1. WEBSITE PRIVACY POLICY

2. GENERAL SERVICES PRIVACY POLICY

3. ONLINE and DIGITAL SERVICES PRIVACY POLICY

Last Updated Dec , 2020

1. 1. Website / Application / Shopping cart Privacy Policy

Scope

This Emailexpress Website Privacy Policy (the “Privacy Policy”) applies solely to information collected by Emailexpress. (“Emailexpress”) on this Emailexpress website (the “Site”). This Privacy Policy provides information about how and why Emailexpress collects and uses the information provided to us on this Site.

For information on Emailexpress’s range of services, how we use data across our different services, and your options, please refer to the Emailexpress General Services Privacy Policy located below.

For information on Emailexpress’s online behavioral advertising activities and how to opt out of having data processed for online behavioral advertising purposes, see the Emailexpress Online and Digital Services Privacy Policy located below.

Links to Third Party Sites

This Privacy Policy does not apply to the information collection and use practices of third-party sites including, but not limited to, client and affiliate websites, applications and websites on which we may place advertisements, and any third-party websites you may link to from our sites. Emailexpress does not endorse or make any representations about these third-party sites or applications, or any information, software, products or materials found there. We encourage you to review the privacy policies of these third-party sites to understand their data collection and use practices.

Information Collection, Use and Sharing

Information Collection

We collect two types of information from and about our Site Users: personal information (or “personal data” in the EEA) that identifies you, which is collected when you provide it do us, and tracking data which is collected when you navigate the website.

Tracking data may include things like the Uniform Resource Locator (“URL”) of the Site you visited before coming to our Site, the URL of the Site you visit after leaving our Site, the type of browser you are using and your Internet Protocol (“IP”) address. We, and/or our authorized third parties, may automatically collect this information when you visit our Site through the use of electronic tools like Cookies and Web beacons or Pixel tags, as described below.

We use tracking data to troubleshoot, administer the Site, analyze trends, gather demographic information, comply with applicable law, and cooperate with law enforcement activities. We may also share this information with our authorized third parties to measure the overall effectiveness of our online advertising and content.

Personal Data. Personal Data means information from which you can be identified. It does not include anonymous or aggregated data that cannot be linked back to a specific individual.

Information Use

Emailexpress uses the information we collect at this Site to fulfill your requests, respond to your inquiries and provide Emailexpress news or updates. We may also use your information to make our Sites easier for you to use and to inform you of service and product updates, whitepapers, new products, market research opportunities and other related information from Emailexpress, or to send you promotional messages regarding various Emailexpress products and services.

Emailexpress may use your tracking data to analyze trends, administer the Site, track users’ activities on the Site, help us understand the parts of our Sites visited most often and gather broad demographic information for aggregate use in improving our Site.

Emailexpress may also obtain personal information from you if you apply for a job with us. This data would include name, email address, mailing address, employment history and any other information contained in your resume/C.V. that you submit through our Site. We may use this information to send you a welcoming email, to verify your username and password for employee recruitment purposes, and to respond to your requests for information and correspond with you throughout the application process.

Information Sharing and Disclosure

Emailexpress may share your information with our affiliate companies and service providers for the purposes described in this policy.

We reserve the right to disclose your information as required by law, court order or other valid legal processes or in connection with the consolidation, sale of or other transaction related to our business. We also reserve the right to disclose your information if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a valid government request.

Choices

Opt-Out of Emailexpress Newletter Communications

You may opt-out from receiving Emailexpress Newletter Communications by clicking on the unsubscribe mechanism included in each email message we send.

Even if you choose to opt-out of our communications, Emailexpress will retain and use your information to comply with our legal obligations, resolve disputes, enforce our agreements and to maintain a record of your opt-out. You may also still receive transactional emails, such as registration confirmation, product updates and responses to direct requests you have made.

Cookie Policy

Cookies are small text files that store data using your web browser to make your browsing experience easier and faster. We, and our third-party service providers who assist with managing our Site, use cookies, web beacons and similar technologies on our Site to improve the performance of our Site, to make our Site more user-friendly and to track your use of our Site.

Types of Cookies used on our Site

Performance Cookies: These cookies collect information about how visitors use our Sites for web analytics purposes, for instance which pages visitors go to most often and error messages received. These cookies are only used to improve how our Sites work and your experience on our Sites; they do not track your browsing activity on other websites. By using our Sites, you agree that we can place these types of cookies on your device.

Functionality Cookies: These cookies allow our Sites to remember choices you make (such as remembering your username and password, language preference or the region you are in) and provide enhanced, more personalized features. These cookies may also be used to remember changes you have made to text size, fonts and other personalization. They may also be used to provide services you have requested, such as keeping you logged in to your account as you browse the internet. These cookies do not track your browsing activity on other websites. By using our Sites or by signing up for an account with us, you agree that we can place these types of cookies on your device.

Managing Cookies in You Browser

You may be able to adjust your browser settings to manage your cookie preferences, such as setting your browser to notify you when you receive a cookie and give you the choice to decide whether or not to accept it. If you reject cookies, you may still use our Sites, but the functionality of some areas may be limited.

Below are links to information about managing your cookie preferences in common browsers:

· Google Chrome Cookies

· Mozilla Firefox Cookies

· Internet Explorer Cookies

· Safari Cookies

· Google Analytics

Content Sharing Features

Our Sites include social media sharing features, such as LinkedIn and Twitter buttons, and may set a cookie to enable the feature to function properly. These features may collect your IP address and which page you are visiting on our Sites. Social media features are governed by that social media company’s privacy policy.

· Facebook Privacy

· Twitter Privacy

· Linkedin Privacy

DATA RETENTION.

We only retain the information we collect, including personal data, for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, as well as applicable legal requirements.

SECURITY.

Emailexpress uses commercially reasonable safeguards to protect personal information against loss, misuse or alteration and to maintain the integrity and security of all information collected through the Site.

YOUR RIGHTS REGARDING PERSONAL DATA.

You may have the following rights under applicable data protection laws in relation to your Personal Data, including:

Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of personal information we hold about you.

Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

Request erasure of your personal information. This enables you to ask us to delete personal information. There may be some cases where, as allowed by applicable laws we may refuse to delete data. We may also anonymize data so that it cannot be related back to you instead of deleting it.

Object to processing (opt out) You also have the right to object where we are processing your personal information for direct marketing purposes.

Request restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party.

INTERNATIONAL DATA TRANSFERS.

For users based in the European Economic Area (EEA) we may share your personal data within the Emailexpress Group or with external third parties. This may involve transferring your data outside the EEA, including (but not limited to) the United States or India.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

· We may transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.

· We may transfer data subject to specific contracts approved by the European Commission, which ensures that personal data the same protection it has in Europe regardless of where it is processed. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.

· For some service providers based in the US, we may transfer data to them if they participate in the EU-US Privacy Shield program, which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

Do Not Track

Currently, various browsers – including Internet Explorer, Firefox, and Safari – offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites’ visited by the user about the user’s browser DNT preference setting. Emailexpress does not currently commit to responding to browsers’ DNT signals with respect to the Company’s Web sites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent.

Children’s Privacy

This Site and the services we provide are intended for general audiences, and is not intended for use by persons under the age of 16. If we learn that we have inadvertently collected personal information from a child under the age of 16, we will delete it. If you believe that we have collected personal information from a child under 16, please contact us using the information below.

Updates to this Privacy Policy

We reserve the right to modify this privacy statement at any time. Note the date of the most recent update at the top of this page. If we make material changes to this policy, we will notify you here, by email, or by means of notice on our home page.

Contact Us

To ask questions about Emailexpress’s Privacy Policy or to request more information on Emailexpress’s privacy practices, email us at privacy@Emailexpress.io

Or send correspondence via mail to:

Emailexpress

4283 Express Lane

Suite 3347-808,

Sarasota, Florida, 34249

2. GENERAL SERVICES PRIVACY POLICY

INTRODUCTION

Emailexpress is a marketing and advertising company that uses software and data about consumers to help advertisers reach selected audiences via online or in-app ads, email, direct mail, or telemarketing. Emailexpress collects and uses data about individual consumers in order to identify or predict the types of advertisements most likely to appeal to them. We use a lot of data, because more data points about a person’s interests and purchase intent leads to more accurate advertising with a higher rate of return for advertisers. Emailexpress has various lines of service, as described below, and the way each works is different. But in general, the sole purpose for our collection and use of data is to match people to advertisements that are likely to interest them. That is our mission. We use data, software, and ingenuity to help advertisers reach people who want their products and services. Our business succeeds when we help advertisers achieve higher-than-average rates of response to ads—that is, people clicking on or forwarding an ad or ultimately making a purchase.

This Services Privacy Policy describes each of the different types of services we provide, which for purposes of this privacy policy are divided into two main categories:

· Service Provider: where Emailexpress handles personal data collected by another company (our client) under the terms of its privacy policy solely to perform a service for that company; and

· Data Collector: where Emailexpress uses personal data it has collected from and about individuals on its own behalf. The terms of this privacy policy apply to these services.

When we act as a service provider, we follow the client’s privacy policy because the data we process as a service provider belongs to our client and we handle the data only at the client’s direction and acting exclusively on their behalf. When Emailexpress collects data directly from consumers or obtains data collected by third parties for our own business purposes we are responsible for how such data is used and shared, and for giving effect to individuals’ privacy legal rights.

For all of our services the overall purpose of our data collection, use, and sharing is the same—to match advertisements to people who have a propensity to engage with them, and ultimately to increase sales for our advertiser clients.

All services may include some amount of “lookalike modeling,” where we use data about known purchasers of a product or respondents to an ad to identify individual attributes that indicate a propensity to buy that product or respond to that ad. This allows us to create a profile of the attributes of a person most likely to respond to an ad, which is used to inform who a future ad will go to.

We do not provide services that include ads with illegal or adult content, nor do we advertise on adult sites or collect data about what adult sites people visit. We do not knowingly collect or sell personal information from children under 16. In the event that we learn that we have collected personal information from a child under the age of 16, we will delete it. We do not knowingly facilitate any advertising that is exploitative, discriminatory, hateful, deceptive, or abusive, and our process for doing this is audited annually.

The types of data we use are also the same across all our services:

(1) Data you have provided directly either to Emailexpress, our client (an advertiser), or another company you authorized to share data for marketing purposes. This data generally consists of an email address, in some cases name and street address, and/or the answers to survey questions or questionnaires.

(2) Data collected indirectly from you using cookies or other online or mobile technologies that allow us to identify certain sites that you visit or apps that you use online. Included is information about when and where you gave your permission to receive commercial email, your IP address, and visits you made to certain websites. We log these page views to help infer your interests in order to determine what sort of products or services might interest you. This data typically does not include direct identifiers (like name and address), but it can still be linked back to you via unique identifiers like a cookie ID, mobile ad ID, or an encrypted version of your email address.

(3) Data we have obtained from third-party data brokers or data partners. This may include data obtained from public records (like your street address, age, and gender), but also data relating to purchases, interests, or likely interests that can be derived from a wide variety of sources. In some cases, we may obtain data from third parties in or close to real time in regard to a specific ad placement. This “just in time” approach to obtaining data means that we collect and aggregate less data ourselves, while still being able to draw on third-party data sources to help make decisions about which ad to send to which person.

Our sources of data include:

· You, when you give data directly to one of our websites, clients, or data sharing partners;

· Advertisers who may provide us data they have collected from or about you to use in performing marketing and advertising services for them;

· Data we or others collect using cookies or other online trackers. In some cases this data may be linkable to your directly identifying data (name & email);

· Data brokers who supply data obtained from public records, or who resell data obtained from private sources. Data from private sources (like magazine publishers, credit card companies, or retailers) typically has its directly identifying data removed (like your name and email address) and is linked instead via unique identifiers like a proprietary ID, encrypted email address, or other indirect identifiers, but in some cases we are able to link this data back to you.

· Data partners who supply data similar to the kinds we obtain from data brokers. The difference between a data broker and a data partner is that we buy data from data brokers, but we may exchange data with data partners.

Recipients of our data include service providers who perform services for us like web hosting, data security services, or auditing, our advertiser clients, and companies that we may trade data with for purposes of Online Behavioral Advertising (see below). Emailexpress is not a data broker in the sense that we do not simply sell data. The ways in which we share data with our clients are very limited. You will find more details on this in the sections below describing each of our services.

SERVICES WHERE EMAILEXPRESS ACTS ONLY AS A SERVICE PROVIDER

Where we perform services exclusively as a service provider or data processor, the data that we handle belongs to our advertiser client. In most cases this data will be provided to Emailexpress by the advertiser. Advertisers may also ask us to collect data on their behalf through various means, including direct collection from individuals, indirect collection via cookies or other online tracking mechanisms, or via third-party sources like data brokers. When we collect data as a service, all of the data we collect belongs to our client and is governed by the client’s privacy policy.

Database Services. Emailexpress performs services for clients that include database setup, structuring, formatting, migration, and maintenance. In some cases, Emailexpress maintains a “database of record” for a client, meaning that the client has outsourced the maintenance of its primary customer database to Emailexpress. In such cases, Emailexpress will collect data directly from individuals, but handles the associated personal data exclusively as a service provider and does not do anything with the data outside the scope of the services that we have been hired to perform.

Email Services. Clients may engage Emailexpress to send email to their existing customers on their behalf. For instance, if you have given a retailer your email address, we might send commercial or transactional messages from that retailer, such as an emailed receipt for a purchase, a reminder that you have items in your shopping cart, or to deliver an updated client privacy policy. We may also send you advertisements from that retailer, for instance offering discounts, new products, or sales. When we perform these services we are acting on the advertiser’s behalf, and everything we do is at the advertiser’s direction and subject to the terms of its privacy policy.

Call Center Services. Clients may engage Emailexpress to receive calls on their behalf, or to make telemarketing calls on the client’s behalf. When we perform these activities as a service provider, we use client-owned data and perform our services in line with the terms of the client’s privacy policy.

CRM Services. We may use our software and know-how to help a client better organize and manage its own customer data, or to use its own data to determine which ads to send to which customers.

SERVICES WHERE EMAILEXPRESS COLLECTS AND USES DATA ON ITS OWN BEHALF

The Emailexpress Marketing Automation Data Cloud is what we call the data related to identified people that Emailexpress collects and uses on its own behalf. The Emailexpress Data Cloud consists of several databases where we store data that we have obtained from the different sources described above. It also includes connections to other third-party sources of data (data brokers and data sharing partners) so that we can get data at or near real time in order to inform specific ad placements. This approach means that we are using the freshest, most up-to-date data we can obtain, and it also reduces the amount of data we need to gather into one place in order to provide our services.

Personal data in the Emailexpress Marketing automation platform is collected when an individual consents to have their data used for marketing purposes. The permission is generally provided at a website or landing page where an individual provides an email address and checks a box authorizing the data to be used for marketing purposes, transferred to third parties, and augmented with other data obtained from other sources. Once we have obtained this consent, we supplement the data initially provided by the individual with additional online and offline data. Our goal is to obtain the richest and most up-to-date picture we can of individual consumers so that we can make the best possible decisions about which ad to show to which person.

We may also use data from the Emailexpress Marketing automation platform on a temporary, limited basis to evaluate potential data sharing partners. When we do one of these evaluations, it is subject to appropriate contractual terms that include that the company we are evaluating may not do anything else with the data and must delete any data that we share at the end of the evaluation.

Personal data in the Emailexpress Marketing automation platform is used for the following services:

Acquisition Email. For this service, we send client advertising by email to people who have consented to receive commercial email. These emails all comply with local laws pertaining to the sending of commercial email and include opt-out links so that recipients can request not to receive future emails. This service does not include selling data to our clients. Our clients obtain data when someone we have sent an ad to responds to the offer or makes a purchase. Then we will provide the client data showing that we advertised to that person, to show that we played a part in bringing a new customer or a new sale to the advertiser.

Acquisition Email services for a particular client often begin with an analysis of the client’s existing data in order to create a profile of the type of individual who is most likely to respond to a particular offer. We then look to the Emailexpress Marketing automation platform to find people who share those attributes but who are not already existing customers of our client and send the offer to those people.

CRM and Data Cloud Services. This service consists of loading a Emailexpress client’s customer data onto a secure Emailexpress-controlled server, and then using our software to compare the client’s data with data in the Emailexpress Marketing automation platform. In most cases, we have more data points about our client’s customers than the client has. We can use that to generate insights that the client could not produce on their own, like which existing customers would be most likely to respond to a particular ad campaign. We may sell data to an advertiser as part of this service, in the form of interest categories and inferred purchase intent data that relates to the client’s existing customers. In other words, we don’t sell our clients lists of people, but we might provide the advertiser with additional information about its existing customers that it didn’t previously have.

Online Behavioral Advertising. The data we use for Online Behavioral Advertising (OBA) is maintained in a separate database from the data in the Emailexpress Marketing automation platform. Individual profiles in the Emailexpress Marketing automation platform generally include an associated email address or other directly identifying information, where the data that we use for OBA does not include any directly identifying data. Rather, the data used for OBA is tied to a cookie ID, a mobile advertising ID, or other data related to a specific device, like a computer, smartphone or smart TV.

When you visit different sites on the internet, different companies place cookies on your device, and use these to obtain information about the sites you visit, the ads you respond to, and the online purchases you make. Through a process known as “cookie matching” different companies (data sharing partners) can either sell or exchange different bits of this data. By stitching together bits of data from lots of different sources, we are able to create a rich and up-to-date data set that enables us to make predictions about what ad is likely to appeal to a specific person, or which person is most likely to respond to a specific ad. Emailexpress performs cookie-matching between the data used for OBA and the Emailexpress Marketing Automation platform to enable users of our Data Cloud to leverage the interest and purchase intent data generated on the OBA side of our business. This cookie-matching means that data used for OBA could theoretically be linked to fully identifiable data, but we have internal policies against re-identifying data used for OBA.

We offer some more focused services within the broad sphere of OBA, including operating a “demand side platform,” which is a means of matching specific users to specific ads, personalizing content on a website to a users’ interests, and placing online ads across a range of websites. Please see the Emailexpress Online and Digital Service Privacy Policy, below, for more information on this service. Other focused services related to OBA are described below.

Optimization and Analytics Services. These services help our clients (generally brands and other companies that advertise online) manage their digital advertising programs. For example, we may help these businesses customize your experience when you visit their website, generate leads and manage their keyword search advertising programs. Where we can reasonably infer that a particular computer or mobile device belong to the same user or household, we may extend our Optimization and Analytics Services across those devices. We undertake these activities on behalf of our customers and subject to their respective privacy policies.

Opting-out of Online Behavioral Advertising and Data Collection by Our Cookies
To learn more about this type of targeted advertising (also called interest-based advertising), analytics services and your choices, including how to opt-out of some interest based advertising,
visit https://www.youronlinechoices.com or https://youronlinechoices.eu/, the DAA Consumer Opt-Out Page, NAI Consumer Opt-Out Page and Google’s information page.

You can also refuse or disable cookies already stored on your browser as follows:
For Edge, click here
For Internet Explorer, click here
For Mozilla Firefox, click here
For Google Chrome, click here
For Safari, click here

Below are links to information about managing your cookie preferences in common browsers:

· Google Chrome Cookies

· Mozilla Firefox Cookies

· Internet Explorer Cookies

· Safari Cookies

· Google Analytics

YOUR PRIVACY RIGHTS
Privacy laws around the world give individuals different versions of the following rights. Emailexpress allows any person to exercise the following rights no matter where they live. Emailexpress will not discriminate against you for exercising your privacy rights. Prior to fulfilling a request for a copy of data, Emailexpress is required to reasonably verify your identity. Under applicable laws, you can use an authorized agent to make a request on your behalf, but that agent must still verify your identity and demonstrate that they have been authorized to make the request. We will only use the personal data provided for this purpose (e.g. a copy of an identification document) to verify the requestor’s identity or authority to make the request.

To exercise your rights with respect to data in the Emailexpress Data Cloud by either you or an authorized agent email to info@emailexpress.io

· Data Access / Portability-you can request a copy of the data that we hold about you in an identifiable form. Note that a lot of the data that we process is not maintained in an identifiable form, and that privacy laws generally do not require companies to make data identifiable for the purpose of responding to an access request. If you make an access request, we will normally respond within 30 days if you live in Europe or Canada, or 45 days if you live elsewhere, however, if we are experiencing a high volume of requests we may take up to 90 days to respond if we tell you. You can access (or delete) data used for Online Behavioral Advertising at any time.

· Correction-you can ask us to correct data that we hold about you if it is inaccurate.

· Data Deletion-you can ask us to delete data that relates to you. As allowed by applicable laws, there may be some cases where we will decline requests for deletion, but these are rare cases.

· Objection / Restricting Processing-in some countries you have a legal right to object to processing of data about you, or to ask that such processing be restricted. To keep things simple, if you wish to exercise these rights please request to have your data deleted.

· Opt-Out of Receiving Email from Emailexpress-you can ask to be added to our global email suppression list so that we won’t send any more commercial emails to the email address you opt out.

· Opt-Out of Sales of Data-you can request that we do not make your data available to our clients for their own use. But we may still use it for analysis, or to advertise to you.

You also have the right in many countries to contact a privacy or data protection authority if you believe we are not complying with privacy laws and we have not been able to resolve the situation to your satisfaction. Many countries have a dedicated privacy / data protection authority; in the United States you can make a complaint to the U.S. Federal Trade Commission or your state Attorney General.

WHERE WE PROCESS DATA
Emailexpress is headquartered in the United States, and the majority of our services are performed in the United States and/or India. When you provide data to Emailexpress, you consent to its processing in the U.S., India, or any of our other locations around the world. Emailexpress has established internal data transfer agreements that include the EU’s Standard Contractual Clauses as our basis for enabling EU data to be handled lawfully in non-EU countries.

Our online services may collect data relating to residents of any country, but the majority of the data in the Emailexpress Data Cloud relates to residents of the United States. We may also handle client-owned data as a service provider that originates from any country.

HOW LONG WE KEEP DATA
We keep data only for the period of time needed in order to achieve our stated purposes—i.e. to match people with ads that interest them. Different data is therefore needed for different lengths of time. If you have given us data and permission to market through one of our websites or a partner website, we will continue to use your data for marketing purposes until you revoke your consent / opt out. Certain data, like your contact information, we will keep as long as it is current. Data linked to a device like a smartphone will be maintained for as long as we detect that device on websites or using mobile apps on a regular basis. But data relating to your interests and purchase intent needs to be current to be useful to us, so we are constantly refreshing such data and rely only on the past several months’ data to inform our marketing choices.

DATA SECURITY and PRIVACY BY DESIGN

Emailexpress uses commercially reasonable, industry standard practices to protect data. These include technical, physical, and organizational controls designed to prevent loss or unauthorized access to data. Our security measures are audited every year by an independent third party, and we are constantly evolving our approach to security to keep pace with emerging threats.

Emailexpress also follows the practice of “Privacy by Design,” meaning that we consider the privacy and legal implications of our products and services and ensure that they are built to standards that align to privacy requirements around the world. The Emailexpress Privacy office is headed by a Chief Data or technology Officer and includes legal and non-legal resources with significant experience in the field. These professionals provide advice and guidance to Emailexpress’s product designers, engineers, and other businesspeople on a regular basis.

HOW TO CONTACT EMAILEXPRESS GLOBAL
You can reach Emailexpress, including our Privacy Officer, by writing: Privacy, Emailexpress 4283 Express Lane, Suite 3347-808,Sarasota, Florida, 34249, or emailing privacy@Emailexpress.io.

3. ONLINE and DIGITAL SERVICES PRIVACY POLICY

Last Modified Sept 1, 2020

Emailexpress offers a suite of digital marketing services designed to help online advertisers generate a higher return on their marketing and media buying investment. In the course of providing these services, we collect, use, and disclose data about consumers like you. We have three primary lines of business: 1) behavioral advertising services (“Behavioral Advertising Services”) performed through Emailexpress’s data management platform and “demand side platform” (the “Emailexpress DSP”), 2) Optimization and Analytics Services, and 3) Audience Management Services.

The services described in this Online and Digital Services (“ODS”) Privacy Policy include data and technology assets that formerly belonged to companies known as Rocket Fuel, Boomtrain, NetMining, and Ignition One. The terms of this ODS Privacy Policy therefore address data that may have been originally collected by Emailexpress or any of those earlier companies.

This ODS Privacy Policy describes our practices regarding collection, use, and sharing of data through our online and digital services and instructions for opting out of our use of data that relates to you for interest-based advertising.

Understanding Online and Digital Services

The infrastructure of online advertising and dynamic websites is technologically complex. We want to be as transparent as we can be by explaining the range of things we do with data. We also don’t want to overwhelm you with technical details, and think it is important for our privacy policy to be understandable. We think we’ve struck the right balance, but if after reading this privacy policy you still have questions, you may contact privacy@Emailexpress.io for more information.

Our Consumer Mission

At Emailexpress, we want digital advertising to be a useful complement to your online experience. We want to deliver personalized, well-chosen ads to help you discover things that interest you—new websites, new products, new bargains. Our advertising business also helps fund the free content and services you enjoy across the Internet.

We use complex technology to pick the best ads to show, based on everything we know about the context: the ad itself, the page that needs an ad, the time of day and other external factors, and information from your browser or mobile device digital advertising identifier that we use to predict what advertising would be most relevant and interesting to you.

If we can make ads more useful and interesting for you, then we’ll also make advertising more valuable to advertisers, and your visits will make websites more money per ad, and power their investments in the websites, apps, online features and content that they provide to you for free. Our Optimization and Analytics services help websites adapt to your preferences with customized content and functionality. Fuelling ad supported free content and services is an endeavour that we are proud to be a part of, and we hope you’re equally happy with the results. But if you’re not, you may learn more about opting out of our use of your data for personalized advertisements in the section below under “Opting Out of Personalized Advertisements.”

How We Think of You

Before describing the kinds of data we collect, it’s important to understand how we think of you and other web surfers and online consumers. The Emailexpress DSP does not know you personally, and we do not need to in order to provide you with relevant advertising. We place an identifier within a cookie on your web browser or use an advertising ID generated by your mobile device. So to us you, and anyone else that uses that browser or mobile device, are just “surfer82” for example. Our cookies are called “rfihub,” “Emailexpress,” “disqus,” “boomtrain,” or “netmng,” and you can find them if you search for cookies in your browser settings.

So, when we talk about “you” in this ODA policy, we are referring to information that we have associated with one or more identifiers associated with a web browser (such as Google Chrome or Firefox) that you might use, or with an advertising ID associated with your mobile device.

Information We Collect

We collect several types of information from and about you, as described in this section. Not all of the types of data collection described below necessarily apply to you—it depends on your browser and device settings and which online services or content you access.

We operate an online advertising service that helps advertisers customize, target and report on the advertisements we purchase on their behalf across third party websites and mobile applications. While purchasing these ads across third party websites and mobile apps, we collect information about the sites that you and others may visit, the mobile apps that you may use, the precise location of your mobile device such as the GPS coordinates (based on the consent you provided to the app), and the searches that you and others may conduct while online in order to serve advertisements that we believe are relevant to your interests. Where we can reasonably infer that a particular computer and mobile device belong to the same user or household, we may extend our advertising campaigns across those devices, serving advertising across multiple browsers or devices (sometimes called cross-device advertising). We also work with third-party data companies that help us tailor ads.

When you visit one of our advertiser’s websites or mobile applications (“apps”), or the websites or apps where we display advertisements, we collect information about your activity on that site (such as the page viewed or the advertising that you clicked on) or the location of your device, in order to show you relevant advertising (e.g., for local events), control how many times you may see the same advertisement, in addition to providing advertisers aggregate metrics that help them pay publishers for displaying this advertising

We collect information about your device, such as unique device identifier, browser type and language, and about your connectivity, such as the IP address, the server your computer is logged into, and the operating system information. We collect information such as the URLs you visit, the date, time, and duration of your visit to each page, and certain commercially relevant keywords pertaining to the searches you conduct (e.g. “shoes”). When we provide Optimization and Analytics Services to our customers, we also collect information about your activities on our customers’ websites.

We collect information about our interactions with you, such as which ads we’ve shown, and on which pages, and whether you responded to those ads by interacting with them.

To learn about the ads you might like or dislike, we may also ask you questions directly—for example, we may provide a survey via an online ad that asks about which ads, products, or brands you like or dislike.

We collect information about our partners’ interactions with you—for example, by placing pixels on an advertiser’s web page that let us know if you ultimately purchased an item after we ran an advertising campaign that showed you an ad. We obtain data from other companies that also use cookie or device identifiers to share similar information that they have collected about you with us. For example, we may partner with other companies to learn the kinds of products you like to buy online.

As part of our Optimization and Analytics Services and our Audience Management Services, we may collect names, email addresses and postal addresses as part of an online lead generation campaign or an email marketing campaign on behalf of one of our clients. We don’t make independent use of such data, but use it only as directed by our client, and ensure that this information is appropriately safeguarded and segregated from data collected pursuant to our Behavioural Advertising Services.

We store all this information in a profile in our database.

About Health Data. We do not use data about you from your health care providers or insurers unless you have consented for them to use your data to advertise to you. We may infer certain non-sensitive health related interests from the sites you visit and the ads you interact with. We do not use data relating to cancer, mental illness, sexually-transmitted diseases, or children’s diseases (other than over-the-counter ailments) to select or deliver advertising unless our client has obtained your consent for the use of that data. (Click here for a list of our standard health segments.)

About Political Data. We do not have information about how you voted. We infer political interests from the sites your browser or device visits and the ads you interact with, and we can combine this with general geo-location data obtained from your IP address to determine, for instance, that you are a likely voter for a particular party in a specific congressional district, based on publicly available voter registration data. (Click here for a list of our political segments.)

Data Retention and Security

Emailexpress DSP deletes user profiles in our database after 90 days of inactivity. This means that if we have not had an opportunity to show a consumer an ad, observed a visit from a consumer to a website that includes a Emailexpress DSP pixel, or received new information from one of our partners about a consumer, we will delete the user ID associated with that consumer. We see activity from a broad range of different places on the Internet, and the 90-day period restarts every time we have an interaction with you. So as a practical matter, if you want to opt out of our cookie and device-based data collection, you should follow the steps to opt out described below.

Data that we compile for purposes like reporting, attribution and fraud detection will be retained for up to 30 months.

We use physical, administrative, and industry standard technical safeguards that are designed to protect the information that we collect and maintain.

How We Use Information

We use the information that we collect directly or receive from other companies to find patterns that help us select better ads to serve you at any given moment. For example, we might learn that an ad for mp3 downloads is attractive to people who’ve previously clicked ads for mp3 players, or we might learn that a coffee ad works better in the morning. Our technology can test millions of possibilities along these lines and build models using huge amounts of data to predict responses to advertising.

We match information relating to devices and browsers with other companies through a process called “cookie matching.” The “cookie matching” process synchronizes two IDs belonging to different companies in a way that makes it easier to serve advertising online, without the need to share other pieces of information about the ID. In other words, this process enables two or more companies can take coordinated action with respect to your device or browser without needing to share with each other what each respectively knows about you.

We perform cookie matching between the different cookies that Emailexpress uses. By doing this we are able to stitch together all of the information that we have across the different parts of our company to create the fullest possible picture of a consumer. That does not mean we combine all this data into a single database—we don’t, and there is a good reason for this: the data we use for OBA does not include directly identifiable data, and so while cookie matching allows us to augment what we already know about identified users with data from their online experiences, we do not merge identifiable data into the data we use for OBA.

We make inferences from the data we assemble from these different sources in order to show you advertisements for products or services that we think may interest you. We sort your device/browser into interest or purchase intent “segments” such as “Footwear > Sports & Fitness > Indoor Fitness”

We also use the information we collect to measure effectiveness of ads on behalf of our advertisers and publishers.

We may also predict whether different identifiers associated with different browsers and different devices, like a laptop, a phone or a tablet, may belong to one person or household, and then link the activity we see across those devices into a common profile. We call this a “device graph.” We believe this helps us serve you better advertisements, control how many times you may see the same ad and provide better service to our advertisers. We make these predictions based on the device and cookie identifiers and associated interest and intent information that we receive from our third-party partners, as described above.

As part of our Optimization services we gather information about how you interact with different areas of a website and use this to customize website content for you in future visits, or even the same visit.

Information Sharing

We produce reports and analytics for our clients regarding the performance of their advertising campaigns and regarding the characteristics of people that were responsive to the ads, but we do not share the online profiles of individuals that our technology generates for commercial purposes.

On the other hand, we may share any information we hold when we believe that we are required to do so by law (including legal processes like subpoenas, warrants or court orders), or as we believe necessary to protect the health, safety, or legal rights of any person.

Finally, we may transfer information to a successor or assignee in connection with a corporate change in control such as a merger or acquisition or other transaction.

Opting Out of Personalized Advertisements

You can click here to opt out of interest-based advertising from Emailexpress DSP. If you opt out of interest-based advertising from Emailexpress DSP, then we will opt you out for all the identifiers or devices that we have associated with you at the time of the opt out request. We use a predictive process to associate identifiers and devices and do not know definitively all devices or browsers that you may use, so that process is not guaranteed to be error free. If you want to be completely thorough, we recommend that you use this opt out process for each device and browser you use.

Emailexpress DSP complies with the Self-Regulatory Principles for Online Behavioral Advertising as managed by the Digital Advertising Alliance (DAA). You may opt out of receiving personalized advertisements by DAA members via the DAA website here.

Emailexpress DSP is integrated with the DAA’s AppChoices, which allows consumers to download and manage their privacy preferences in a mobile environment. You may download DAA’s AppChoices mobile app on your iOS or Android device in order to exercise choice regarding the collection of application activity for interest-based advertising. Links to those applications are below:

• DAA AppChoices iOS
• DAA AppChoices Android
• Ad Privacy Manager iOS
• Ad Privacy Manager Android

What happens when I opt out?

An opt-out in any of the tools listed here will have the same effect, and you do not need to make an opt out selection using more than one method (we have to list them all as a condition of being members of these groups). If you opt out of interest-based advertising, you’ll still see ads from us online, but they may not be tailored to your interests. Note that we’ll still maintain a cookie on your computer to note the fact that you’ve opted out. That opt-out cookie is associated with a particular computer and browser. So, for example, if you get a new computer, install a new browser, or clear your cookies, you’ll need to opt-out again if you still do not want interest-based advertising. Our opt-out cookies never expire. If you change your mind, click here to opt back in.

Our Policy Regarding Children

Emailexpress DSP does not knowingly collect or solicit information from anyone under 16 years of age. Our services are directed to businesses – advertisers and their agencies – and are not directed to children under 16. If we learn that we have collected personal information of a child under 16 without parental consent, we will delete such information. If you believe that we might have any information from a child younger than 16, please contact us as set forth below.

Personal Data Relating to European Union Residents

Emailexpress utilizes the EU’s Standard Contractual Clauses as its basis for transferring EU data to the United States for processing.

Under certain circumstances, Emailexpress may be required to disclose personal information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

Emailexpress maintains reasonable and appropriate security measures to protect personal information from loss, misuse, unauthorized access, disclosure, alteration, or destruction. We use physical, administrative, and industry standard technical safeguards that are designed to protect the information that we collect and maintain.

You have the right to obtain our confirmation of whether we maintain personal information relating to you. You may also may view, get a copy, or delete the personal information we hold about you for online behavioral advertising purposes by visiting this page.

Your right to access your personal information may be restricted in exceptional circumstances, including, but not limited to, when the burden or expense of providing this access would be disproportionate to the risks to your privacy in the case in question, or when the rights of persons other than you would be violated by the provision of such access. If we determine that your access should be restricted in a particular instance, we will provide you with an explanation of our determination and respond to any inquiries you may have.

You can direct any questions or complaints about the use or disclosure of your personal information to the Emailexpress Privacy office by email to: privacy@Emailexpress.io. Emailexpress will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your personal information within 45 days of receiving your complaint.

If you are unsatisfied with the resolution of your complaint, you may contact your local data protection authority here.

Contacting Emailexpress

If you have any questions, please contact privacy@Emailexpress.io or send mail to:

Emailexpress
c/o Privacy / Legal
4283 Express Lane

Suite 3347-808,

Sarasota, Florida, 34249 USA

Changes to this Policy Statement

We reserve the right to amend this policy statement from time to time. The effective date of the current version will be posted at the top of this page.

Opt Out Page:

Please click here to opt out of personalized ads based on Emailexpress DSP cookies.

Please click here to opt out of personalized ads based on Emailexpress DSP cookies, Click here to opt out of data collection via our netmng cookies.

Please click here to opt out of personalized ads based on Emailexpress DSP cookies, or https://optout.aboutads.info/?lang=EN&c=2 to opt out of other personalized advertising via the DAA’s opt-out page.

If you opt out, you’ll still see ads from us online, and we’ll still do our best to serve the most relevant ads we can, but we will know less about your interests and purchase behavior. Note that we’ll still maintain two cookies on your computer to track that you’ve opted out—two because we have two domains from which we serve cookies. These opt-out cookies (like all cookies) are associated with a particular computer and browser. So, for example, if you get a new computer, install a new browser, or clear your cookies, you’ll need to opt-out again. If you have your browser set to reject all cookies, then it cannot accept our opt-out cookie.