Privacy policy

This Privacy Policy was last updated on 1st of June 2020
1. INTRODUCTION

The website accessible at messaggio.com (the “Website”) is operated by MESSAGGIO LTD, with its corporate seat at office E103, The Hub, Triq Sant Andrija, San Gwann, SGN 1612, Malta, and VAT identification number MT25357323 (also “MESSAGGIO”, “we” or “us”).

Our Services enable our Customers to, among other things, send content (“Messages”) to their mobile subscribers (“Users”) over telecommunications networks (“Communication channels”) using various messaging technologies (“System”).

This Privacy Policy (“Policy”) outlines what personal data we collect and how we process it. Please read it carefully to understand our views and practices regarding your personal data and how we will treat it.

Unless the context indicates otherwise our Privacy Policy applies to all Customers and Users of our messaging or other Services as defined in our standard Terms of Service accessible at https://messaggio.com/terms-and-conditions/ (“Terms”), including visitors to any of our websites.

Where used in this policy, the term “personal information” means any information identifying or describing an identifiable individual, including, but not limited to information relating to their name, age, gender, reproductive status, marital status, national, ethnic or social origin, sexual orientation, physical or mental health, disability, conscience, belief, culture, language and birth of the individual; educational, criminal or employment history of the individual, financial status or information relating to financial transactions in which they have been involved and any identifying number, address or contact information of the individual.

By using our website and agreeing to this Policy, you consent to our use of cookies in accordance with the terms of this policy.

2. INTERPRETATION

The words and phrases used in this Policy shall bear the same meanings as prescribed in the Terms, unless the context clearly indicates otherwise. In addition, these terms have the following meanings:

  • “User” is a person a Customer may contact through our Service. In other words, an User is anyone on a Customer’s Distribution List or about whom a Customer has given us information.
  • “User Database” is a list of Users a Customer may provide us with and all associated information related to those Users (for example, names and phone numbers).
  • “Personal Information” means any information that identifies or can be used to identify an individual directly or indirectly. Examples of Personal Information include, but are not limited to, first and last name, date of birth, email address, gender, occupation, or other demographic information.
  • “Visitor” means, depending on the context, any person who visits our website, accessible at https://messaggio.com.
  • “you” and “your” means, depending on the context, either a Customer, an User, or a Visitor.
3. OUR COMMITMENT TO PRIVACY PROTECTION

We are committed to maintaining the confidentiality, integrity and security of all personal information we collect or process and we will take all reasonable technical and organizational security measures to ensure that where any personal information is provided to us it will be protected against loss, destruction and damage, and against unauthorized or accidental access, processing, erasure, transfer, use, modification, disclosure or other misuse.

We shall not disclose to any person any personal data of a data subject that is processed or hosted by us where any such disclosure would not comply in all respects with the provisions of any applicable data protection legislation or regulations relating to the data subject concerned.

If you have any questions or concerns about our use of your personal information, then please contact us using the contact details provided at the end of Section 6.13.

To the extent we provide you with notice of different or additional privacy policies, those policies will govern such interactions.

4. PRIVACY FOR CUSTOMERS

This section applies to the Customer’s Personal Information we collect and process in relation to our provision of the Services. If you are not a Customer, this section does not apply to you. In this section, “you” and “your” refer to Customers only and potential Customers only, whereby a Customer is defined in the Terms as a legal entity, such as corporation, limited liability company, sole proprietorship firm, or other such establishment which is entitled to perform business activities.

4.1. What personal information we may collect
Personal information we collect may include information in relation to your entity:

  • Business contact information (such as personal names of your employees, job titles, organization’s location, phone number, email address, and country);
  • Marketing information (such as your contact preferences);
  • Account log-in credentials (such as your email address or usernames and passwords);
  • Troubleshooting and support data (This may include contact or authentication data, the content of your communications with us, etc.); and
  • Payment information (including your credit card numbers and associated identifiers and billing address).
  • from time to time, we may obtain information about you from third-party sources, such as public databases, social media platforms, third-party data providers, and our joint marketing partners.
  • Examples of the information we receive from other sources include demographic information (such as age and gender), device information (such as IP addresses), location (such as city and state), and online behavioral data (such as information about your use of social media websites, page view information and search results and links). We use this information, alone or in combination with other Personal Information we collect, to enhance our ability to provide relevant marketing and content to you and to develop and provide you with more relevant products, features, and service.

4.2. Your commitment to compliance
As our customer you undertake to, upon our request, fill our a form listing the source(s) of the personal data on your Users, measures you take for the protection of their personal data, User’s written consent to receive Messages and other measures required to ensure your compliance with the applicable personal data protection laws and regulations, as well as provide us with your privacy policy and general terms and conditions or other appropriate legal documents to ensure and showcase your compliance (“Statement of compliance”).

Your failure to produce a Statement of compliance may cause termination of our Services and any non-compliance is considered a fundamental violation of our Terms and as such a cause for termination of any applicable Service Level Agreement.

4.3. User databases
In order to use the Services you have to provide us with a User database that provides us information about your Users, such as their names and telephone numbers. We use and process this information to provide the Service in accordance with our contract with you or your organization and this privacy policy.

A Distribution List can be created in a number of ways, including by importing Users, such as through a CSV. We do not, under any circumstances, sell your User database. If someone on your Distribution List complains or contacts us, we might then contact that person. If we detect abusive or illegal behavior related to your User database, we may share your User database or portions of it with affected ISPs or anti-spam organizations to the extent permitted or required by applicable law.

5. PRIVACY FOR USERS

This section applies to the information we process about our Clients’ Users as a data controller. Our Service is intended for use by our Customers. As a result, for much of the Personal Information we collect and process about Users through the Service, we act as a processor on behalf of our Customers. We are not responsible for the privacy or security practices of our Customers, which may differ from those set forth in this privacy policy. Please check with individual Customers about the policies they have in place. For purposes of this section, “you” and “your” refer to Users.

5.1. Information we collect
The Personal Information that we may collect or receive about you broadly falls into the following categories:

(i) Information we receive about you from our Clients: A Client may provide Personal Information about you to us through the Service. When a Client provides their User database they provide us with certain contact information or other Personal Information about you such as your name, email address, address, or telephone number.

(ii) Information we collect automatically: When you interact with a Message that you receive from a Client or browse or Website, we may collect information about your device and interaction with a Message. We may use cookies and other tracking technologies to collect some of this information. Our use of cookies and other tracking technologies is discussed more below and in more detail in our Cookie Statement.

  • Device information: We collect information about the device and applications you use to access the Message sent through our Service, such as IP, telephone number, type of device, browser version, screen resolution.
  • Usage data: It is important for us to ensure the security and reliability of the Service we provide. Therefore, we also collect usage data about your interactions with SMS campaigns (and/or Messages) sent through the Service, which may include dates and times you access campaigns (and/or Messages). This information also allows us to ensure compliance with our Terms, to monitor and prevent service abuse, and to ensure we attain certain usage standards and metrics in relation to our Service. We also collect information regarding the performance of the Service, including metrics related to the deliverability of Messages and other communications that our Clients send through the Service. This information allows us to improve the content and operation of the Service and facilitate research and perform analysis into the use and performance of the Service.

(iii) Information we collect from other sources: From time to time, we may obtain information about you from third-party sources, such as social media platforms, and third-party data providers.

6. GENERAL

This section applies to the information we process about our Clients’ Users as well as the Clients. Our Service is intended for use by our Customers. For purposes of this section, “you” and “your” refer to Users and Customers unless otherwise indicated.

6.1. Use of personal information

We may use the Personal Information we collect or receive in relation to providing the Service (alone or in combination with other data we source) for the purposes and on the legal bases identified below:

  • To bill and collect money owed to us by you to perform our contract with you for the use of the Service or where we have not entered into a contract with you, in accordance with our legitimate interests to operate and administer our Service.
  • To send you system alert messages in reliance on our legitimate interests in administering the Service and providing certain features.
  • To communicate with you about your account and provide customer support to perform our contract with you for the use of the Service or where we have not entered into a contract with you, in reliance on our legitimate interests in administering and supporting our Service.
  • To enforce compliance with our Terms and applicable law, We may or our third-party service provider may also review content of the Messages.
  • To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
  • To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements in reliance on our legitimate interests.
  • To prosecute and defend a court, arbitration, or similar legal proceeding.
  • To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
  • To provide, support and improve the Service.
  • To provide suggestions to you and to provide tailored features within our Service that optimize and personalize your experience in reliance on our legitimate interests in administering the Service and providing certain features.
  • To perform data analytics projects in reliance on our legitimate business interests in improving and enhancing our products and services.
  • To conduct marketing research, advertise to you, provide personalized information about us, and to provide other personalized content based on your activities and interests to the extent necessary for our legitimate interests in supporting our marketing activities or advertising our Service or instances where we seek your consent.
  • To carry out other legitimate business purposes, as well as other lawful purposes, such as data analysis, fraud monitoring and prevention, identifying usage trends and expanding our business activities in reliance on our legitimate interests.
  • To cooperate with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Information to protect our rights or is necessary for our legitimate interest in protecting against misuse or abuse of our Service, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, or responding to lawful requests.

6.2. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to collect and use Personal Information about you on our Website, including to serve interest-based advertising. For further information about the types of cookies and tracking technologies we use, why, and how you can control them, please see our Cookie Statement.

6.3. Your Data Protection Rights
Depending on the country in which you reside, you may have the following data protection rights:

  • To access; correct; update; port; delete; restrict; or object to our processing of your Personal Information.
  • You may contact us directly by emailing us at support@messaggio.com. You can also manage information about your Users and request to access, correct, update, port or delete information that you have provided. Note, if any of your Users wish to exercise any of these rights, they should contact you directly, or contact us as described in the “Privacy for Contacts” section below.
  • The right to complain to a data protection authority about the collection and use of Personal Information. For more information, please contact your local data protection authority.
  • Similarly, if Personal Information is collected or processed on the basis of consent, the data subject can withdraw their consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Information conducted in reliance on lawful processing grounds other than consent. If you receive these requests from Users, you can segment Users to ensure that you only market to Users who have not opted out of receiving your Messages.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection law. We may ask you to verify your identity in order to help us respond efficiently to your request. If we receive a request from one of your Users, we will either direct the User to reach out to you, or, if appropriate, we may respond directly to their request.

6.4. Legal Basis for Processing Personal Information (Applies to EEA and UK Persons Only)
If you are located in the EEA or UK, our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.

However, we will normally collect and use Personal Information from you where the processing is in our legitimate interests and not overridden by your data-protection interests or fundamental rights and freedoms. Our legitimate interests are described in more detail in this privacy policy in the sections above titled “Use of Personal Information”, but they typically include improving, maintaining, providing, and enhancing our technology, products, and services; ensuring the security of the Services; and supporting our marketing activities.

If you are a Customer, we may need the Personal Information to perform a contract with you. In some limited cases, we may also have a legal obligation to collect Personal Information from you. If we ask you to provide Personal Information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not, as well as of the possible consequences if you do not provide your Personal Information.

Where required by law, we will collect Personal Information only where we have your consent to do so.

If you have questions or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us using the contact details provided in the “Questions and Concerns” section below.

6.5. Your Choices and Opt-Outs
You can opt out of receiving marketing messages from us at any time by clicking the “unsubscribe” link at the bottom of our marketing messages.

Also, all opt-out requests can be made by emailing us using the contact details provided in the “Questions and Concerns” section below.

6.6. Our Security
Taking into account relevant developments in technology including telecommunications and messaging services, technical limitations associated with different messaging and telecommunications protocols, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we shall in relation to the Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.

In assessing the appropriate level of security, we shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.

6.7. Data Storage and International Transfers
Our servers and offices are located in the Malta – European Union, so your information may be transferred to, stored, or processed in the EU. We are subject to Maltese Data protection act of April 2018.

If you are a resident of a state or country which is not one of the Member States of the European Union you hereby consent to having your personal information stored and processed in Malta under the applicable Privacy Shield Framework. /p>

6.8. Retention of Data
We retain Personal Information where we have an ongoing legitimate business or legal need to do so. Our retention periods will vary depending on the type of data involved, but, generally, we’ll refer to these criteria in order to determine retention period:

  • Whether we have a legal or contractual need to retain the data.
  • Whether the data is necessary to provide our Service.
  • Whether our Customers have the ability to access and delete the data.
  • Whether our Customers would reasonably expect that we would retain the data until they remove it.

When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

Note that If MESSAGGIO merges with, or is acquired by, any other business, you acknowledge that your personal information may fall under the control of another person.

6.9. Third party data processing
We may, for the purpose of providing the Services pass and retrieve data, including personal information, between the different software systems and third parties.

Where we make use of third party service providers to help us provide the Services to you, including for the purposes of retrieving or delivering information, records, notifications or other messages to you or any User’s or for hosting or providing any component of our Services, we require such third parties to maintain the confidentiality of any personal information we provide to them for these purposes.

Such third parties may be situated outside of your country and you consent to your personal data and that of any data subjects you provide to us being transferred cross-border so that we can provide the Services to you. In this regard, we engage only with reputed third party service providers who have security and privacy policies and procedures providing at least the same level of protection as we do ourselves. You warrant that you have all necessary permissions to give us the above consent.

We may share data, including Personal Data, collected from Users of our Services with third-party service providers or consultants who require access to that data to perform their work on our behalf for the purpose of helping us deliver our Services. These third party service providers or consultants are limited to only accessing or using this data to provide the services to us and must provide reasonable assurances that they will appropriately safeguard the data. We may also share non-personal or non-identifiable information, including website visitor information and account usage data with third party analytics service providers.

We may share and disclose your Personal Information to the following types of third parties for the purposes described in this privacy policy.

(i) Our service providers: Sometimes, we share your information with our third-party service providers working on our behalf for the purposes described in this privacy policy. For example, companies we’ve hired to help us provide and support our Service or assist in protecting and securing our systems and services and other business-related functions.

Other examples include analyzing data, hosting data, engaging technical support for our Service, processing payments, and delivering content.

(ii) Advertising partners: We may partner with third-party advertising networks, exchanges, and social media platforms to display advertising and we may share Personal Information of Users and Customers with them for this purpose. We and our third-party partners may use cookies and other similar tracking technologies, such as pixels and web beacons, to gather information about your activities in order to provide you with targeted advertising based on your browsing activities and interests. Any such sharing will be done solely based on your explicit consent.

(iii) Any competent law enforcement body, regulatory body, government agency, court or other third party where we believe disclosure is necessary (a) as a matter of applicable law or regulation, (b) to exercise, establish, or defend our legal rights, or (c) to protect your vital interests or those of any other person.

(iv) A potential buyer (and its agents and advisors) in the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this privacy policy, including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on our Website.

6.10. Communications with You
We may communicate with you by email and other messaging applications. You may opt out from promotional communications from us that are not strictly related to the provision of the Services to you.

6.11. Personal Information of Minors
We do not intentionally collect personal identifiable information from anyone who is a minor. If it is discovered that we have unintentionally collected personally identifiable information from a minor other than for a legitimate purpose associated with the Services, we will delete that information immediately.

6.12. Changes to this Policy
We may change this privacy policy at any time and from time to time. The most recent version of the privacy policy is reflected by the version date located at the top of this privacy policy. All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this privacy policy or other notice on the Website. We encourage you to review this privacy policy often to stay informed of changes that may affect you. Our electronically or otherwise properly stored copies of this privacy policy are each deemed to be the true, complete, valid, authentic, and enforceable copy of the version of this privacy policy that was in effect on each respective date you visited the Website.

6.13. Questions and Comments
If you have questions, comments, concerns or feedback regarding this Privacy Policy, please send an e-mail to support@messaggio.com or by letter addressed to: MESSAGGIO LTD, E103, The Hub, Triq Sant Andrija, San Gwann, SGN 1612, Malta.