- How we collect information (including Personal Information) and what types of information we collect
- How we use and safeguard Personal Information
- Your rights and choices regarding how Personal Information may be used and disclosed.
Before we discuss the types of information we collect, please note that use of our Site and Services is strictly limited to persons who have attained the age of majority in the jurisdiction in which they reside; you must be at least eighteen (18) years old to use our Site and Services in any jurisdiction. Mailshake does not knowingly collect or store any Personal Information or any information from any persons under the age of 13. If Mailshake discovers that Personal Information of persons under 13 years of age has been collected or stored, Mailshake will take the appropriate steps to delete this information from our systems.
I.Information We Collect
Information You Provide Voluntarily to Us
We collect Personal Information from you directly. For example, we may obtain Personal Information when you request information, products or services from or otherwise interact with the Site or Services, or fill out a Registration Form.
We may also collect Personal Information through your access to your accounts online, as well as your asking questions through our "Contact Us" link, such as your name, address, e-mail address and other contact information. We may also collect data resulting from your activity on the Site, such as transaction information.
Information We Collect Automatically
We collect navigational information about where visitors go on our Site and information about the technical efficiencies of our Site and Services. In the process of gathering navigational information, anonymous information may be collected which will provide information to us regarding use of our Site. Anonymous information is information that does not directly or indirectly identify, or cannot reasonably be used to identify, a particular individual. Examples of anonymous information may include information about your Internet browser, domain type, usage statistics, and service provider, collected through tracking technologies and aggregated or de-identified data.
We may also collect anonymized location information or your IP address for analytics purposes, and we may authorize third parties to do so. This information may be collected from your mobile device's location-aware features when you request certain services that are dependent on your physical location.
Cookies and Other Tracking Mechanisms
Depending on how you access and use our Site and Services, you may use a browser feature known as a "cookie." A cookie is a piece of data stored on the computer that runs an Internet browser and is commonly used to store information about a user's online activities, including information such as the content or advertisements that a user views or the pages a user visits within a particular website. A cookie can contain information about you, your computer, your browser, your session, the websites you visit and other information about you or others who use, or have used, the computer or browser you use to access the Internet. Cookies are used for record-keeping purposes: the stored information can be retrieved by our website server when you return to the website. This allows us to personalize or regulate the use of this Site, and it also permits us to automate the access and data entry functions of this Site (e.g., login information), and to tailor the appearance or presentation of this Site to your preferences or interests.
Most or all browsers permit you to disable or reject cookies. You can do this by adjusting your preferences in the browser.
Below is a non-exhaustive list of the cookies, explanations and cookie policies, if applicable, on the Site. While we will maintain the accuracy of this list in good faith, although it may not be complete or fully accurate.
|Mailshake (sessionID and prefs)||SessionID Keeps your session active and expires when you close your browser or log out of Mailshake. Prefs is a collection of simple preferences and expires when you close your browser or log out of Mailshake.|
|Stripe||Cookies may be used to assist in payment transactions.||https://stripe.com/cookies-policy/legal|
|Collects information about how visitors use our site. We embed YouTube videos to demonstrate features which may place cookies.|
|Advertising pixel for prospecting and retargeting.|
|TinyMCE||HTML editor we use that may place cookies to facilitate a proper user experience.|
|Zapier||Third party integration cookies; zapforeversession and zapsession helps Zapier improve user experience for end users.|
|Sumo||Social sharing and heatmaps on how visitors use our site.||https://help.sumo.com/hc/en-us/articles/115004671147-How-Sumo-Cookies-Work|
Do Not Track
Mailshake does not track its customers over time and across third party websites to provide targeted advertising and therefore does not respond to "Do Not Track" signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of Personal Information about an individual consumer's online activities over time and across third-party Web sites or online services. Accordingly, your selection of the "Do Not Track" option provided by your browser may not have any effect on our analytics or tracking tools. Use the "Help" feature of your browser to obtain more information about refusing cookies. If you set the browser you use to reject cookies, you may not be able to access the Site or use the full functionality of the Site, or it may take additional time to utilize such functionality. If you opt to reject cookies, you may need to re-register with us every time you visit our Site. Your continued use of our Site reflects your consent to allow additional cookies to be placed on your computer to help you navigate the Site.
Pixel Tags, Web Beacons and Similar Technologies
As you use the Internet, a trail of electronic information is left at each website you visit. This information, which is sometimes referred to as "clickstream data," can be collected and stored by a website's server. Clickstream data can identify the type of computer and browsing software you use and the address of the website from which you linked to the Site. We may use clickstream data as a form of non-Personal Information to anonymously determine how much time visitors spend on each page of the Site, how visitors navigate throughout the Site and how we may tailor our web pages to better meet the needs of visitors.
Mailshake or our hosting provider may collect traffic information from visitors for statistical analysis and Site improvement. When you access the Site, we (or our hosting provider) may collect information about your visit in a log file on a server. Log file information may include, but is not limited to, internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks. We (or our hosting provider) use this information to analyze trends, administer sites, track users' movements in the aggregate, and gather demographic information for aggregate use. We (or our hosting provider) may review this information to better understand overall trends and to determine what kinds of content are popular with and useful to users.
Information Other Websites Collect from You
II.How We Use Information
We may use your Personal Information to help us improve our product and service offerings, improve the Site's functionality process queries on the Site, to contact you when necessary in connection with products or services you accessed or inquired about via the Site (i.e. troubleshooting your account), to provide you with account login credentials, and to send you information, offers and other promotional materials from us and selected third parties. We may also use your information for analytics purposes to assist us in understanding how you use the Site or Services and to improve our Site or Services. Below is how we use specific categories of Personal Information.
We may use your e-mail address to provide customer service information or answer your questions and requests. We may also occasionally send you our e-mail updates, notifications or other information about our products and services or about the products and services of our affiliated companies. We include information in each commercial email that allows you to opt out of receiving future communications.
By engaging in any kind of activity on the Site that uses financial information, you consent to our using your financial information, including credit card information, or providing your financial information to our service providers and to such third parties as we determine is necessary, to process your transactions. These third parties may include banking institutions used to process these transactions. Any of these various third parties are authorized to use your financial information in accordance with our contractual arrangements with such third parties and in accordance with their own privacy policies, over which we have no control.
We may use demographic information to tailor the Site and communications to the interests of our users.
Third-Party Email Account Syncing
Mailshake allows you to connect our Services to your various third-party email accounts (such as Gmail) for the purpose of sending email and for us to check your inbox for replies and bounces. We require a small set of permissions on your third-party email account to be able to do this and will only use it for the purpose of providing you with our Services or for diagnosing issues related to your third-party email account. Mailshake will not use your email account information for any purpose other than providing the Services to you. Mailshake is not responsible for any issues related to your third-party email account.
Permissions we require for connected Google accounts:
"View your email messages and settings"
- Mailshake will access your basic profile information including photo, name, and email address so that we can properly label your account.
- Mailshake will periodically check your inbox for messages. Our app will check your inbox to find replies to emails sent by your Mailshake campaigns in order to present this information to you within the Mailshake application, turn recipients into leads as necessary, and stop follow-up messages from sending when a reply causes someone to become a lead. We also look for unsubscribe requests and bounces to emails sent by Mailshake to keep your contact lists up to date and help you with deliverability.
- In rare cases, our engineers may use an internal tool to attempt to locate emails related to your Mailshake campaigns to either resolve a support request you submitted, to solve a bug, or to investigate a potential security issue. This is always done in such a manner that the engineers view the least amount of information possible.
"Send email on your behalf"
- Mailshake needs this permission to be able to run your campaigns.
III.Disclosure of Information
Disclosure to Agents
We may provide information about you (including your Personal Information) that you have provided to us through the Site to third parties ("Agents") that provide services to help us with our business activities such as to host or maintain our Site; for data processing services; to provide website or data security; to provide operational, analytical or reporting services; or to provide technical support. In connection with providing those services to Mailshake, an Agent may have access to your Personal Information, but such Personal Information will be disclosed to Agents in a manner consistent with our Data Security processes, will not be used for any purpose other than as Mailshake authorizes, and it will not be disclosed by the Agents to any third party.
Disclosure to Legal Authorities
Mailshake may disclose your Personal Information when required by subpoena, court order or other legal process, or if it has a good-faith belief that disclosure is necessary to (a) comply with any applicable federal, state or local law or regulation, (b) assist government enforcement agencies, (c) investigate, prevent or take action in connection with suspected or actual illegal activities, (d) investigate suspected or actual violations of Mailshake's rights, (e) protect the rights, property or safety of Mailshake and its customers or employees, or others, (f) investigate and defend against any third-party claims brought against Mailshake or (g) protect the security and integrity of our Site.
Disclosure for Corporate Transactions
Disclosure of Anonymized Information
Mailshake reserves the right to use and disclose anonymized information, aggregated information or publicly available information that has not been combined with nonpublic Personal Information for any purposes including without limitation Mailshake's internal use and research.
However, Mailshake will not disclose information, even in anonymized, aggregate, or derivative forms, that is made available by our connection to email providers such as Gmail, including API calls relating to checking, reading, or sending email, in accordance with the Additional Requirements for Restricted Scopes as specified by Google. When connecting to email providers such as Gmail, Mailshake will only make use of the information necessary to render our service so that we can display our user interface and perform requested actions on your account.
You may additionally opt out of receiving email communications by using the opt-out instructions included in an email you may receive from us.
Please note that changing or deleting your information through the Site, or otherwise opting out of receipt of email communications from us and third parties, will only change or delete the data in our database for purposes of transacting future business on or relating to the Site and for managing future communications from us and third parties. These changes and deletions will not change or delete information collected or submitted pursuant to any customer agreement, or information already collected as part of a product or service purchase in our transactions database which may be shared with our third-party service providers regardless of your email preferences.
Disclosure To Authorized Third Parties
IV.Your Rights and Choices
E-mail. As described above, if you do not wish to receive promotional emails from us, you may opt out at any time by following the opt-out link contained in the email itself. Please note that it may take up to ten (10) days to process your request. Please also note that if you opt out of receiving marketing communications from us, we may continue to send to you service-related emails which are not available for opt-out. If you do not wish to receive any service-related emails from us, you have the option to deactivate your account.
Cookies. You may also refrain from providing, or withdraw, your consent for cookies. Your browser's help function should contain instructions on how to set your computer to accept all cookies, to notify you when a cookie is issued, or to not receive cookies at any time.
Third Party Analytics Services. Some of the services used provide the ability to opt-out. You may opt-out of Google Analytics' using Opt-Out Features on their respective websites.
The Google Analytics service is provided by Google Inc. You can opt-out from Google Analytics service from using your information by installing the Google Analytics Opt-out Browser tool: tools.google.com/dlpage/gaoptout. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: www.google.com/policies/privacy.
Additional Rights. Subject to local law, you may have additional rights under the laws of your jurisdiction regarding your personal data, such as the right to complain to your local data protection authority.
V.Users Outside the United States
The Mailshake Site and Services are hosted in the United States and are governed by United States law. If you access the Site or Services from outside the United States, please be advised that the information you provide Mailshake may be transferred to, processed and stored in the United States where the Mailshake servers are located and our central database is operated. You acknowledge and understand that the data protection and other laws of the United States might not be as comprehensive as those in your country. By your continued use of the Mailshake Site and Service, you consent to the transfer of your personal information to the United States.
VI.California Privacy Rights for California Residents
California residents may request certain information regarding the disclosure of your personal information by Mailshake to third parties for direct marketing purposes. As noted above, Mailshake does not disclose your personal information to third parties for direct marketing purposes unless you have first agreed to such disclosure. However, if you would like to make such a request, then please contact Mailshake at email@example.com.
Mailshake takes reasonable precautions to protect Personal Information provided to us through the Site from loss, misuse, unauthorized access, disclosure, alteration and destruction. Mailshake has put in place reasonable and appropriate physical, electronic and managerial procedures designed to safeguard and secure such Personal Information from loss, misuse, unauthorized access, disclosure, alteration and destruction. Our security and privacy policies are periodically reviewed and enhanced as necessary. While Mailshake strives to undertake such reasonable and necessary efforts to secure Personal Information provided to us through the Site, even such security measures do not guarantee the security of all Personal Information, and Mailshake cannot guarantee that the Personal Information it collects, uses and retains will be protected in all circumstances, including those beyond Mailshake's reasonable control.
Particularly sensitive information is encrypted. You can usually tell whether encryption is being used by noting the "locked" or other status indicator on the browser you are using. If the browser you are using does not indicate that the session is secure (e.g., by displaying a lock, a key or a similar icon), you should assume that the connection is not secure and that third parties will receive the information shared by you and us during that part of the session. Your information may be transferred to and maintained on computer networks that may be located outside of the state, province, country or other governmental jurisdiction in which you reside, and the country or jurisdiction in which these computer networks are located may not have privacy laws as protective as the laws in your country or jurisdiction.
Below is a non-exhaustive list of our security procedures:
- All customer data has at-rest and in-transit encryption.
- User passwords and other similar user secrets are salted and stored with a one-way hash using the SHA-256 algorithm.
- Backups of data are stored for a maximum of 45 days.
- All compute resources that handle customer data are firewalled behind a virtual private cloud (VPC).
- Tight security rules are in place to allow only the minimal points of access to our VPC for the purposes of serving and maintaining our products.
- Full-time technical employees have limited access to customer data based on their role and job function.
- Mailshake has no technical contractors at this time and if any are contracted in the future they will get minimal, temporary access to production on a need-to-have basis.
- On Amazon Web Services, have policies in place that require multi-factor authentication for our accounts.
- Our email domain has a policy in place to require multi-factor authentication for anyone with a @mailshake.com email address.
- We rely on Stripe for all our payment processing: in terms of credit card information, we only store the last 4 digits of someone's card in our database.