing and improving the operation and security of the Email Service
• Monitoring, investigating and preventing unauthorized access or unacceptable use of the Email Service such as violations of our terms and policies or unlawful behavior
• Compiling aggregated statistics about the use of the Email Service
• Responding to your inquiries, and/or other requests or questions

DATA RETENTION PERIODS

We will retain your personal data as necessary to provide the Email Service and satisfy our obligations under our Terms of Service, unless a longer retention period is required by law, for legal, tax or regulatory reasons, or other lawful purposes.

SHARING PERSONAL DATA WITH THIRD PARTIES

We may use third parties to perform certain services on our behalf. We may share your personal data with these third parties solely to enable them to perform the services for us.

Such third parties may include without limitation those providing services such as cloud computing, internet, hosting, database, security, email, storage and anti-spam.

We require that those third-party vendors maintain at least the same level of confidentiality and data protection that we maintain for your personal data. We do not provide your personal data to parties unconnected with our Email Service.

OTHER DISCLOSURE OF YOUR PERSONAL DATA

We may disclose your personal data:

• to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders;
• if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring, or other company change;
• to protect or defend our property, interests or rights or that of third parties;
• to research and investigate any suspected wrongdoing in connection with our Terms of Service or other policies;
• to our subsidiaries or affiliates only if necessary for business and operational purposes

If we must disclose your personal data in order to comply with law, official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your personal data will maintain the privacy or security of your personal data.

Notwithstanding anything to the contrary in this Policy, we may compile, use, distribute, disclose, publish, license, and sell information collected through your use of the Email Service, so long as all personally identifiable information is removed. By way of example without limitation, we may publish a report on the adoption of the Email Service in different geographic regions, or a report that shows which browser versions are most popular among our users. This anonymous data will be owned exclusively by SocketLabs.

COMMITMENT TO SECURITY OF DATA

SocketLabs uses commercially reasonable technical and organizational security measures to preserve the confidentiality, integrity, and security of your personal data. We cannot, however, ensure or warrant the security of any information you transmit to SocketLabs and you do so at your own risk. Once we receive your transmission of personal data, SocketLabs makes commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such personal data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, managerial or other safeguards.

ACCESS & REVIEW

If you are a data subject about whom we store personal data, you may have the right to request access to, and the opportunity to update, correct, or delete such personal data. To submit such requests, please contact the party that has provided your personal data to us. If you have provided your personal data to us directly or if you want to raise any other questions related to the way we process your personal data, please contact us using the information in the Contact Information section of this Policy.

A NOTE ABOUT MINORS

Our Services are not directed at, or intended for use by, children under the age of 13. We do not knowingly process the personal data of anyone under 18. Children should always get permission from a parent or guardian before sending personal data over the Internet. If you believe your child may have provided us with their personal data, you can contact us using the information in the Contact Information section of this Policy and we will delete that personal data.

THIRD PARTY SITES & SERVICES

Some third-party sites or services may be accessible from the Email Service, including but not limited to third-party sites and services accessible via links in an email message we send. We encourage you to review the privacy statements of these third-party sites and services so that you can understand how those sites and services collect, use, and share your personal data. SocketLabs is not responsible for the policies or practices of third parties or third-party sites and services.

INTERNATIONAL TRANSFERS

We may store and process your personal data in any country or area where we have facilities or where we engage third party service providers. Your personal data may be transferred to countries other than the country where you reside, including but not limited to the United States. Such countries may have different data protection laws and our use and storage of your personal data will be in accordance with this Policy. When we receive personal data from the EEA or Switzerland, we will comply with the Privacy Shield framework as outlined in this Policy.

MODIFICATIONS AND UPDATES TO THIS POLICY

SocketLabs may modify this Policy at any time by posting a revised version and updating the “Effective” date above. The revised Policy will become effective immediately upon posting to this page, or to a page linked to from the SocketLabs website. It is your responsibility to revisit this page or periodically review the Policy to stay aware of any changes. Your continued use of the Email Service after the Policy has been revised constitutes your agreement to the revisions.

EU-U.S. AND SWISS-U.S. PRIVACY SHIELD FRAMEWORKS

With respect to transfers of personal data within the scope of this policy from the European Economic Area (“EEA”) and Switzerland to the United States, SocketLabs complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (the “Privacy Shield”), as adopted and set forth by the U.S. Department of Commerce regarding the processing of personal data. SocketLabs commits to adhere to and has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.

SocketLabs remains liable for the protection of personal data that we transfer to our third-party service providers within the scope of the Privacy Shield, only to the extent that we are responsible for the event giving rise to the damage.

For the purposes of enforcing compliance with the Privacy Shield, SocketLabs is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

To learn more about the Privacy Shield, and to view SocketLabs’ certification, please visit https://www.privacyshield.gov and https://www.privacyshield.gov/list, respectively.

DISPUTE RESOLUTION

Where a privacy complaint or dispute cannot be resolved through SocketLabs’ internal processes, SocketLabs has agreed to participate in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Privacy Shield Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/

BINDING ARBITRATION

If your dispute or complaint can’t be resolved by us, nor through the dispute resolution program established by VeraSafe, you may have the right to require that we enter into binding arbitration with you pursuant to the Privacy Shield’s Recourse, Enforcement and Liability Principle and Annex I of the Privacy Shield.

CONTACT INFORMATION

Please contact SocketLabs with any questions or comments about this Policy.

SocketLabs Acquisition, LLC
Privacy Officer
700 Turner Industrial Way, Suite 100
Aston, PA 19014 USA
[email protected]

Please allow up to 30 days for us to reply.


Privacy Seal

Customers Who Trust in SocketLabs

You’re in good company when working with SocketLabs. Here are some companies who have also trusted SocketLabs.

Why SocketLabs?

What Our Customers Are Saying!