I use Mailerlite for my newsletter: Here is their privacy policy information:
At MailerLite, protecting your privacy and the privacy of anyone receiving your email is very important to us. The purpose of this Privacy Policy is to make MailerLite safe and appropriate for everyone. Our Privacy Policy applies to your use of MailerLite’s Services and describes the kind of information we process, how it is processed and why.
As used in these Terms, “MailerLite” means:
(a) MailerLite Limited, an Irish registered company at 38 Mount Street Upper, Dublin 2, D02 PR89 Ireland, if the Customer’s billing address on the applicable Order Form is located in the EEA, UK or Switzerland; or
(b) MailerLite, Inc., a Delaware corporation at 548 Market St, PMB 98174, San Francisco, CA 94104-5401, United States, if the Customer’s billing address on the applicable Order Form is located anywhere else in the world.
MailerLite provides email marketing and automation software as a service. We process Personal Data as a Processor on behalf of the Customer.
1. Definitions
1.1. “Controller” means an entity that determines the purposes and means of the Processing of Personal Data.
1.2. “Customer” means a person or entity that is registered with MailerLite to use the Services.
1.3. “Data Protection Laws” means all data protection and privacy laws and regulations of the EU, EEA, and their member states, Switzerland and the United Kingdom, applicable to the Processing of Personal Data.
1.4. “GDPR” means (a) the Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), and (b) the United Kingdom General Data Protection Regulation.
1.5. “Personal Data” means any information relating to an identified or identifiable natural person.
1.6. “Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction. “Process”, “Processes” and “Processed” shall be interpreted accordingly.
1.7. “Processor” means a natural or legal person, public authority, agency, or any other body which Processes Personal Data on behalf of the Controller.
1.8. “Services” means any product or service provided by MailerLite pursuant to MailerLite’s Terms of Use (“TOU”).
1.9. “Subscriber” means a person Customer contacts through our Services.
1.10. “We”, “us”, and “our” refer to the MailerLite.
1.11. “You,” “your,” and “yours” refer to the user.
2. Data Processing
2.1. Consent: by accessing our Services, you accept our Privacy Policy and TOU, and you consent to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy. Each time you visit our website or use the mobile app or the Service, and any time you voluntarily provide us with information, you agree that you are consenting to our collection, use, and disclosure of the information that you provide, and you are consenting to receive emails or otherwise be contacted, as described in this Privacy Policy. Whether or not you register or create an account with us, this Privacy Policy applies to all users of the website, mobile app, and Services.
2.2. Performance of a contract: by utilizing our Services or accessing our platform, you expressly acknowledge our Processing of your Personal Data in compliance with applicable Data Protection Laws. The Processing of your Personal Data is grounded on the legal basis of contract performance between you and MailerLite. We collect and process your Personal Data to deliver the requested Services, meet our contractual obligations, and ensure the seamless functioning of our platform. Specifically, this includes providing you with access to the website, mobile app, and Services.
3. What information we Process
MailerLite collects both “Personal Data” and “Non-Personal Data” about you and will Process this data for the duration of the Services, as described in the TOU:
3.1. Personal Data:
- Customers’ information: identification and contact data (name, contact details, username); billing information (billing address, payment information); organization information (name, address, geographic location, area of responsibility, VAT code), IP addresses, browsing activity, web server logs.
- Subscribers’ information: email address and any other additional information that Customer provides to MailerLite.
3.1.1. At any time, you may log in and change this information, or remove it. You may decline to provide Personal Data to the Services, however, some of the Personal Data we ask you to provide, for example, the email address is mandatory for a Service. If you decline to provide it, we may not be able to provide that service to you.
3.1.2. Please note, MailerLite does not process or store your credit card information. Once you make a payment, your credit card information is transferred to our third-party payment processor Braintree. Please find their Privacy statement here.
3.1.3. If, being a Shopify user, you install MailerLite Shopify app through Shopify App Store, Shopify will bill you for our Services. More information about Personal Data collected by Shopify can be found in Shopify’s Privacy Policy here.
3.1.4. Please be informed that for communication via email and live chat, MailerLite uses third-party customer support platforms. When communication goes through our Contact Us form or email, your information is transferred to HelpScout. When communication is through live chat, your information is transferred to Intercom. If you reach out to us when using the new version of MailerLite, regardless of the method, your information will be transferred to HelpScout. You may find HelpScout’s privacy policy here and Intercom’s here.
3.1.5. MailerLite utilizes OpenAI’s GPT technology, providing features such as an AI-powered writing assistant and AI-powered subject line generator. By using these features, you agree that your input, which may contain personal information, is sent to OpenAI’s API for processing in accordance with OpenAI’s Terms of Service, Privacy Policy and API Data Usage Policy. MailerLite is not responsible for the data handling practices or policies of OpenAI or any third-party services used by OpenAI.
3.2. Non-Personal Data:
- The browser and device information: location, device type, model, number, type of browser or operating system, the time and date of access, screen resolution, plug-ins, add-ons and the version of the Services you are using, and other information that does not personally identify you.
- Information from your use of the Services and information from other sources: we may receive information about how and when you use the Services, or other types of files associated with your account, and link it to other information we collect about you. Also, we may obtain information about you or your Subscribers from third-party sources, such as public databases, social media platforms, third-party data providers, and our joint marketing partners. This information may include, for example, time, date, browser used, demographic information, device information (such as device type, model, number, type of browser or operating system), location, and online behavioral data (such as information about your use of social media websites, page view information and search results and links), actions you have taken, anonymous usage data, referring/exit pages and URLs, preferences you submit and preferences that are generated based on the data you submit and the number of clicks.
4. Purposes of Processing
4.1. MailerLite uses collected information for the operation of the Services, to maintain the quality of the Service, to provide general statistics regarding use of the Service, to promote and analyze the Services, to provide customer support and send information about the Services, to protect the rights and safety of Customers, Subscribers, third-parties and our own, to send customized informational or promotional content and provide suggestions according to marketing preferences, to ensure observance of our TOU and meet the legal requirements, to verify identity and provided information, manage payments, to understand demographics, Customer interests and needs, and other trends among users, and for other business purposes.
4.2. We may combine Personal Data with other information we Process to customize informational content and enhance our ability to provide Services according to marketing preferences, restrictions or for advertising, targeting purposes, personalization of ads, or to develop and provide you with more relevant products and features in accordance with this Privacy Policy.
5. How we collect your information
5.1. Data provided by our Customers: Customers may import into the Services Personal Data they have collected from their Subscribers or other individuals. We have no direct relationship with Customers’ Subscribers or any individuals other than our Customers. Our Processing of Personal Data is based on the data subject freely given consent and Customers are responsible for making sure they have the necessary permissions for us to Process Personal Data about Subscribers or other individuals.
5.2. Tracking technologies: in connection with the performance of the Services, MailerLite uses:
- Cookies: cookies are tiny files of data that a website transfers to your computer’s hard disk for record-keeping purposes. Most web browsers are set to accept cookies, but you can change this in your browser settings. However, if you do not accept cookies, you may not be able to use all of MailerLite’s functionality. We use cookies to improve your Mailerlite experience and by collecting this data, we can store information so that you don’t have to re-enter it every time you visit MailerLite. We also use it to monitor visitor metrics to MailerLite such as page views, time on site, number of visitors, etc.
- Web beacons: we include single-pixel gifs (web beacons) in emails we send, which allow us to collect information about when you open the email and your IP address, your browser or email client type, and other similar details. We use the data from those web beacons to create reports about how your email campaign performed and what actions your Subscribers took, to capture the time spent on the Services, pages visited and email campaign performance.
- Unique identifiers and similar tracking technologies: we may use other tracking technologies to administer the Services, track your movements around the Services, analyze trends, track behavior, serve targeted advertisements and gather demographic information, to measure the performance of our email campaigns and to improve our features for specific segments of Customers.
5.3. Log Data monitoring: we may collect log data whenever you access our tool. This data could include things like an IP address, browser type, and version, the pages you visit on MailerLite, and other user statistics. When you access MailerLite with a mobile device, log data may include the type of device, your mobile unique ID, the IP address of your device, mobile operating system, and other mobile statistics.
5.4. Third-party services: we may use third-party services, such as Google Analytics and Facebook, that collect and analyze log data to help us improve MailerLite, and occasionally to use for targeted online advertising. Our third-party partners may use cookies or other tracking technologies to provide you advertising on other sites based on your browsing activities and interests. You can find more information about these practices, including how to opt out of receiving targeted advertising here: http://www.aboutads.info/choices/.
5.5. Based on the requirements of the California Online Privacy Protection Act, MailerLite declares that it does not correspond to Do Not Track browser signals.
6. Transferring to third-party companies
6.1. We will never sell, rent, or lease your Personal Data to a third party, but we may share collected information for the purposes described in this Privacy Policy with third parties, including group companies, that help MailerLite provide, improve, promote or support Services, that help with our business operations and assist in the delivery of our Services, or who perform services for us, in order to prevent damage to our property or for safety reasons, for example, payment processors, hosting services, analytics, content delivery services, advertising partners, etc., in a manner that is consistent with this Privacy Policy. We may also share information with third parties if required to do so by law or if you violate our TOU.
6.2. We may disclose Non-Personal Data for any purpose because this information cannot be used to identify you or another person.
7. Email communications & opting out
7.1. From time to time you may receive emails related to your use of MailerLite. Based on the Personal Data that you provide us, we may communicate with you in response to your inquiries to provide the Services you request and to manage your account. If we have your consent, we may also use your Personal Data to send you updates and other promotional communications. Every email will contain a link to be able to opt-out of receiving it. We may still send important messages regarding administrative matters, updates, disputes, and customer service issues that are required to provide the Services.
7.2. If a Subscriber no longer wants to be contacted by one of our Customers, he can unsubscribe directly from that Customers’ newsletter or contact the Customer directly to update or delete the data. If a Subscriber contacts us, we will refer him to that Customer. We will retain personal information we Process on behalf of our Customers only for as long as needed to provide our Services or to comply with our obligations.
8. Safety of your information
8.1. MailerLite takes reasonable precautions, technical and organizational security measures to ensure a level of security appropriate to the risk, follows industry best practices in order to protect your Personal Data from any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Personal Data and to preserve the security and confidentiality of the data. However, these measures do not guarantee that your information will not be accessed, disclosed, altered or destroyed by breach of such precautions. By using our Service, you acknowledge that you understand and agree to assume these risks.
8.2. The customer is responsible for reviewing the information made available by MailerLite relating to its data security and making an independent determination as to whether the Services meet Customer’s requirements and legal obligations under Data Protection Laws. Also, Customer is responsible for its secure use of the Services, including securing its account authentication credentials, protecting the security of Personal Data when in transit to and from the Services and taking any appropriate steps to securely encrypt or backup any Personal Data uploaded to the Services.
9. Protecting Subscriber’s lists and data
9.1. We reserve the right to monitor your lists, content and response data from time to time to make sure they comply with our TOU, we will never share, sell or rent your customer data to anyone for any reason.
9.2. Our data storage center is in the European Union and has information storage security certificate (ISO 27001) so you can rest assured that your Subscribers data is safe with us.
10. Data retention
10.1. Unless you specifically request that we delete your Personal Data, we will keep it for as long as we need to meet our Terms, give you Services, and maintain the effective operation of our business.
10.2. If you ask us to delete your Personal Data, we may still be obliged to retain it for the following purposes: (i) to follow the law or rules (like maintaining transaction records), (ii) to deal with legal issues or defend ourselves in legal claims, and (iii) to protect against fraud or abuse on our Service. This implies that different types of Personal Data may be kept for different amounts of time.
10.3. Sometimes, we might not be able to delete, make anonymous, or hide your Personal Data right away because of technical, legal, or operational reasons. In these situations, we will take reasonable measures to securely isolate your Personal Data from any further Processing until we can properly delete, make anonymous, or de-identify it.
10.4. If your account is inactive for 2 years or more, MailerLite reserves the right to permanently delete your account with all its data, including your list of subscribers and your content. If MailerLite decides to delete your account, you will be informed via email. You will then be given 30 days to export the data or reactivate your account before the account is permanently deleted.
11. Links to other websites
As part of the Service, we may provide links to or compatibility with other websites or applications. However, we are not responsible for the privacy practices employed by those websites or the information or content they contain. This Privacy Policy applies solely to information collected by us through the Service. Therefore, this Privacy Policy does not apply to your use of a third-party website accessed by selecting a link via our Service. To the extent that you access or use the Service through or on another website or application, then the privacy policy of that other website or application will apply to your access or use of that site or application. We encourage our users to read the privacy statements of other websites before proceeding to use them.
12. Data Processing Addendum
We created our Data Processing Addendum to cover the GDPR requirements as they relate to email marketing and we encourage all our Customers to review it here.
13. Age of consent
By using the Service, you represent that you are at least 16 years of age.
14. California Consumer Privacy Act
14.1. According to The California Consumer Privacy Act (“CCPA”) residents of California, United States have specific rights regarding their Personal Data. California consumers have the right to 1) request that businesses disclose information about their collection and use of Personal Data over the past year; 2) ask such businesses to delete Personal Data; 3) opt-out of the sale of their Personal Data.
14.2. MailerLite in terms of CCPA acts as a service provider and we process Personal Data on our Clients behalf. Please direct any requests for access or deletion of your Personal Data to our Clients with whom you have a direct relationship.
15. Merger or acquisition
In the event we undergo a business transaction such as a merger, acquisition by another company, or sale of all or a portion of our assets, your Personal Data may be among the assets transferred. You acknowledge and consent that such transfers may occur and are permitted by this Privacy Policy, and that any acquirer of our assets may continue to Process your Personal Data as set forth in this Privacy Policy.
16. MailerLite as a Controller
MailerLite acts as a Controller of Personal Data of its employees, contractors, candidates, affiliates and other third parties that are not considered as a Customer. MailerLite undertakes to comply with legal requirements when processing Personal Data as a Controller and implements appropriate technical and organizational measures to ensure a level of security of Personal Data as required under GDPR and applicable Data Protection Laws.
17. Changes
MailerLite reserves the right to change this Privacy Policy at any time. If we decide to change this Privacy Policy, we will post these changes on this page so that you are always aware of what information we collect, how we use it, and under what circumstances we disclose it. All changes are effective immediately upon posting and we suggest that you check this Privacy Policy periodically if you are concerned about how your information is used.
18. Contacting MailerLite
If you:
- would like to request access to the information we hold about you, correct, modify, delete or update Personal Data that you have provided to us, or
- have any questions regarding this Privacy Policy or the practices of this site, wish to withdraw your consent for the continued collection, would like to object to your Personal Data being used, or have any additional questions: