Privacy Policy

Peerlist Inc. ("Peerlist", "we", "us" or "our") operates the AutoSend email service. Peerlist Inc. is a company incorporated in Delaware, United States, and this Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use AutoSend (the "Service"). By using AutoSend, you agree to the collection and use of information as described in this Privacy Policy. This policy is designed to comply with applicable privacy and email communication laws, including U.S. and international regulations, and to provide transparency about our data practices.

We are committed to protecting your privacy and ensuring our Service is used in compliance with all relevant laws. In operating an email service platform, we adhere to regulations such as the CAN-SPAM Act (United States) and similar anti-spam laws worldwide, GDPR (European Union General Data Protection Regulation), CCPA/CPRA (California Consumer Privacy Act and amendments), CASL (Canada's Anti-Spam Law), and other applicable data protection and electronic communication laws. We have a zero-tolerance policy for spam or abuse: AutoSend is proactively monitored to prevent unsolicited or harmful emails, and we maintain measures (like suppression lists) to ensure emails are only sent to those who want to receive them.

Scope: This Privacy Policy applies to personal information we process as a data controller (for example, when you create an AutoSend account, visit our website, or communicate with us). In many cases, AutoSend also acts as a data processor on behalf of our customers: when you (as our customer) upload or send emails to your end-users or recipients through our Service, we process any personal data in those emails strictly under your instructions and for the purpose of providing the Service. If you are an end-user or email recipient receiving an email via AutoSend, please note that the organization or individual who sent you the email (our customer) is the party controlling your data; we process it only to deliver the email and as otherwise instructed by them. Our customers are responsible for ensuring they have a lawful basis (such as consent) to use your personal data in emails, and you should refer to their privacy policies for how they handle your information. We will not use the content of emails or recipient addresses for our own purposes (other than as needed to provide the Service), and we never sell the email addresses of your recipients.

By using AutoSend or providing personal information to us, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this Policy, you should not use the Service. If you have any questions about our privacy practices, you can contact us using the details provided at the end of this document.

Definitions

For the purposes of this Privacy Policy:

• "Service" means the AutoSend website, application, and email sending platform operated by Peerlist Inc.

• "Personal Data" means any information that relates to an identified or identifiable individual. This includes information such as a name, email address, contact details, as well as any other data that can be reasonably linked to a specific person. It can also include information about a person's use of the Service (like IP address or user activity) or information contained in communications sent via AutoSend (for example, the content of an email or metadata).

• "Usage Data" means information collected automatically when you use our Service. This could include technical information like your IP address, device and browser type, pages or features used, time and date of access, and other diagnostic data.

• "Data Controller" means the person or organization who determines the purposes and means of processing Personal Data. For example, when you provide Personal Data to create an account or when we collect data from our website visitors, Peerlist acts as a Data Controller.

• "Data Processor" (or "Service Provider") means a person or organization which processes Personal Data on behalf of a Data Controller. When we handle Personal Data on behalf of our customers (e.g. handling email recipient data that our customer uploads), we are acting as a Data Processor for our customer, who is the Data Controller in that context.

• "User" (or "Customer") means an individual or entity using our Service (typically, the account holder who uses AutoSend to send emails). The User is usually the Data Controller for any recipient data they submit to the Service.

• "Recipient" (or "End User") means an individual who receives an email sent through AutoSend by one of our customers. The Recipient may be the Data Subject of Personal Data contained in the email (such as their email address or name).

Other terms used in this Privacy Policy have meanings consistent with applicable data protection laws or as defined in our Terms of Service. We aim for clarity, but if you have any questions about any definitions or concepts in this Policy, feel free to contact us.

Information We Collect and Receive

We collect several types of information in order to provide and improve the Service, to communicate with you, and to ensure legal compliance. This includes information you provide to us directly, information we collect automatically, and information we process on behalf of our customers.

Personal Data You Provide to Us: When you interact with AutoSend, you may give us Personal Data. This includes:

• Account and Contact Information: When you sign up for AutoSend or use our Service, we may collect information such as your name, business name, email address, phone number, mailing address, username, and password. For example, during registration or account setup we will ask for an email address and your name, and possibly other identifying details needed to provide the Service. We use this information to create and manage your account, to communicate with you about your account, and to provide the services you request.

• Billing Information: If you purchase a paid plan or any paid features of AutoSend, we (or our third-party payment processor) will collect billing details such as payment card information and billing address. Note: AutoSend itself does not store full credit card numbers or financial account details on our servers. Payments are handled by reputable third-party payment processors (like Stripe) that specialize in processing payment data securely. Your payment information is submitted directly to such processors and is handled in accordance with their privacy policies and security standards. (For reference, our payment processor adheres to PCI-DSS, the Payment Card Industry Data Security Standard, which helps ensure secure handling of payment information.)

• Communications with Us: If you contact us with a question, request support, or otherwise communicate with our team (via email, support ticket, or phone), we will collect the information you choose to share. This may include your contact information and the contents of your communications. We use this information to respond to you and improve our customer service.

• Content You Provide: You may provide content through our Service, for example by composing and sending emails via AutoSend. This content might contain personal information (such as the names or email addresses of your email recipients, and any personal data included in the email body or attachments). Important: When you upload or send personal information about third parties (for instance, your customers or subscribers) via AutoSend, you are responsible for ensuring you have a lawful basis to do so and for complying with any consent or notice obligations toward those individuals, as required by law. We treat the personal information contained in the content of emails you send as your data – we process it only to deliver the Service on your behalf, and our use of that data is limited by our Terms and this Privacy Policy. We do not use the contents of your emails or your recipients' contact information for our own marketing or other purposes, and we do not share it with third parties except as needed to provide the Service (and in accordance with this Policy). In other words, we will never sell or rent your email distribution lists or your recipients' addresses. Any processing of that data is done solely to fulfill the purpose for which you provided it – namely, to transmit emails and perform related services like tracking deliverability.

Information We Collect Automatically: When you use the AutoSend website or application, we automatically collect certain information about your device and usage of the Service (collectively, "Usage Data"). This data helps us understand how our Service is used and aids us in maintaining the security and performance of AutoSend. Usage Data may include:

• Technical Identifiers: Your Internet Protocol (IP) address, device type, browser type, browser language, operating system, device identifiers, and other similar technical information when you access our Service.

• Usage Details: Logs of your activity on AutoSend, such as the pages or screens you visit, features you use, the date and time of your access, the amount of time spent on pages, and other analytical data about how you interact with the Service. For example, we may log when you log into your account, when emails are sent, or when you perform key actions in the dashboard, as well as performance metrics.

• Cookies and Similar Technologies: We use cookies, pixels, and similar tracking technologies on our website to personalize your experience, keep you logged in, and analyze usage. Cookies are small files stored on your device that can identify your browser or device. For instance, when you visit our site, we may place cookies to remember your preferences and gather analytics about traffic. We do not use cookies to serve third-party advertising, but we do use them (and allow certain third-party analytics providers to use them) to understand aggregate usage and improve our website. You have choices to control or disable cookies through your browser settings; however, be aware that disabling cookies might affect some functionality of our Service (like staying logged in). See Cookies and Tracking Technologies below for more detail on how we use cookies and your choices.

Information Related to Email Sending ("Customer Data"): As an email service provider, AutoSend processes data that our customers input into the system for purposes of sending emails. This can include:

• Recipient Data: If you use AutoSend to send emails, you will provide us with recipients' email addresses (and sometimes additional information like the recipient's name, company, or other metadata you include). We store the email addresses and any associated metadata as needed to deliver the emails and provide our services to you. We handle this information as a Data Processor on your behalf and do not use it except as directed by you (for example, to send out your newsletters or transactional emails). We also generate and store records of email transactions (for example, logs that an email was sent to a particular address, whether it was delivered or bounced, whether the recipient opened the email or clicked a link, etc.) – these are important for providing you with deliverability analytics and for our compliance and support functions.

• Email Content: The content of the emails you send through AutoSend (subject lines, email body, attachments) may be temporarily stored on our servers in the process of sending the message. We do not access or read the content of your emails except as necessary to troubleshoot delivery or as part of automated scanning to prevent abuse (such as scanning for viruses or spam). Email content is retained on our servers only as needed to ensure delivery and reliability of the Service. For example, if an email cannot be delivered immediately, we might queue it for retry and keep the content until delivered or for a limited time before it's deleted. We may also retain logs or excerpts of email content for a short duration for anti-fraud, spam prevention, and troubleshooting purposes, after which the data is deleted. AutoSend employs automated systems to monitor for spam and other violations of our Acceptable Use Policy; any content scanning is primarily algorithmic and intended to protect all users' deliverability and compliance.

Information from Third Parties: We may receive some information about you from third-party sources. For example, if you sign up through an OAuth provider or single sign-on (SSO) service, that service may share basic profile information with us as authorized by you. Additionally, if someone refers you to our Service or if we utilize third-party marketing or data enrichment services, we might receive your business contact information from those sources. We treat any such information in accordance with this Privacy Policy once in our possession.

We do not knowingly collect sensitive personal information (such as Social Security numbers, government ID numbers, financial account passwords, precise biometric data, etc.) or special categories of personal data (such as information about health, race, religion, etc.) from users for the use of our Service, and we ask that you do not upload or transmit such data via AutoSend unless absolutely necessary for a specific function and permitted by law. AutoSend is generally not meant for handling highly sensitive personal data, and use of the Service to process health information or other regulated data (e.g. medical records under HIPAA, payment card data outside our integrated processor, etc.) should only be done in compliance with applicable laws and with our explicit agreement. We are not a covered entity under HIPAA, and emails sent through AutoSend are not encrypted end-to-end by default; you should refrain from sending protected health information or other sensitive data unless you have taken appropriate measures to comply with all legal requirements.

How We Use Your Information

We use the collected information for various business and commercial purposes in order to operate and improve AutoSend, communicate with users, and comply with the law. Specifically, Peerlist Inc. uses personal data for purposes including:

• Providing and Maintaining the Service: We use your information to provide you with the features and functionality of AutoSend. This includes using your data to create and secure your account, to send emails that you initiate through the platform to your intended recipients, and to ensure those emails are delivered. For example, we'll use the recipient addresses you upload strictly to carry out your mailing instructions. We also use data to monitor the delivery of emails, to manage bounces and unsubscribes, and to otherwise perform the core email-sending service you expect.

• Service Improvements and Analytics: We process Usage Data and feedback to understand how our Service is used and to make improvements. For instance, we analyze aggregate usage patterns to improve reliability, identify popular features, and troubleshoot issues. Understanding which features are used helps us prioritize new development. We may also use diagnostic data (like error logs or performance metrics) to fix bugs and enhance compatibility with various devices and email clients.

• Communication and Customer Support: We use contact information (like your email address or phone number) to communicate with you about the Service. This includes sending necessary account or transaction communications (e.g. account verification, password changes, billing invoices, confirmations, security alerts, and notices about feature updates or system maintenance). We also respond to you when you contact our support team. If there are changes to our Service or important notices (such as security updates or changes to terms), we will notify you through the appropriate channels.

• Marketing and Newsletters: With your consent (or as otherwise permitted by law), we may use your email or other contact details to send you promotional communications, such as newsletters, product updates, offers, or events from Peerlist/AutoSend that we believe may be of interest to you. You can opt-out of or unsubscribe from marketing emails at any time by clicking the "unsubscribe" link in such emails or contacting us directly. We will not send you marketing communications if you have opted out. (Note: Transactional or account-related emails are not considered marketing and will be sent as needed even if you opt out of marketing, for example password reset emails or critical account notices.) We abide by anti-spam laws like CAN-SPAM for any marketing emails we send – e.g., our messages will include our identity and contact information, will not use deceptive headers or subject lines, and will provide a clear way to unsubscribe.

• Preventing Fraud and Abuse: We process certain data (including potentially scanning email content or analyzing sending patterns) to detect and prevent fraudulent activity, security breaches, and violations of our Acceptable Use Policy. This is crucial for maintaining a trusted platform for all users. For example, we may use automated tools to block or filter spam emails, phishing attempts, or other abusive content. We also keep records of IP addresses and login activity to help identify unauthorized access. These efforts help us protect the integrity of the Service and comply with laws that prohibit misuse of email (such as anti-spam regulations).

• Legal Compliance: We may use and retain personal information as needed to comply with our legal obligations. For instance, we might keep records of transactions for tax and accounting purposes, or use data to comply with lawful requests from authorities if we are required by law to respond. We also use data to enforce our agreements and to protect our legal rights (for example, using information to investigate and address potential illegal activities or breaches of our Terms of Service).

• Other Purposes: We may use your information for any other purpose that we describe at the point where you provide it, or otherwise with your consent. For example, if you grant us permission to feature your success story or testimonial on our website, we would use your information for that specific purpose with your agreement. If we intend to process personal data for a purpose that is incompatible with those listed above, we will inform you and obtain consent if required.

We do not use personal data for automated decision-making or profiling in a way that produces legal or similarly significant effects on individuals, without human involvement. Any automated processing (such as filtering spam) is solely aimed at improving service quality and compliance, and does not involve decisions that would significantly affect your individual rights or privileges without human review.

Data Security

We implement industry-standard security measures to protect your information, including:

• Encryption of data in transit and at rest

• Regular security audits and vulnerability assessments

• Access controls and authentication mechanisms

• Secure data centers with physical security measures

Your Data Protection Rights

We believe in user privacy rights and comply with applicable laws that grant individuals rights over their personal data. Depending on your location and the relevant data protection law, you may have some or all of the following rights regarding the personal data we hold about you:

• Right to Access: You have the right to request confirmation of whether we are processing your personal information, and if so, to request a copy of the personal data we hold about you. We will provide you with a copy of your data in a common format, so you can verify the information and check that we are processing it lawfully.

• Right to Rectification: If any of your personal data is inaccurate or incomplete, you have the right to ask us to correct or update it. We encourage you to keep your account profile information up-to-date, and you can make many changes yourself by logging into your account. For any data you cannot update yourself, you can contact us to request correction.

• Right to Erasure: You have the right to request deletion of your personal data, also known as the "right to be forgotten," in certain circumstances. For example, if you no longer want to use AutoSend, you can request that we delete the personal data we have about you. We will honor such requests to the extent required by applicable law. Note that we may retain some information for legal compliance or legitimate business purposes as outlined in the Data Retention section (for example, we cannot immediately delete information we need for billing or which is required to maintain by law). If complete deletion is not possible (e.g., data is stored in backups), we will inform you and, if required, securely isolate and protect the data until deletion is possible.

• Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain scenarios. This might apply if you contest the accuracy of the data (we can restrict processing while verifying accuracy), or if you object to processing and we are determining whether our legitimate grounds override yours, or if processing is unlawful but you prefer restriction over deletion, or if we no longer need the data but you need us to keep it to establish, exercise, or defend legal claims. When processing is restricted, we will store your data securely and not use it (except to the extent allowed by law, such as with your consent or for legal claims).

• Right to Data Portability: Where applicable (e.g., under GDPR), you have the right to receive a copy of certain personal data in a structured, commonly used, machine-readable format, and to have that information transmitted to another service provider (if technically feasible). This right applies to personal data you provided to us, which we process by automated means and rely on consent or contract as the legal basis. In practice, this might include things like your account information. We will provide the data in a format like JSON or CSV that is readily useable.

• Right to Object: You have the right to object to our processing of your personal data in certain circumstances. For example, if we are processing your data based on our legitimate interests, you can object if you believe our interests are overridden by your privacy rights. If you object to direct marketing, we will cease processing your data for those purposes immediately (you can always opt-out of marketing emails as noted above). For other types of objections, we will evaluate your request and comply unless we have compelling legitimate grounds to continue or a legal reason that permits us to continue processing.

• Right to Withdraw Consent: If we rely on your consent to process any personal data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing that was done before withdrawal. For instance, if you gave consent to receive marketing emails, you can revoke that consent (unsubscribe) and we will stop sending you marketing emails.

• Right not to be subject to Automated Decisions: AutoSend does not use automated decision-making (including profiling) that produces legal effects or similarly significant effects without human involvement. If that changes, individuals in certain jurisdictions would have the right to not be subject to such decisions without safeguards.

To exercise any of these rights, you (or an authorized agent acting on your behalf) can contact us as described in the "Contact Us" section. Please specify which right you wish to exercise and the scope of the request. For your protection, we will need to verify your identity before fulfilling certain requests (for example, we may ask you to provide proof of identity or to verify control of your email account). We will respond to your request within the timeframe required by law (e.g., typically within 30 days for GDPR, and 45 days for CCPA, with possible extensions). If we cannot fulfill your request, we will provide an explanation subject to legal limitations.

EU/EEA Residents (GDPR Rights): If you are located in the European Union, EEA, or UK, our processing of your personal data will comply with the GDPR or UK GDPR as applicable. In addition to the rights listed above, you have the right to lodge a complaint with a supervisory authority (data protection authority) in the country where you live or work, or where an alleged infringement of data protection law has occurred. We encourage you to contact us first so we can address your concerns directly, but you are entitled to reach out to the authorities at any time. We are committed to respecting your rights under GDPR, including rights of access, correction, deletion, and objection, as detailed above. If you have any questions about how we handle your data under GDPR, you can contact our Data Protection Officer (if applicable) or our support team.

Our lawful bases for processing personal data under GDPR include: your consent (for example, for marketing communications), performance of a contract (providing you the Service you signed up for), compliance with legal obligations, and our legitimate interests (such as improving our services, preventing fraud, or direct marketing to our customers, balanced with your rights). We will be transparent about these legal bases upon request.

California Residents (CCPA/CPRA Rights): If you are a resident of California, you have specific privacy rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). These rights, some of which overlap with those above, include:

• Right to Know: You can request that we disclose what personal information we collect, use, disclose, and sell (if applicable) about you. This includes the categories of personal information we have collected, the sources of that information, the business or commercial purposes for collecting or selling it, the categories of third parties with whom we share personal information, and specific pieces of personal information we hold about you. Upon a verifiable request, and within the bounds of what the law requires, we will provide either the specific pieces of information or a report of the above details for the 12-month period preceding your request. You have the right to request this information twice in a 12-month period.

• Right to Delete: You can request that we delete personal information we have collected from you. Upon verifying such a request, we will delete (and direct our service providers to delete) your personal information from our records, except for cases where it is necessary for us or our service providers to retain it for permitted purposes (such as completing a transaction you requested, detecting security incidents, complying with legal obligations, etc.). We will inform you of any data we cannot delete (for example, if you have an ongoing subscription we might need to retain your email to provide the service, or we may retain certain data for legal compliance). If deleting certain data means we cannot continue providing you with some aspect of the Service, we will let you know the consequences (for instance, deleting your account data will terminate your account).

• Right to Opt-Out of Sale or Sharing: California law gives you the right to opt-out of the "sale" of your personal information or the "sharing" of your personal information for cross-context behavioral advertising. However, we do not sell personal information to third parties (and have not done so in the past). We also do not share personal information for cross-context behavioral advertising in the sense of CCPA/CPRA. Since we do not engage in these practices, we do not offer a "Do Not Sell or Share My Info" link at this time. If that ever changes, we will update our policy and provide a mechanism for you to opt-out.

• Right to Correct: Under CPRA, California residents also have the right to request correction of inaccurate personal information maintained by us. If you believe we hold incorrect information about you, please contact us with the details and upon verification we will correct it.

• Right to Limit Use of Sensitive Personal Information: We do not collect or process sensitive personal information (such as Social Security number, financial account passwords, precise geolocation, race/ethnicity, health, etc.) for the purpose of inferring characteristics about you. Any sensitive info we might incidentally collect (for example, a payment card number for a transaction) is used only for the necessary purpose (completing that transaction) and not used to infer characteristics. Therefore, the right to limit use/disclosure of sensitive info is generally not applicable to our operations.

• Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means we will not deny you services, charge you a different price, or provide a different level of quality because you exercised your rights. However, please note that if you request deletion of certain data, we may not be able to provide services that rely on that data. For example, if you ask us to delete all your account information, we cannot continue to provide you with the AutoSend service (as your account would no longer exist). In such cases, ending service is not discrimination; it's a consequence of your request. But we will not make unfair distinctions or impose penalties for exercising your rights.

To exercise California privacy rights, you (or an agent authorized to act on your behalf) can contact us through the methods listed in the Contact section. We may need to verify your identity with at least two or three pieces of personal information (depending on the sensitivity of the data requested) to ensure we are dealing with the correct person. If you have an account with us, verification might be done through existing authentication (like requiring you to email from the account's email or login to confirm). For a request to know specific pieces of info or a deletion request, we may require a higher level of verification (which could include a signed declaration under penalty of perjury in some cases). Authorized agents must provide proof of authorization. We will confirm receipt of your request within 10 business days and aim to respond substantively within 45 calendar days. If we need more time (up to an additional 45 days), we will inform you of the reason and extension in writing.

Also, California's "Shine the Light" law (Civil Code § 1798.83) allows customers to request certain information about our disclosure of personal information to third parties for their direct marketing purposes. As noted, we do not share your personal information with unaffiliated third parties for direct marketing without your consent. Therefore, we believe our practices fall under the exemption to that law by either not sharing such info or by only sharing as a service provider. If you have questions about this, you can still reach out to us.

Other Jurisdictions: No matter where you are located, if you contact us with a privacy-related request, we will do our best to accommodate it in accordance with applicable law. If a certain law does not formally apply to our operations, we may still try to honor your request as a courtesy (unless it would conflict with legal obligations or the rights of others).

Anti-Spam and Email Compliance

AutoSend is an email service provider, and we are deeply committed to ensuring that our platform is used only for legitimate, wanted emails. We comply with all relevant email regulations and we require our customers to do the same. This section outlines our practices and expectations regarding email communications:

• Consent and Opt-In: If you are using AutoSend to send marketing or promotional emails, you must have the proper consent from your recipients in accordance with laws like the CAN-SPAM Act, CASL, GDPR, and other applicable regulations. We expect our customers to only send emails to individuals who have given permission (e.g., through signup or explicit opt-in) or where there is another legal basis (such as a transactional relationship). AutoSend's platform includes features to help manage subscriber lists, but it is ultimately the sender's responsibility to ensure compliance with opt-in requirements.

• Identification and Content Requirements: We ensure that emails sent through our system can comply with legal requirements for identifying the sender and content honesty. The CAN-SPAM Act in the U.S., for example, requires that commercial emails have accurate header information, a non-misleading subject line, a clear identification that the email is an advertisement (if applicable), and a valid physical postal address of the sender. AutoSend allows senders to include these details, and our system may append certain information (such as an unsubscribe link or physical address) to emails where required. We also support including custom headers or footers in emails as needed for legal compliance.

• Unsubscribe Mechanism: Every bulk or marketing email sent via AutoSend should include a clear and functioning unsubscribe link or instructions, enabling recipients to opt out of future emails. Our platform provides tools for managing unsubscribe requests – for instance, if a recipient clicks the unsubscribe link, we automatically flag or remove them from your mailing list as appropriate. Under laws like CAN-SPAM, senders must honor opt-out requests within 10 business days. AutoSend facilitates immediate opt-out processing, and we require our customers to respect those opt-outs. We also maintain a suppression list to prevent sending to addresses that have unsubscribed or that have consistently bounced, ensuring compliance and improved deliverability.

• Prohibited Content and Usage: Our Acceptable Use Policy (AUP) spells out certain types of content and sending practices that are forbidden. This includes (but is not limited to) sending spam (unsolicited mass emails), phishing emails, malware, hate speech, harassment, or any content that is illegal or violates the rights of others. We actively monitor our network for signs of abuse. AutoSend uses automated filters and human review to detect violations – for example, unusually high bounce or complaint rates might trigger an account review. We also may utilize third-party reputation services and blocklists. If we detect spam or malicious activity, we will take swift action, which could include suspending or terminating the offending account. As SendGrid (a leading ESP) notes, they have a team dedicated to staying at the cutting edge of compliance and delivery, and similarly, AutoSend invests in keeping spam off our platform.

• Email Deliverability and Authentication: To comply with best practices and standards, we encourage and help our users set up email authentication records like SPF, DKIM, and DMARC. These standards verify that you are an authorized sender for your domain and help prevent email spoofing and phishing. Many receiving mail servers also require or prefer these for good inbox placement. AutoSend provides guidance on configuring these DNS records (SPF includes our sending servers, DKIM allows us to sign your emails, and DMARC helps enforce policies). Using these measures not only improves compliance (by reducing the chance of your domain being used for unauthorized spam) but also aligns with industry best practices for privacy and security of email.

• Compliance with Global Standards: We ensure our systems support compliance with various international laws. For example, CASL (Canada) requires prior consent for commercial emails and certain disclosures; GDPR (EU) requires opt-in consent for emails in many cases and honoring requests like erasure – if you have EU subscribers, you need to respect those rights, and our platform helps by allowing deletion of subscriber data upon request, etc. PECR (UK) and the ePrivacy Directive also require consent for marketing emails, which we facilitate. We provide our customers with the tools needed, but we also reserve the right to audit and enforce compliance. If a customer is found to be in violation of anti-spam laws or our policies, we can suspend their sending and require corrective action.

• No Third-Party Marketing Use of Data: AutoSend does not use the data of your email recipients for our own marketing. We do not subscribe your contacts to any lists, and we do not sell or share those contacts with others. The only time we would send something to your contacts is the exact emails you have asked our system to send (or in rare cases, a system-generated notice such as a feedback loop processing or error message, which is usually to you, not to your end-users). In short, your email lists remain confidential and used solely for your intended purpose on our platform.

• Feedback Loops and Complaints: Many mailbox providers (like Yahoo, Outlook, etc.) offer feedback loop (FBL) services where if a recipient marks an email as spam, that info is sent back to the sender or sender's ESP. AutoSend subscribes to major FBLs and will process spam complaints accordingly. If a recipient flags your email as spam, we may automatically unsubscribe them from your list to respect their wish. We also track complaint rates; high complaint rates can indicate problems in how a customer gathered their list or the content they're sending, and will result in intervention from our compliance team.

• CAN-SPAM Safe Harbor and Identification: The CAN-SPAM Act has certain requirements that we follow for any promotional emails we might send, and we build our service such that our customers can comply as well. For instance, CAN-SPAM requires inclusion of a valid physical mailing address of the sender. We prompt our users to provide a physical address in their email templates or settings. If a user doesn't have one, we advise them that one is required by law for marketing emails. We also ensure that if we ever send out communications (like our own newsletter to customers), we include our company's address and an unsubscribe link.

Our commitment to anti-spam compliance is also evidenced by features like the "Dynamic suppression list" highlighted in our service: we automatically avoid resending to addresses that have unsubscribed or bounced, ensuring compliance with opt-out requests and protecting sender reputation. Additionally, by monitoring domain and IP reputations, we help keep our sending infrastructure reputable so that legitimate emails reach inboxes and not spam folders.

If you ever receive an unsolicited or problematic email that appears to come from an AutoSend server, please notify us immediately. We will investigate every complaint of spam or abuse and take appropriate action. Users who violate our anti-spam policies may be warned, suspended, or terminated, and we cooperate with law enforcement as needed to address serious abuse.

In summary, AutoSend strives to ensure all emails sent through our platform are compliant with relevant laws and desired by their recipients. By using AutoSend, you agree to follow all applicable email laws and our anti-spam policies, and we in turn commit to providing a service that facilitates lawful, privacy-respecting email communications.

Children's Privacy

Our Service is not intended for use by children or minors. We do not knowingly solicit or collect personal information from individuals under the age of 13 (and in certain jurisdictions, such as the EEA or UK, under the age of 16). Children under 13 (or under 16, where applicable law dictates a higher age for consent) should not create an AutoSend account or otherwise provide us with personal information.

If we become aware that we have inadvertently collected personal data from a child without proper parental consent, we will take steps to delete that information as soon as possible. For example, if a child were to sign up using false information about their age, once discovered, we would deactivate the account and remove their data from our records. If you are a parent or guardian and you believe that your child under the applicable age has provided us with personal information, please contact us immediately so that we can take appropriate action.

AutoSend does not offer services directed to children. Users must be old enough to consent to the processing of their personal data in their country (for instance, 13 in the U.S., 16 in parts of the EU) or have obtained verifiable parental consent. By using AutoSend, you represent that you meet the applicable age requirement. We reserve the right to ask for proof of age or parental consent if we suspect an account is being used by someone who is underage.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. If we make material changes to this Policy, we will notify you by appropriate means: for example, by posting the updated Privacy Policy on our website with a new "Last Updated" date, and possibly by sending you a notice via email or within your account dashboard. We will indicate at the top of the Policy when it was last updated and/or its effective date.

Any changes will become effective on the date indicated in the revised Policy (or when posted, if no other date is stated). We encourage you to review this Privacy Policy periodically for any updates. If you continue to use AutoSend after a revised Privacy Policy has become effective, it means you accept the revised terms. If you do not agree with the changes, you should stop using the Service and, if appropriate, deactivate your account.

For significant changes, especially those that might affect your rights or the way we use personal data, we will provide a more prominent notice (such as a banner on our site or a direct notification). However, minor changes (such as clarifications or typographical corrections) may occur without special notice.

We maintain prior versions of our Privacy Policy for transparency. If you wish to see a historical version, you can contact us to request it, or check our website if we provide an archive. Your continued use of AutoSend following the posting of any changes indicates acceptance of those changes.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us: [email protected]