Email Marketing Privacy Policy

Effective March 1st, 2024

The email marketing businesses, including Kickbox, Campaigner, SMTP, iContact, and their subsidiaries, affiliates, and parent company, Ziff Davis, Inc. (collectively “Email Marketing”) provide enhanced email marketing capabilities and services to enterprise customers.  Email Marketing values your privacy and is committed to protecting the privacy of your information. 

This Privacy Policy (or “policy”) describes how Email Marketing uses the personal information you provide and the rights you have. We have created this Privacy Portal to help you exercise your rights.

  1. Privacy Policy Overview
  2. Information We Collect, Receive and Create About You
  3. Data Processing and Retention
  4. Sensitive Personal Information
  5. Direct Marketing
  6. Behavioral Advertising
  7. Cookies
  8. Information We Share With Third Parties
  9. International Transfers of Information
  10. Data Security and Breach Handling 
  11. How to Control your Information
  12. Your Rights with Respect to Your Personal Information
  13. How to Change Your Preferences
  14. Contact Details
  15. Children
  16. California Consumer Rights Metrics
  17. How this Privacy Policy May Change

1. Privacy Policy Overview

Email Marketing owns and operates several interactive websites, mobile and connected  applications, including their and other online interactive features and services (collectively “services” or “our services”). 

This policy covers information collected through the following websites and mobile applications. 

  • Campaigner
  • iContact 
  • Kickbox
  • SMTP
  • And related mobile and desktop sites and applications

In part, the purpose of this policy is to notify users of Email Marketing’s policies and practices with respect to their data. By using the services provided you have agreed to the Terms and Conditions (or ToU); and this policy is a part of the ToU.

2. Information We Collect, Receive and Create about You

We may collect or obtain information about you when you sign up, when you create profiles, pages or contributions, when you use and interact with our services and when you make your personal information public. In some cases, we may also receive information about you from third parties. 

Data you provide when you sign up: This is, for example, username, password, name, email, phone, physical address, subscription and billing information, and business information, and basic information about any other accounts you choose to associate with your registration, like your Google account. 

Data you provide when you create accounts: This is user generated contributions, such as web pages and all related content. We encourage all of our users to make conscious choices about what they share online. Email Marketing, including its affiliates, subsidiaries and parent company, is not responsible for the information you disclose to the public using our services. 

Data we collect through your use of our services: We make and keep records when we provide you support or assistance on our services. We may also collect information about how you interact with our various services (or parts of our services) or third party content you see on our apps and sites. We also collect data on how you interact with the ads you see. 

Data we receive from third parties: In some cases, we may receive information about you from third parties, for example, social networking sites. Please note that this policy does not cover the practices of third parties, including those that may disclose information to us.

3. Data Processing and Retention

We process your personal information in order to provide you the best experience of our services. We may also process your Information where the processing is necessary for the establishment, exercise or defense of legal rights.

Below is a chart stating which categories of your personal information we process for which purposes specifically, and how long we retain that data. Our processing of your data is subject to your use of our service, your privacy preferences, and your account settings choices.

Personal Information

We may process the following categories of personal iInformation about you.

Categories of personal information  Purpose of processing 
legal basis
Retention Period
Account Information (Personal Details): Information you provide to us such as, your name; postal address; telephone and/or mobile number; email address; employer; login details, including username and password; interests; public social media handles or profile(s); and photograph posted by you and other users.

To provide use of our services as agreed in the ToU.  

__________

Legitimate Interest 

For the life of the account and a reasonable and legally compliant time thereafter. 
App Data. Data and metrics around account usage. 

Maintain and improve service standards

___________

 Legitimate Interest

For the life of the account and a reasonable and legally compliant time thereafter. 
Audio, Video, and Other Electronic Data: audio, electronic, visual, or similar information such as photographs, video submissions, call recordings and contents of your media library.

Promote user expression through our services and to conduct contests and rewards. 

___________

 Legitimate Interest 

For the life of the account and a reasonable and legally compliant time thereafter. 
Consent Records: records of any consents you may have given, together with the date and time, means of consent and any related information (e.g., the subject matter of the consent).

Comply with applicable laws and regulations and users’ choices. 

___________

Legal Requirement

For the life of the account and a reasonable and legally compliant time thereafter. 

Customer Records: electronic customer records containing personal information, such as name, signature, address, telephone number, or any financial information. We may also collect Personal Data information about you through your communications with our customer support team. 

NOTE: Please ensure that no sensitive personal data is submitted in connection with your requests for support (for example, health information, political or religious beliefs, information about minors, etc.).

To maintain service standards and provide users with the ability to communicate efficiently and effectively with our company. 

____________

 Legitimate Interest

Customer records will be kept in accordance with applicable laws.
Demographic Information: We may collect gender; age/date of birth; nationality; salutation; job title, company information, education, work experience and other professional information; language preferences.

Enable customer expression, maintain and improve service standards, and marketing with consent.  

____________

Legitimate Interest

For the life of the account and a reasonable and legally compliant time thereafter. 
Location Information: We collect your IP address from which we can derive imprecise location information, for example, at the city or zip code level, of a user’s computer or device. We may also have this type of location information if you provide it to us during sign up or in your profile, project page, or contributions.

Maintain service standards, provide relevant content and marketing with consent. 

____________

 Legitimate Interest

For the life of the account and a reasonable and legally compliant time thereafter.
Profile Information and User Contributions: For certain Services, you may choose to create a public profile, a project page or a profile page, or create your own contributions.All contents of these pages and contributions are processed, including any views and opinions included by you.  

Enable customer expression, and provide  use of our services as agreed in the ToU.  

____________

Legitimate Interest 

For the life of the account and a reasonable and legally compliant time thereafter.
Transaction Information: information on how you interact with the Services, including records of products or services purchased, obtained or considered  such as the coupons you view and redeem, the gift cards you purchase or sell via our Services, the cash back offers that you claim, including copies of receipts that you submit; financial information related to your transactions, information about you as needed to administer your participation in our rewards programs; payment information, including payment card number, expiration date, and CVN; other information about how you use our Services, email, or searches for and interactions with e-commerce opportunities, such as how you interact with our merchants, business partners, and service providers, including, in some cases and where your settings permit, the items you purchase from those merchants.

Completion of transaction, providing full use of our services as agreed in the ToU, and marketing with consent.  

_____________

Performance of a Contract

For the life of the account and a reasonable and legally compliant time thereafter.
Device Information and Device ID: Device ID, which is a distinctive number associated with a smartphone or similar handheld device.  As well as, device information, including Device type, operating system and software information, and settings.   

Maintain and improve the quality of services 

____________

legitimate interest

For the life of the account and a reasonable and legally compliant time thereafter.
Advertising Identifiers: A user-resettable identification number for advertising associated with a device (e.g., iOS uses the Identifier for Advertising (IDFA) and Android uses Google Advertising ID).

Marketing 

_________

Consent

For the life of the account and a reasonable and legally compliant time thereafter.
Connectivity Data: We may collect WiFi connection or service set identifier (“SSID”), mobile or desktop access, and IP verification. 

Maintain and improve the quality of services 

____________

legitimate interest

For the life of the account and a reasonable and legally compliant time thereafter.
Cookies: Information collected through the use of cookies, eTags, Javascript, pixel tags, device ID tracking, anonymous identifiers and other technologies, including information collected using such methods and technologies about (i) your visits to, and interaction and engagement with, the Services, Subject to your privacy choices and settings, content and ads on third party websites, applications, platforms and other media channels (“Channels”), and (ii) your interaction with emails including the content and ads therein (collectively, “Online Data”).

Marketing 

_________

Consent

In compliance with the Cookie Policy
Engagement Data: Information about (i) your visits to, and interaction and engagement with the services, content and ads on third party websites, applications, platforms and other media channels (“Channels”), and (ii) your interaction with emails including the content and ads therein (collectively, “Online Data”), which are collected through the use of cookies and cookie like technologies.

Marketing

____________

Consent

In compliance with the Cookie Policy

4. Sensitive Personal Information

We do not seek to collect or process sensitive personal information, such as, race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, or sex life. Where users choose to disclose sensitive personal information, we do not use the sensitive information for any additional purpose without consent, unless required to comply with laws, or prevent crimes.  

5. Direct Marketing

We may use the contact details you provided us to reach out to you with information regarding services that may be of interest to you, for example, upcoming promotions. You may unsubscribe or opt out of SMS messages at any time at no cost.

6. Behavioral Advertising

Email Marketing and third parties, subject to your privacy choices and settings, may collect data about your behavior while using our services in order to provide you with more relevant interest-based advertising on other websites and applications, as well as our partners’ platforms and media channels.

7. Cookies 

We may collect information about you through the use of cookies and similar technologies on our sites and apps, or your devices. In compliance with your privacy choices and settings, we also may permit our third-party service providers to perform various analytics functions and to provide you with more relevant or interest-based advertisements using cookies. 

Some third parties may choose to use their own cookies for the purposes of collecting information relating to the viewing of their advertising. To learn more about how we use cookies, and to manage your preferences, please see our Cookie Policy.  This policy, and our Cookie Policy, are only intended to cover the use of cookies as they relate to Email Marketing businesses.

8. Information We Share with Third Parties

Ziff Davis Companies: Email Marketing is owned by Ziff Davis Inc. We share your information with other businesses owned by Ziff Davis, Inc. (“Ziff Davis Companies”) to assist us in the operation of our services, improve them, and further develop them.

We also share information with other Ziff Davis Companies for the purposes of targeted advertising. If you would like to opt out of the sale or sharing of your data with other Ziff Davis Companies, you can do so via our Privacy Portal 

Other Third Parties: We may also share your personal information with the following:

  • Relevant third party provider, where our services use third party advertising, plugins or content, subject to your privacy choices and settings, and our ToU; 
  • Merchants, business partners, or advertisers where you consented and chose to participate in offers, contests, or other activities; 
  • Third party Processors (such as analytic providers; data centers; etc.), located anywhere in the world, subject to the requirements and limitations;
  • Legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation; 
  • Any party as directed by a law enforcement agency or court, to the extent necessary for the establishment, exercise or defense of legal rights;
  • Law enforcement for the purposes of prevention, detection, or investigation of criminal offenses and any legal proceedings associated with them; and 
  • In the case of a full or partial acquisition, relevant third parties. A list of sub-processors is available upon request.

9. International Transfers of Information

We may transfer your information to recipients in other countries. Email Marketing participates in the E.U.-U.S. Data Privacy Framework, the UK extension to the EU-U.S. DPF, the Swiss-U.S. Privacy Framework and the APEC Cross Border Privacy Rules System. Where we transfer information from the European Economic Area (“EEA”) to a recipient outside the EEA that is not in an adequate jurisdiction, we do so on the basis of standard contractual clauses.

Because of the international nature of our business, we may need to transfer your information within the Ziff Davis Companies, and to third parties as noted above, in connection with the purposes set out in this Policy. For this reason, we may transfer your information to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located.

Email Marketing and its associated affiliates and subsidiaries complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Email Marketing has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  Email Marketing has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov.

We are committed to staying current with developments related to the Data Privacy Framework and may update our transfer mechanisms and safeguards as necessary to remain compliant. Any updates will be reflected in this Privacy Policy.  

If you are a European individual with a privacy related complaint, concern or question about Ziff Davis, Inc.’s privacy practices, please contact us through our Privacy Portal. Under certain conditions, more fully described on the Data Privacy Framework website, European individuals may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Where we transfer your personal information from the EEA to recipients located outside the EEA who are not in a jurisdiction that has been formally designated by the European Commission as providing an adequate level of protection for information, we do so on the basis of standard contractual clauses. You may request a copy of the relevant standard contractual clauses using our Privacy Portal. Please note that when you transfer any personal information directly to an entity established outside the EEA, we are not responsible for that transfer of your information. We will nevertheless process your information, from the point at which we receive the data, in accordance with the provisions of this policy.

Enforcement Authority

The Federal Trade Commission has jurisdiction over our compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Complaints Mechanism  

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Email Marketing commits to resolve DPF Principles-related complaints about our collection and use of your personal information.  EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact Ziff Davis at privacy@icontact.com.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Email Marketing commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to TrustArc, an alternative dispute resolution provider.  The services of Trustarc are provided at no cost to you.  For further information please visit https://trustarc.com/dispute-resolution/.  

Under certain conditions, a binding arbitration option may be available to you in order to address complaints not resolved by any other means. For further information, please see Annex I of the EU-U.S. Data Privacy Framework Principles at: https://www.dataprivacyframework.gov/.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Email Marketing commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.

For a list of our subsidiaries and affiliates who also adhere to the DPF Principles, please click here.

Our privacy practices described in this Policy comply with the Asia-Pacific Economic Cooperation (“APEC”) Cross Border Privacy Rules System. To learn more about this program, please click here.

10. Data Security and Breach Handling

We implement appropriate technical and organizational security measures to protect your personal information against unlawful destruction, loss alteration, misuse, or unauthorized access while in our possession. All parties we contract with must agree to provide reasonable data security measures for the customer information we share with them, in compliance with applicable laws and regulations. 

If we learn of a security breach that affects our users, we may send an email or other direct communication to you, or post a blog to notify the public on our Help and Support Security Center. If you have any reason to believe that your data with us has been compromised (for example, there has been unauthorized access to your account), please contact us at privacy@icontact.com.

11. Data Retention

We will retain your personal information for as long as is necessary in connection with the purposes set out in this policy, and in accordance with applicable laws. For more details on how long data is retained see the table in Section 3.   

12. Your Rights With Respect to Your Personal Information

Many privacy regulations afford consumers a number of specific rights. If you are a resident of the EU (under GDPR), UK (under the UK GDPR), Brazil (under the LGPD), several U.S. States, including California (CCPA), Virginia (under VCDPA), Colorado (under the CPA), and Connecticut (under the CTDPA), or another jurisdiction with similar privacy requirements, you have certain rights which may include those listed below. 

Your rights: 

  • Right to Withdraw Consent: Where you are requested to consent to the processing of your personal information by IeL, you have the right to withdraw your consent at any time.
  • Right to Know: You have a right to know what personal information we collect, process, and share or sell. This policy is meant to provide transparency with regard to your data. If you have additional questions, you can email us at privacy@icontact.com.  
  • Right of Access: You can request a copy of the personal information we have collected about you from us. 
  • Right to Delete/Erase: You can request us to delete all the information we have collected about you. It is important to note that by exercising your right to deletion you may lose access to your account and any purchases, points or features associated with it. If you wish to cancel your account or request that we no longer use some or all of your information to provide you services, please contact us via the details provided in Section 14. 
  • Right to Request Rectification: If you find that any of your information that we are processing is inaccurate, you can contact us to have your information corrected. In response, we will cancel or remove your information but may retain and use copies of your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. For certain requests, we may require additional information.
  • Right to Opt-out of the Sale or Sharing for Targeted Ads (CA): Under some circumstances we may sell or share the personal data you provide to us to provide ads to you that align with your interests. If you would prefer not to have your data sold or shared, you can opt-out of selling or sharing by submitting a request via Privacy Portal or by emailing privacy@icontact.com. We may ask for additional information to verify your request.
  • Right to Object to the Processing: You can object to our processing of your personal information via our privacy portal, under certain circumstances. By objecting to processing, you may not be able to access some or all of our services. This right is limited to personal data processed for commercial purposes. 
  • Right to Object to the Use of Sensitive Personal Information: You have the right to object to our use of your sensitive personal information. Sensitive personal information is information about your health, race, religion, sexual orientation, gender identity, political opinions or philosophical beliefs. You should always be mindful about the personal information you share online, especially when it is sensitive in nature. 
  • Right to Object to Automated Processing: You have a right to object to the processing of your data for the purposes of automated decision making about you. 
  • Right to not be Discriminated Against: You have a right to not be discriminated against for exercising your rights. 
  • Right to Complain (EU, UK, Switzerland): Should you wish to raise a complaint about the collection or use of your information, you have the right to do so without prejudice to any other rights you may have. You may lodge a complaint with your local data protection authority.
  • Right to an Authorized Agent (CA): If you would like to make a request on behalf of a California consumer who is a current or former customer, please provide an email from the email address we have on file for the customer authorizing the request. You may also make a request under the California Consumer Privacy Act on behalf of a California consumer if you provide (1) a signed, written permission from the consumer to act on your behalf, and the consumer verifies their own identity directly with us; or (2) proof that the consumer has provided you with power of attorney pursuant to Probate Code sections 4000 to 4465. We may deny a request from an agent that does not submit proof that they have been authorized by the consumer to act on their behalf.

In order to make privacy requests please visit our Privacy Portal and fill out the form. You can also email us at privacy@icontact.com. Our contact information can be found in the “Contact Details” section below. 

You may be required to verify your identity before we can give effect to these rights. If you are making a request on behalf of a user, we require a signed authorization letter from the consumer.

13. How to Change Your Preferences

You can change your preferences at any time. Below is a list of some of the actions you can take. 

Your Newsletter and Email Subscriptions. You can opt out or unsubscribe to a newsletter or other email list at any time by following the instructions at the end of the newsletters or emails you receive. Please allow five to ten business days for changes to take effect. On some Services, member service-related communications are an integral part of the service to which you subscribe and you may continue to receive emails as part of that particular portion of the services, even if you opt out of the newsletters or email list. In these cases, you cancel your account to cease communication. Also note that if you have provided more than one email address to us, you may continue to be contacted unless you request to unsubscribe each email address you have provided, or delete your accounts.

Opting Out of Tracking. Currently, our Services do not recognize browser do-not-track signals. However, you may manage how your browser handles cookies and related technologies by adjusting its privacy and security settings. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. You can also opt-out of being targeted by certain third party advertising companies.

California Residents. In accordance with the California Online Privacy Protection Act, we may collect Personal Information about your online activities when you use our services. California’s “Shine the Light” law permits our users who are California residents to request and obtain certain information about any Personal Information disclosed to third parties for direct marketing purposes. If you are a California resident and wish to make such a request or if you wish for us to refrain from gathering your Personal Information, please submit your request in writing to us using the contact details in Section 14.

14. Contact Details

You can submit privacy related inquiries to our Privacy Portal.

For any additional questions, you can contact us by emailing:

iContact: support@icontact.com  

Correspondence:

Ziff Davis
Attention: Legal Department
114 Fifth Avenue, 15th Floor
New York, NY 10011

We have registered our DPO with the Irish Data Protection Commission. If you have any questions or concerns about our privacy practices, we encourage you to contact our DPO at the following email address dpo@ziffdavis.com or at the following address:

Ziff Davis 
Attention: Legal Department
Unit. 3.1, Woodford Business Park
Santry, Dublin 17
Ireland

15.Children

These services are not intended for use by children, especially those under 18. We reserve the right to remove a user’s account at any time, when necessary, if we discover that a user is under the required age limit for the service. If you have reason to believe we have collected personal information from someone under 18, please report it to us so we can take appropriate steps to rectify this.

16. California Consumer Rights Metrics

Pursuant to the California privacy regulations, our consumer rights metrics can be found on our Regulatory Information Site.

17. How this Privacy Policy May Change

This policy may be amended or updated from time to time at our discretion. Any updates will be effective at the time of publication, unless specified otherwise. Your continued use of our services after the publication of a policy update constitutes your consent to the changes. We will notify you prior to making policy updates that materially change the way we treat your personal data, and will not use your data in a materially different manner without your consent.