Privacy & Terms
Legal Info
FlashIssue Terms of Service
The gist:
We (the folks at Automailtion LLC ) run a curation and email newsletter service called Flashissue.com and would love for you to use it. Our basic service is free, and we offer paid upgrades for advanced features & services such as curation services and bulk emailing your newsletter for you. Our service (collectively, “FlashIssue” or the “Service”) is designed to give you as much control and ownership over what goes on your emails as possible and encourage you to express yourself freely. However, be responsible in what you publish. In particular, make sure that none of the prohibited items listed below appear on the website or in your emails. If you are using curated content you must comply with the terms and conditions of all of the sites where the content originally appears. You are also responsible for obtaining the rights to any photos, videos or any other content that you use in your emails.
Terms of Service:
The following terms and conditions govern all use of the Service and all content, features and products available at or through the Service. The Service is owned and operated by Automailtion LLC (“Flash Issue”). The Service is offered subject to your acceptance without modification of all of the terms and conditions contained herein and all other operating rules, policies (including, without limitation, FlashIssue’s Privacy Policy) and procedures that may be published from time to time on this Site by Flash Issue (collectively, the “Agreement”).
Please read this Agreement carefully before accessing or using the Service. By accessing or using any part of the Service, you agree to become bound by the terms and conditions of this agreement. If you do not agree to all the terms and conditions of this agreement, then you may not access the Service or use any services. If these terms and conditions are considered an offer by FlashIssue, acceptance is expressly limited to these terms. The Service is available only to individuals who are at least 18 years old.
You may not access the Services if You are Our direct competitor, except with Our prior written consent. In addition, You may not access the Services for purposes of monitoring their availability, performance or functionality, or for any other benchmarking or competitive purposes.
This Agreement was last updated on November 19, 2015. It is effective between You and Us as of the date of You accepting this Agreement.
Table of Contents
1. Definitions
2. Purchased Services
3. Use of the Services
4. Non-Flash Issue Providers
5. Fees and Payment for Purchased Services
6. Proprietary Rights
7. Confidentiality
8. Warranties and Disclaimers
9. Mutual Indemnification
10. Limitation of Liability
11. Term and Termination
12. Who You Are Contracting With, Notices, Governing Law and Jurisdiction
13. General Provisions
1. DEFINITIONS
“Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common control with the subject entity. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
“Malicious Code” means viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs.
“Non-Flash Issue Applications” means online applications and offline software products that are provided by entities or individuals other than Us and are clearly identified as such, and that interoperate with the Services, including but not limited to those identified as Flash Issue connectors.
“Order Form” means the documents or online forms for placing orders hereunder, including addenda thereto, that are entered into between You and Us or any of Our Affiliates from time to time, including addenda and supplements thereto. By entering into an Order Form hereunder, an Affiliate agrees to be bound by the terms of this Agreement as if it were an original party hereto. Order Forms shall be deemed incorporated herein by reference.
“Purchased Services” means Services that You or Your Affiliates purchase under an Order Form, as distinguished from those provided pursuant to a free trial.
“Services” means the products and services that are ordered by You under an Order Form and made available by Us online via the customer login link at https://www.Flashissue.com and/or other web pages designated by Us, including associated offline components, as described in the User Guide. “Services” exclude Non-Flash Issue Applications.
“User Guide” means the online user guide for the Services, accessible at https://flashissue.zendesk.com as updated from time to time. You acknowledge that You have had the opportunity to review the User Guide.
“Users” means individuals who are authorized by You to use the Services, and who have been supplied user identifications and passwords by You (or by Us at Your request). Users may include but are not limited to Your employees, consultants, contractors and agents, and third parties with which You transact business.
“We,” “Us” or “Our” means the Flash Issue company described in Section 13 (Who You Are Contracting With, Notices, Governing Law and Jurisdiction).
“You” or “Your” means the company or other legal entity for which you are accepting this Agreement, and Affiliates of that company or entity.
“Your Data” means all electronic data or information submitted by You to the Purchased Services.
“Active User” means users who have logged in and sent one or more emails.
2. PURCHASED SERVICES
2.1. Provision of Purchased Services. We shall make the Purchased Services available to You pursuant to this Agreement and the relevant Order Forms during a subscription term. You agree that Your purchases hereunder are neither contingent on the delivery of any future functionality or features nor dependent on any oral or written public comments made by Us regarding future functionality or features.
3. USE OF THE SERVICES
3.1. Our Responsibilities. We shall: (i) provide Our basic support for the Purchased Services to You at no additional charge, and/or upgraded support if purchased separately, (ii) use commercially reasonable efforts to make the Purchased Services available 24 hours a day, 7 days a week, except for: (a) planned downtime (of which We shall give at least 8 hours notice via the Purchased Services and which We shall schedule to the extent practicable during the weekend hours from 6:00 p.m. Friday to 3:00 a.m. Monday Pacific Time), or (b) any unavailability caused by circumstances beyond Our reasonable control, including without limitation, acts of God, acts of government, floods, fires, earthquakes, civil unrest, acts of terror, strikes or other labor problems (other than those involving Our employees), Internet service provider failures or delays, or denial of service attacks, and (iii) provide the Purchased Services only in accordance with applicable laws and government regulations.
3.2. Our Protection of Your Data. We shall maintain appropriate administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Your Data. We shall not (a) modify Your Data, (b) disclose Your Data except as compelled by law in accordance with Section 8.3 (Compelled Disclosure) or as expressly permitted in writing by You, or (c) access Your Data except to provide the Services and prevent or address service or technical problems, or at Your request in connection with customer support matters.
- Account information: In using the varied features of the Service, you may provide information (such as name, contact information, or other registration information) to Us. We may use this information and any technical information about your use of the Services to tailor its presentations to you, recommend content, facilitate your movement through the Service, or communicate separately with you.
3.3. Your Responsibilities. You shall (i) be responsible for Users’ compliance with this Agreement, (ii) be responsible for the accuracy, quality and legality of Your Data and of the means by which You acquired Your Data, (iii) use commercially reasonable efforts to prevent unauthorized access to or use of the Services, and notify Us promptly of any such unauthorized access or use, and (iv) use the Services only in accordance with the User Guide and applicable laws and government regulations. You shall not (a) make the Services available to anyone other than Users, (b) sell, resell, rent or lease the Services, (c) use the Services to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights, (d) use the Services to store or transmit Malicious Code, (e) interfere with or disrupt the integrity or performance of the Services or third-party data contained therein, or (f) attempt to gain unauthorized access to the Services or their related systems or networks.
3.4. Usage Limitations And fair use. Services may be subject to other limitations, such as, for example, limits on disk storage space, on the number of calls You are permitted to make against Our application programming interface, and, for Services that enable You to provide public websites, on the number of page views by visitors to those websites. Any such limitations are specified in the Order Form. The Services provide real-time information to enable You to monitor Your compliance with such limitations.
We reserves the right to review usage of unlimited usage plans to ensure that you are not abusing such plans. You agree to use unlimited email plans for normal email campaigns and will not employ methods or devices to take advantage of unlimited plans by using Services excessively or for means not intended by us. We may terminate service immediately if we determine, in our sole discretion, you are abusing the unlimited Service plans.
For purposes of this policy and our Service, “unlimited usage” means the combined number of emails sent, as determined by us in our sole discretion. We reserve the right to at any time to enforce this policy in accordance with its terms. You agree that your level of usage of our unlimited Service plans will be comparable to that of the average small business customer utilizing such plans. We deem usage that substantially exceeds the average volume of its other unlimited usage plan customers as abusive. You agree that We have the right to terminate your service or charge you additional fees if your usage is considered abusive in the sole discretion of Flash Issue.
If it is determined that your usage is abusive, you agree to pay a per email fee of use in excess of those levels AT THE THEN-CURRENT RATE ESTABLISHED BY Flash Issue, which is currently $0.01 per recipient and, at our sole option, your service will be immediately terminated. THIS OVERAGE FEE APPLIES TO ALL SERVICES INCLUDING THE UNLIMITED PLANS.
3.5 Responsibility of Contributors. If you post material to the Service for use in emails or on the website, post links on the website, or otherwise make (or allow any third party to make) material available by means of the Service (any such material, “Content”), You are entirely responsible for the content of, and any harm resulting from, that Content. That is the case regardless of whether the Content in question constitutes text, graphics, an audio file, or computer software. By making Content available, you represent and warrant that:
- the downloading, copying and use of the Content will not infringe the proprietary rights, including but not limited to the copyright, patent, trademark or trade secret rights, of any third party;
- if your employer has rights to intellectual property you create, you have either (i) received permission from your employer to post or make available the Content, including but not limited to any software, or (ii) secured from your employer a waiver as to all rights in or to the Content;
- you have fully complied with any third-party licenses relating to the Content, and have done all things necessary to successfully pass through to end users any required terms;
- the Content does not contain or install any viruses, worms, malware, Trojan horses or other harmful or destructive content;
- the Content is not spam, is not machine- or randomly-generated, and does not contain unethical or unwanted commercial content designed to drive traffic to third party sites or boost the search engine rankings of third party sites, or to further unlawful acts (such as phishing) or mislead recipients as to the source of the material (such as spoofing);
- the Content is not pornographic, does not contain threats or incite violence towards individuals or entities, and does not violate the privacy or publicity rights of any third party;
- your emails are not named in a manner that misleads your readers into thinking that you are another person or company.
3.6 By Submitting Content to Flash Issue for inclusion in the Service, you grant Flash Issue a worldwide, royalty-free, and non-exclusive license to reproduce, modify, adapt and publish the content solely for the purpose of displaying, distributing and promoting your emails.
3.7 Our Responsibility for Content.
- We do not guarantee the accuracy or integrity of content used in the Service and We cannot be held liable for any damages arising from the use of such content.
- We strive to comply with the terms of service of other third party APIs and sites being used within its platform. No rich media content such as video, photos or other similar content is stored on our servers, except for images you elect to upload for use in your emails (for example, the banner image). We only provide links to the rich media content. We bear no responsibility for the content, or liability for the reposting of the content, contained in those links and We cannot be held liable for any damages arising from the use of such content.
- Without limiting any of those representations or warranties, We have the right (though not the obligation) to, in our sole discretion (i) refuse or remove any content that, in our reasonable opinion, violates any of our policy or is in any way harmful or objectionable, or (ii) terminate or deny access to and use of the Service to any individual or entity for any reason, in our sole discretion. We will have no obligation to provide a refund of any amounts previously paid.
3.8 Rules for Email Compliance. Users of the Service must adhere to the rules of the Federal CAN-SPAM act and Our Privacy Policy when sending emails through the Service. Accordingly, we require that emails sent through the Service: (a) must contain a one-click unsubscribe link and (b) must contain non-Internet contact information of the sender, such as your company’s address, or your company’s phone number. We add this to the footer of every campaign, and it can be edited in your “Account” settings.
3.9 Anti-Spam and Abuse Related Rules. You agree to the following: Definition of SPAM: We have adopted the definition of Spam set forth on the Spamhaus website https://www.spamhaus.org/definition.html
Delivery: You agree to pay for all emails you send from your account, even if messages are blocked by any third party (we have no control over your recipients’ email servers, ISP availability, personal spam filter settings, etc).
3.10 3rd party email delivery. If you are using a 3rd party integrated service provider to send your emails using our Service, then you are bound by the rules & regulations of that service provider. You also accept that We can not be held responsible for any part of the delivery process.
4. NON-FLASH ISSUE PROVIDERS
4.1. Acquisition of Non-Flash Issue Products and Services. We or third parties may from time to time make available to You (e.g., through connectors) third-party products or services, including but not limited to Non-Flash Issue Applications and implementation, customization and other consulting services. Any acquisition by You of such non-Flash Issue products or services, and any exchange of data between You and any non-Flash Issue provider, is solely between You and the applicable non-Flash Issue provider. We do not warrant or support non-Flash Issue products or services, whether or not they are designated by Us as “certified” or otherwise, except as specified in an Order Form. Subject to Section 4.3 (Integration with Non-Flash Issue Services), no purchase of non-Flash Issue products or services is required to use the Services except a supported computing device, operating system, web browser and Internet connection.
4.2. Non-Flash Issue Applications and Your Data. If You install or enable Non-Flash Issue Applications for use with Services, You acknowledge that We may allow providers of those Non-Flash Issue Applications to access Your Data as required for the interoperation of such Non-Flash Issue Applications with the Services. We shall not be responsible for any disclosure, modification or deletion of Your Data resulting from any such access by Non-Flash Issue Application providers. The Services shall allow You to restrict such access by restricting Users from installing or enabling such Non-Flash Issue Applications for use with the Services.
4.3. Integration with Non-Flash Issue Services. The Services may contain features designed to interoperate with Non-Flash Issue Applications (e.g., Google, Olark or other applications). To use such features, You may be required to obtain access to such Non-Flash Issue.com Applications from their providers. If the provider of any such Non-Flash Issue Application ceases to make the Non-Flash Issue Application available for interoperation with the corresponding Service features on reasonable terms, We may cease providing such Service features without entitling You to any refund, credit, or other compensation.
5. FEES AND PAYMENT FOR PURCHASED SERVICES
5.1. Fees. You shall pay all fees specified in all Order Forms hereunder. Except as otherwise specified herein or in an Order Form, (i) fees are based on services purchased and not actual usage, and (ii) payment obligations are noncancelable and fees paid are non-refundable. Services subscription fees are based on annual, quarterly or monthly periods as specified in the Order Form that begin on the subscription start date and each annual, quarterly, or monthly anniversary thereof; therefore, fees for Services subscriptions added in the middle of the specified annual, quarterly, or monthly period will be charged pro-rata for that period and the periods remaining in the subscription term.
- Changes: We reserves the right to change our fees at any time by posting a new fee structure to our Service and/or sending you a notification of the change by email.
5.2. Invoicing and Payment. You will provide Us with valid and updated credit card information, valid ACH information, or with a valid purchase order or alternative document reasonably acceptable to Us. If You provide credit card information to Us, You authorize Us to charge such credit card for all Services listed in the Order Form for the initial subscription term and any renewal subscription term(s) as set forth in Section 11.2 (Term of Purchased Services Subscriptions). Such charges shall be made in advance, either monthly, annually or in accordance with any different billing frequency stated in the applicable Order Form.
Pay as You Go Plans: You may buy Email Credits to use Flashissue instead of signing up for a monthly plan. Email Credits for Pay as You Go (prepaid) accounts roll over and don’t expire, but if you’re inactive for any period of more than 3 months your account may be terminated and deleted. In this event you are not entitled to receive any refund for unused credits.
Flat Rate Plans: You may sign up for a Flat Rate Plan that offers a recurring number of email credits each month for a single one-time payment. Changing to another plan like a Monthly plan, Pay As You Go plan or another Flat Rate plan will terminate your current Flat Rate plan. No credit will be given for the plan and moving back to the plan will require another payment. Similarly, if you’re inactive for any period of more than 3 months your account may be terminated and deleted and you are not entitled to receive any refund or account credit.
If the Order Form specifies that payment will be by a method other than a credit card, We will invoice You in advance and otherwise in accordance with the relevant Order Form. Unless otherwise stated in the Order Form, invoiced charges are due net 30 days from the invoice date. You are responsible for providing complete and accurate billing and contact information to Us and notifying Us of any changes to such information.
5.3. Overdue Charges. If any charges are not received from You by the due date, then at Our discretion, (a) such charges may accrue late interest at the rate of 1.5% of the outstanding balance per month, or the maximum rate permitted by law, whichever is lower, from the date such payment was due until the date paid, and/or (b) We may condition future subscription renewals and Order Forms on payment terms shorter than those specified in Section 5.2 (Invoicing and Payment).
5.4. Suspension of Service and Acceleration. If any amount owing by You under this or any other agreement for Our services is 30 or more days overdue (or 10 or more days overdue in the case of amounts You have authorized Us to charge to Your credit card), We may, without limiting Our other rights and remedies, accelerate Your unpaid fee obligations under such agreements so that all such obligations become immediately due and payable, and suspend Our services to You until such amounts are paid in full. We will give You at least 7 days’ prior notice that Your account is overdue, in accordance with Section 12.2 (Manner of Giving Notice), before suspending services to You.
5.5. Payment Disputes. We shall not exercise Our rights under Section 5.3 (Overdue Charges) or 5.4 (Suspension of Service and Acceleration) if You are disputing the applicable charges reasonably and in good faith and are cooperating diligently to resolve the dispute.
5.6 Support: Upgrade Services include access to priority email support. “Email support,” means the ability to make requests for technical support assistance by email at any time (We will make reasonable efforts to respond within one business day) concerning the use of the Upgrade Services. “Priority” means that support for paying customers takes priority over support for users of any free Service. All Upgrade Services support will be provided in accordance with Our standard practices, procedures and policies.
5.7. Taxes. Unless otherwise stated, Our fees do not include any taxes, levies, duties or similar governmental assessments of any nature, including but not limited to value-added, sales, use or withholding taxes, assessable by any local, state, provincial, federal or foreign jurisdiction (collectively, “Taxes”). You are responsible for paying all Taxes associated with Your purchases hereunder. If We have the legal obligation to pay or collect Taxes for which You are responsible under this paragraph, the appropriate amount shall be invoiced to and paid by You, unless You provide Us with a valid tax exemption certificate authorized by the appropriate taxing authority. For clarity, We are solely responsible for taxes assessable against it based on Our income, property and employees.
6. PROPRIETARY RIGHTS
6.1. Reservation of Rights in Services. Subject to the limited rights expressly granted hereunder, We reserve all rights, title and interest in and to the Services, including all related intellectual property rights. No rights are granted to You hereunder other than as expressly set forth herein.
6.2. Restrictions. You shall not (i) permit any third party to access the Services except as permitted herein or in an Order Form, (ii) create derivate works based on the Services except as authorized herein, (iii) copy, frame or mirror any part or content of the Services, other than copying or framing on Your own intranets or otherwise for Your own internal business purposes, (iv) reverse engineer the Services, or (v) access the Services in order to (a) build a competitive product or service, or (b) copy any features, functions or graphics of the Services.
6.3. Your Applications and Code. If You, a third party acting on Your behalf, or a User creates applications or program code using the Services, You authorize Us to host, copy, transmit, display and adapt such applications and program code, solely as necessary for Us to provide the Services in accordance with this Agreement. Subject to the above, We acquire no right, title or interest from You or Your licensors under this Agreement in or to such applications or program code, including any intellectual property rights therein.
6.4. Your Data. Subject to the limited rights granted by You hereunder, We acquire no right, title or interest from You or Your licensors under this Agreement in or to Your Data, including any intellectual property rights therein.
6.5. Suggestions. We shall have a royalty-free, worldwide, irrevocable, perpetual license to use and incorporate into the Services any suggestions, enhancement requests, recommendations or other feedback provided by You, including Users, relating to the operation of the Services.
6.6. Federal Government End Use Provisions. We provide the Services, including related software and technology, for ultimate federal government end use solely in accordance with the following: Government technical data and software rights related to the Services include only those rights customarily provided to the public as defined in this Agreement. This customary commercial license is provided in accordance with FAR 12.211 (Technical Data) and FAR 12.212 (Software) and, for Department of Defense transactions, DFAR 252.227-7015 (Technical Data – Commercial Items) and DFAR 227.7202-3 (Rights in Commercial Computer Software or Computer Software Documentation). If a government agency has a need for rights not conveyed under these terms, it must negotiate with Us to determine if there are acceptable terms for transferring such rights, and a mutually acceptable written addendum specifically conveying such rights must be included in any applicable contract or agreement.
7. CONFIDENTIALITY
7.1. Definition of Confidential Information. As used herein, “Confidential Information” means all confidential information disclosed by a party (“Disclosing Party”) to the other party (“Receiving Party”), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Your Confidential Information shall include Your Data; Our Confidential Information shall include the Services; and Confidential Information of each party shall include the terms and conditions of this Agreement and all Order Forms, as well as business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such party. However, Confidential Information (other than Your Data) shall not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party.
7.2. Protection of Confidential Information. The Receiving Party shall use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but in no event less than reasonable care) (i) not to use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement, and (ii) except as otherwise authorized by the Disclosing Party in writing, to limit access to Confidential Information of the Disclosing Party to those of its and its Affiliates’ employees, contractors and agents who need such access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections no less stringent than those herein. Neither party shall disclose the terms of this Agreement or any Order Form to any third party other than its Affiliates and their legal counsel and accountants without the other party’s prior written consent.
7.3. Compelled Disclosure. The Receiving Party may disclose Confidential Information of the Disclosing Party if it is compelled by law to do so, provided the Receiving Party gives the Disclosing Party prior notice of such compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure. If the Receiving Party is compelled by law to disclose the Disclosing Party’s Confidential Information as part of a civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the receiving Party for its reasonable cost of compiling and providing secure access to such Confidential Information.
8. WARRANTIES AND DISCLAIMERS
8.1. Our Warranties. We warrant that (i) We have validly entered into this Agreement and have the legal power to do so, (ii) the Services shall perform materially in accordance with the User Guide, (iii) subject to Section 4.3 (Integration with Non-Flash Issue Services), the functionality of the Services will not be materially decreased during a subscription term, and (iv) We will not transmit Malicious Code to You, provided it is not a breach of this subpart (v) if You or a User uploads a file containing Malicious Code into the Services and later downloads that file containing Malicious Code. For any breach of a warranty above, Your exclusive remedy shall be as provided in Section 11.3 (Termination for Cause) and Section 11.4 (Refund or Payment upon Termination) below.
8.2. Your Warranties. You warrant that You have validly entered into this Agreement and have the legal power to do so.
8.3. Disclaimer. EXCEPT AS EXPRESSLY PROVIDED HEREIN, NEITHER PARTY MAKES ANY WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW.
8.4. Non-GA Services. From time to time We may invite You to try, at no charge, Our products or services that are not generally available to Our customers (“Non-GA Services“). You may accept or decline any such trial in Your sole discretion. Any Non-GA Services will be clearly designated as beta, pilot, limited release, developer preview, non-production or by a description of similar import. Non-GA Services are provided for evaluation purposes and not for production use, are not supported, may contain bugs or errors, and may be subject to additional terms. NON-GA SERVICES ARE NOT CONSIDERED ”SERVICES” HEREUNDER AND ARE PROVIDED ”AS IS” WITH NO EXPRESS OR IMPLIED WARRANTY. We may discontinue Non-GA Services at any time in Our sole discretion and may never make them generally available.
9. MUTUAL INDEMNIFICATION
9.1. Indemnification by Us. We shall defend You against any claim, demand, suit, or proceeding made or brought against You by a third party alleging that the use of the Services as permitted hereunder infringes or misappropriates the intellectual property rights of a third party (a “Claim Against You”), and shall indemnify You for any damages, attorney fees and costs finally awarded against You as a result of, and for amounts paid by You under a court-approved settlement of, a Claim Against You; provided that You (a) promptly give Us written notice of the Claim Against You; (b) give Us sole control of the defense and settlement of the Claim Against You (provided that We may not settle any Claim Against You unless the settlement unconditionally releases You of all liability); and (c) provide to Us all reasonable assistance, at Our expense. In the event of a Claim Against You, or if We reasonably believe the Services may infringe or misappropriate, We may in Our discretion and at no cost to You (i) modify the Services so that they no longer infringe or misappropriate, without breaching Our warranties under “Our Warranties” above, (ii) obtain a license for Your continued use of the Services in accordance with this Agreement, or (iii) terminate Your User subscriptions for such Services upon 30 days’ written notice and refund to You any prepaid fees covering the remainder of the term of such User subscriptions after the effective date of termination.
9.2. Indemnification by You. You shall defend Us against any claim, demand, suit or proceeding made or brought against Us by a third party alleging that Your Data, or Your use of the Services in breach of this Agreement, infringes or misappropriates the intellectual property rights of a third party or violates applicable law (a “Claim Against Us”), and shall indemnify Us for any damages, attorney fees and costs finally awarded against Us as a result of, or for any amounts paid by Us under a court-approved settlement of, a Claim Against Us; provided that We (a) promptly give You written notice of the Claim Against Us; (b) give You sole control of the defense and settlement of the Claim Against Us (provided that You may not settle any Claim Against Us unless the settlement unconditionally releases Us of all liability); and (c) provide to You all reasonable assistance, at Your expense.
9.3. Exclusive Remedy. This Section 9 (Mutual Indemnification) states the indemnifying party’s sole liability to, and the indemnified party’s exclusive remedy against, the other party for any type of claim described in this Section.
10. LIMITATION OF LIABILITY
10.1. Limitation of Liability. NEITHER PARTY’S LIABILITY WITH RESPECT TO ANY SINGLE INCIDENT ARISING OUT OF OR RELATED TO THIS AGREEMENT (WHETHER IN CONTRACT OR TORT OR UNDER ANY OTHER THEORY OF LIABILITY) SHALL EXCEED THE LESSER OF $500,000 OR THE AMOUNT PAID BY YOU HEREUNDER IN THE 12 MONTHS PRECEDING THE INCIDENT, PROVIDED THAT IN NO EVENT SHALL EITHER PARTY’S AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT (WHETHER IN CONTRACT OR TORT OR UNDER ANY OTHER THEORY OF LIABILITY) EXCEED THE TOTAL AMOUNT PAID BY YOU HEREUNDER. THE FOREGOING SHALL NOT LIMIT YOUR PAYMENT OBLIGATIONS UNDER SECTION 6 (FEES AND PAYMENT FOR PURCHASED SERVICES).
10.2. Exclusion of Consequential and Related Damages. IN NO EVENT SHALL EITHER PARTY HAVE ANY LIABILITY TO THE OTHER PARTY FOR ANY LOST PROFITS OR REVENUES OR FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, COVER OR PUNITIVE DAMAGES HOWEVER CAUSED, WHETHER IN CONTRACT, TORT OR UNDER ANY OTHER THEORY OF LIABILITY, AND WHETHER OR NOT THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING DISCLAIMER SHALL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW.
11. TERM AND TERMINATION
11.1. Term of Agreement. This Agreement commences on the date You accept it and continues until all Services subscriptions granted in accordance with this Agreement have expired or been terminated. We may terminate your access to all or any part of the Service at any time, with or without cause, with or without notice, effective immediately. If you wish to terminate this Agreement or your FlashIssue.com account (if you have one), you may simply discontinue using the Service, send us an email message to support(at)flashissue.com or by written notice to Automailtion LLC, 2495 Spalding Drive, Atlanta GA 30350.
11.2. Term of Purchased Services Subscriptions. Services subscriptions purchased by You commence on the start date specified in the applicable Order Form or if you are Subscribing through one of our online order form on the date you accept these Terms sand continue for the subscription term specified therein. Except as otherwise specified in the applicable Order Form, all Services subscriptions shall automatically renew for additional periods equal to the expiring subscription term or one year (whichever is shorter), unless either party gives the other notice of non-renewal at least 10 days before the end of the relevant subscription term. The per-unit pricing during any such renewal term shall be the same as that during the prior term unless We have given You written notice of a pricing increase at least 30 days before the end of such prior term, in which case the pricing increase shall be effective upon renewal and thereafter.
Billing procedures for Subscription Cancelations and Subscription changes: You are free to change your subscription plan at anytime. When you cancel your subscription plan your account will be downgraded to our free plan, you will lose your premium features immediately and there will be no refunds for unused parts of your billing period. If you were on a Pay As You Go plan unused credit will be retained on your account for future use. When upgrading or downgrading a current monthly subscription plan to another paid subscription plan you will receive a prorated credit for the unused portion of your current billing period except for Upgrades or downgrades made to Annual or Flat-Rate billing plans carry where there will no prorated credit towards the new plan.
11.3. Closing Your Account. You or Flashissue may terminate this Agreement at any time and for any reason by giving Notice to the other party. We may suspend our Service to you at any time, with or without cause. If we terminate your account without cause, we may at our discretion refund a prorated portion of your monthly prepayment or reimburse you for unused Email Credits. There may be no reimbursement for Flat Rate plans older than 12 months from date of sign up. We won’t refund or reimburse you if there’s cause, like a violation the terms described in Use Of Services.
11.4. Refund or Payment upon Termination. Upon any termination for cause by You, We shall not be obliged to refund You any prepaid fees covering the remainder of the term of all subscriptions after the effective date of termination. Upon any termination for cause by Us, You shall pay any unpaid fees covering the remainder of the term of all Order Forms after the effective date of termination. In no event shall any termination relieve You of the obligation to pay any fees payable to Us for the period prior to the effective date of termination.
11.5. Return of Your Data. Upon request by You made within 30 days after the effective date of termination of a Purchased Services subscription, We will make available to You for download a file of Your prospect Data in comma separated value (.csv) format along with attachments in their native format. After such 30-day period, We shall have no obligation to maintain or provide any of Your Data and shall thereafter, unless legally prohibited, delete all of Your Data in Our systems or otherwise in Our possession or under Our control.
11.6. Surviving Provisions. Section 65 (Fees and Payment for Purchased Services), 6 (Proprietary Rights), 7 (Confidentiality), 8.3 (Disclaimer), 9 (Mutual Indemnification), 10 (Limitation of Liability), 11.4 (Refund or Payment upon Termination), 11.5 (Return of Your Data), 12 (Who You Are Contracting With, Notices, Governing Law and Jurisdiction) and 13 (General Provisions) shall survive any termination or expiration of this Agreement.
12. WHO YOU ARE CONTRACTING WITH, NOTICES, GOVERNING LAW AND JURISDICTION
12.1. General. Who You are contracting with under this Agreement, who You should direct notices to under this:
You are contracting with Automailtion LLC, a Georgia Corporation.
Notices should be addressed to:
Automailtion LLC
1495 Spalding Drive
Atlanta GA 30350. USA
Attn: Legal Department
Support(at)flashissue.com
The governing law is Georgia and the controlling United States federal law.
The courts having exclusive jurisdiction are Atlanta, GA, U.S.A.
12.2. Manner of Giving Notice. Except as otherwise specified in this Agreement, all notices, permissions and approvals hereunder shall be in writing and shall be deemed to have been given upon: (i) personal delivery, (ii) the second business day after mailing, (iii) the second business day after sending by confirmed facsimile, or (iv) the first business day after sending by email (provided email shall not be sufficient for notices of termination or an indemnifiable claim). Billing-related notices to You shall be addressed to the relevant billing contact designated by You. All other notices to You shall be addressed to the relevant Services system administrator designated by You.
12.3. Agreement to Governing Law and Jurisdiction. Each party agrees to the applicable governing law above without regard to choice or conflicts of law rules, and to the exclusive jurisdiction of the applicable courts above.
12.4. Waiver of Jury Trial. Each party hereby waives any right to jury trial in connection with any action or litigation in any way arising out of or related to this Agreement.
13. GENERAL PROVISIONS
13.1. Export Compliance. The Services, other technology We make available, and derivatives thereof may be subject to export laws and regulations of the United States and other jurisdictions. Each party represents that it is not named on any U.S. government denied-party list. You shall not permit Users to access or use Services in a U.S.-embargoed country (currently Cuba, Iran, North Korea, Sudan or Syria) or in violation of any U.S. export law or regulation.
13.2. Anti-Corruption. You have not received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from any of Our employees or agents in connection with this Agreement. Reasonable gifts and entertainment provided in the ordinary course of business do not violate the above restriction. If You learn of any violation of the above restriction, You will use reasonable efforts to promptly notify Our Legal Department (support@flashissue.com).
13.3. Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties.
13.4. No Third-Party Beneficiaries. There are no third-party beneficiaries to this Agreement.
13.5. Waiver. No failure or delay by either party in exercising any right under this Agreement shall constitute a waiver of that right.
13.6. Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision shall be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions of this Agreement shall remain in effect.
13.7. Attorney Fees. You shall pay on demand all of Our reasonable attorney fees and other costs incurred by Us to collect any fees or charges due Us under this Agreement following Your breach of Section 5.2 (Invoicing and Payment).
13.8. Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld). Notwithstanding the foregoing, either party may assign this Agreement in its entirety (including all Order Forms), without consent of the other party, to its Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets not involving a direct competitor of the other party. A party’s sole remedy for any purported assignment by the other party in breach of this paragraph shall be, at the non-assigning party’s election, termination of this Agreement upon written notice to the assigning party. In the event of such a termination, We shall refund to You any prepaid fees covering the remainder of the term of all subscriptions after the effective date of termination. Subject to the foregoing, this Agreement shall bind and inure to the benefit of the parties, their respective successors and permitted assigns.
13.9. Entire Agreement. This Agreement, including all exhibits and addenda hereto and all Order Forms, constitutes the entire agreement between the parties and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. No modification, amendment, or waiver of any provision of this Agreement shall be effective unless in writing and either signed or accepted electronically by the party against whom the modification, amendment or waiver is to be asserted. However, to the extent of any conflict or inconsistency between the provisions in the body of this Agreement and any exhibit or addendum hereto or any Order Form, the terms of such exhibit, addendum or Order Form shall prevail. Notwithstanding any language to the contrary therein, no terms or conditions stated in Your purchase order or other order documentation (excluding Order Forms) shall be incorporated into or form any part of this Agreement, and all such terms or conditions shall be null and void.
Parts of this agreement use the a Creative Commons Sharealike license from WordPress.com.
FlashIssue Privacy Policy
FlashIssue Privacy Policy
Effective date: 26 November 2019
Your privacy is important to us. Please read this Privacy Policy carefully because it contains important information about how we handle and protect your personal data.
| Responsible entity | 1 |
|---|---|
| Main definitions | 2 |
| Your consent to the processing of personal data | 2 |
| Our role as a data controller and data processor | 2 |
| Types and purposes of personal data | 3 |
| Processing of non-personal data | 5 |
| Aggregated data | 5 |
| Our policies regarding the Records and Mailing Lists | 5 |
| Testimonials | 6 |
| Protection of personal data | 6 |
| Disclosure of personal data | 7 |
| International transfers of personal data | 8 |
| Age limitations | 8 |
| Marketing and informational notices | 9 |
| Retaining personal data | 9 |
| Your rights | 9 |
| Our compliance with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework | 10 |
| Cookies | 12 |
| Privacy Policy Changes | 15 |
| Contact us | 16 |
About this Privacy Policy
This privacy policy (the “Privacy Policy”) governs the processing of personal data collected from individual users and business entities (“you” and “your”) through the website https://www.flashissue.com and the related services (collectively, “FlashIssue”). This Privacy Policy does not apply to any third-party applications or software that integrate with FlashIssue or any other third-party products, services or businesses. FlashIssue is an online email management service that allows you to manage your email contact lists, create, send and manage newsletters, and integrate FlashIssue to your email service.
Responsible entity
The entity that is responsible for the processing of personal data through FlashIssue is Automailtion LLC having a registered business address at 1495 Spalding Drive, Atlanta GA 30350, the United States of America and a business registration number (EIN) EIN: 81-2452050 (“we”, “us”, and “our”).
Main definitions
In this Privacy Policy, you will encounter recurrent terms. For your convenience, we would like to explain what such terms mean:
- “Consent” means a freely given, specific, informed and unambiguous agreement to the processing of personal data;
- “Data controller” means the entity that determines the purposes and means of the processing of personal data;
- “Data processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the data controller;
- “Personal data” means any information relating to a natural person who can be identified, directly or indirectly, by using such information (e.g., name, address, email, phone number, and IP address);
- “Processing” means the use of personal data in any manner, including, but not limited to, collection, storage, erasure, transfer, and disclosure of personal data.
Your consent to the processing of personal data
When processing your personal data, we rely on one or more of the available lawful grounds (e.g., performing a contract with you or pursuing our legitimate business interests). However, in some cases, we may seek to obtain your consent for the processing of your personal data. For example, we may seek your prior consent for the following purposes:
- If we are required by law to do so;
- If we intend to collect other types of personal data that are not mentioned in this Privacy Policy;
- If we intend to use your personal data for the purposes that are not indicated in this Privacy Policy;
- If we would like to disclose or transfer your personal data to third parties that are not indicated in this Privacy Policy; or
- If we significantly amend this Privacy Policy.
Our role as a data controller and data processor
When processing personal data through FlashIssue, we act as a data controller and a data processor in terms of the EU General Data Protection Regulation (GDPR). Our role depends on the specific situation involving personal data as explained in detail below:
-
- We act in the capacity of a data controller when we ask you to submit your personal data that is necessary to ensure your access and use of FlashIssue (e.g., when you register your user account, browse FlashIssue, or communicate with us). In such instances, we are a data controller because we make decisions about the types of personal data that should be collected from you and the purposes for which such personal data should be used. Therefore, we comply with data controller’s obligations set forth in the GDPR and other applicable laws.
- We act in the capacity of a data processor in situations when you integrate FlashIssue to your email service, upload mailing lists, email addresses, create, update, or manage records, send newsletters, or submit any other content (collectively, the “Records”) to FlashIssue and those Records contain personal data (e.g., names and email addresses or recipients of your newsletters). We do not own, control, or make decisions about the personal data included in the Records and such personal data is processed only in accordance with your instructions. In such situations, you act as a data controller in terms of the GDPR and you are responsible for deciding what personal data should be collected and how such data should be processed. In the situations when we act in the capacity of a data processor, we comply with data processors’ obligations set forth in the GDPR and other applicable laws. In order to ensure that personal data is processed in accordance with the strictest data protection standards, we offer to conclude a data processing agreement which is incorporated by reference into our terms of use.
Types and purposes of personal data
You may interact with FlashIssue in a way that requires us to collect your personal data. The amount and type of information that we collect depends on the nature of the interaction. We comply with data minimisation principles and we collect only a minimal amount of personal data that is necessary to ensure your proper use of FlashIssue. Moreover, we make sure that the personal data that we collect is relevant for the purposes of processing. We use your personal data for specified and legitimate purposes explicitly mentioned in this Privacy Policy. In short, we will use your personal data only for the purposes of enabling you to use the full functionality of FlashIssue, maintaining and improving FlashIssue, conducting research about our business activities, administrative purposes, and replying to your enquiries. We do not process personal data in a way that is incompatible with the purposes for which such personal data was collected or subsequently authorised by you. Moreover, we put reasonable efforts to ensure that personal data is reliable for its intended use, accurate, complete, and current.
The detailed description of the types of personal data that we collect, the purposes of that personal data, and lawful bases on which we rely for processing are provided in the table below.
| Situation/Personal data | Purpose | Lawful basis |
|---|---|---|
| When you sign up and create a user account, we collect your:
• Full name; • Email address; and • A link to your profile picture (if you use Google to sign up). |
• To create and maintain your user account;
• To provide you with access to FlashIssue; • To send you updates about the services requested by you; • To send you system alert messages to let you know about temporary or permanent changes to FlashIssue, including planned outages, new features offered, version updates, point releases, major releases, abuse warnings, changes to our Privacy Policy and possibly other documents and agreements; • To ensure security of FlashIssue; • To comply with legal requirements. |
• Performing a contract with you; and
• Pursuing our legitimate business interests (to ensure security and compliance). |
| When you make payments through FlashIssue or update your billing information, we have access to your:
• Full name; • Address; • Company name (optional); • VAT number (optional); • Billing address; • Phone number (optional); • Transaction number; and • 4 last digits of your credit card. |
• To process payments;
• To bill and collect sums owed to us; • To maintain our accountancy records; • To issue invoices, receipts and notices of delinquency; • To alert you if we need a different credit card number, and to otherwise try to collect money owed; and • To comply with legal requirements. |
• Performing a contract with you; and
• Pursuing our legitimate business interests (administration and compliance). |
| When you subscribe to our newsletters, we collect your:
• Mailing address; and • Email address. |
• To deliver you the requested newsletter; and • To comply with our legal obligations regarding anti-spam laws. |
• Your consent; and
• Pursuing our legitimate business interests (compliance). |
| When you contact us by email, we collect your:
• Name; • Email address; and • Information that you provide in your message. |
▪ To respond to your enquiries;
▪ To provide you with the requested information; ▪ To provide customer support and obtain feedback. |
• Pursuing our legitimate business interests (to grow and promote our business); and
• Your consent (for optional personal data). |
| When you use FlashIssue, we collect your latest IP address that you used to connect to FlashIssue. | • To analyse, improve, and evaluate our business activities; and
• To personalise FlashIssue for your location. |
• Pursuing our legitimate business interests (to analyse and improve our business activities). |
| When you submit a testimonial, we collect your name or business name. | • To feature your testimonial on FlashIssue. | • Your consent. |
PROCESSED PERSONAL DATA
| Situation/Personal data | Purpose | Legal basis |
|---|---|---|
| When you create, import, or manage email addresses, newsletters, and other information through the Records via FlashIssue, we process any personal data that you make available in those Records, such as:
• Email addresses; and • Names. |
• To store the Records and make them available to you;
• To perform the requested operations; • To provide you with the requested services; and • To comply with legal requirements. |
• Performing a contract with you; and
• Pursuing our legitimate business interests (compliance). |
Sensitive data.We DO NOT collect, under any circumstances, any special categories of personal data (“sensitive data”) from you, such as your health information, opinion about your religious and political beliefs, racial origins, membership of a professional or trade association, or information about your sexual orientation, unless you decide to provide such sensitive data, at your own sole discretion.
Payment processing.All payments related to subscriptions to FlashIssue are processed by our third-party payment processor Stripe and subscription management service provider Recurly (collectively, the “Payment Processors”). The Payment Processors are solely responsible for handling your payments. Please note that the Payment Processors may collect from you some personal data, which will allow them to make the payments requested by you (e.g., your name, credit card details, or your payment account information). Although you make payments through FlashIssue, the Payment Processors handle all the steps in the payment process, including data collection and data processing. We have access to some of your payment data (as specified in the table above) that is necessary to maintain our accountancy records. Please note that the Payment Processors take the security of your payment transactions very seriously and make sure that their infrastructure is safe and secure.
Personal data obtained from third parties.When using FlashIssue, you can choose to permit or restrict services, functionalities, and integrations provided by third parties, including, but not limited to Google (the “Third-Party Services”). Once enabled, the providers of the Third-Party Services may share certain information with us, subject to the privacy policies of the Third-Party Services. You are strongly encouraged to check carefully the privacy settings and notices of the Third-Party Services to understand what information may be disclosed to us.
Failure to provide personal data.If you fail to provide us with the personal data when requested, we may not be able to perform the requested operation and you may not be able to use the full functionality of FlashIssue, receive the services provided through FlashIssue, or get our response.
Processing of non-personal data
Like most website operators and providers of online services, we collect non-personal data of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. Our purpose in collecting non-personal data is to better understand how you use FlashIssue. For example, we may use such data to conduct business analytics, examine and improve our business, identify and fix errors, investigate and solve security issues, and develop new products and services.
From time to time, we may release non-personal data in the aggregate, e.g., by publishing a report on trends in the usage of FlashIssue. We will not use such information for purposes that do not constitute our legitimate business interests.
Aggregated data
In case your non-personal data is combined with certain elements of your personal data in a way that allows us to identify you, we will handle such aggregated data as personal data. If your personal data is aggregated or de-identified in a way that it can no longer be associated with an identified or identifiable natural person, it will not be considered personal data and we may use it for any legitimate business purpose.
Our policies regarding the Records and Mailing Lists
Policy on permission.Our service is permission-based. That means you need permission to send to the people who receive your emails. Our permission policy is part of the Terms of Use agreed to by every subscriber and conforms to Can-Spam regulations. To send an email to someone using FlashIssue, that recipient must be either someone who is a customer, member or subscriber of your business or organisation or who has specifically asked to receive your emails by opting in or signing up in some way, or someone who has bought a product or service from you in the past 18 months.
Sender’s Responsibility.To send mailings using FlashIssue you must follow the guidelines set by the domains you are sending to regarding list management, promotion content, and sending practices. In order to prevent your mailing from being blocked, throttled, or ending up in the spam folder at recipient email providers, you must take all necessary actions to keep your subscriber list sufficiently responsive, follow the email providers’ accepted email coding practices (if you use your own custom email code), and make an effort to avoid sending promotions that are likely to be interpreted by the provider as ‘spam.’ If your mailings do not follow these guidelines they may be considered in violation of the FlashIssue privacy and permission policy. Accordingly you agree to uphold the following. If you violate any of these rules, then we may suspend or terminate your account. In this event you are not entitled to a refund of any payments you have made:
1. You will not send “spam” as defined by Spamhaus;
2. You will not purchase, rent or use 3rd party mailing lists; and
3. You will not use Flashissue to promote any of the following prohibited content: pornography, sexually explicit content, escort or dating services, pharmaceutical products, work from home, make money online, lead generation offers, online trading, gambling products, affiliate marketing, mortgage and loans, nutrition and supplements, sale or promotion of firearms, stock trading make money offers, web hosting and domain services, SEO services and list rental services.
Mailing Lists.When you create a mailing list by using FlashIssue (the “Mailing List”), we store the data on a secure server. If for some reason someone from your Mailing List contacts us directly or lodges a complaint we will forward that person’s request to you. Only our authorized employees and independent contractors have access to the Records and the Mailing Lists and we do not under any circumstances, sell your Records and Mailing Lists, market to people on your lists or share the data with anybody unless required by law.
Email Content.As you create the Records using FlashIssue, they are sent via the Internet and this means that they can be read by the server administrators as they pass around different servers. We highly recommend that your do not include confidential content in your Records. Our employees or independent contractors may, if necessary, review the content of your Records to ensure that they comply with our Terms of Use. It is our goal to provide a high quality service with good deliverability and our review process helps lessen the occurrence of spam being sent through FlashIssue which benefits all of our users.
Testimonials
We post customer testimonials on our web site which may contain personal data. We do obtain your consent via email prior to posting the testimonial to post your name along with your testimonial. To request removal of your personal information from testimonials, please contact us at support@flashissue.com.
Protection of personal data
Our security measures.We employ reasonable technical, administrative and physical safeguards to protect the confidentiality and security of your personal data. We use industry-recognized technical safeguards, such as firewalls, strong passwords, encryption, anonymisation, limited access to your personal data by our staff, and reliable data processors. We have adopted and implemented security procedures to protect your personal data from loss, misuse or unauthorized alteration.
Limited access to your personal data.We disclose your personal data only to those employees, contractors, and affiliated organizations that (i) need to know that information in order to process it on our behalf or to provide services through FlashIssue, and (ii) that have agreed not to disclose it to others. For instance, it may be necessary to disclose such information when providing curated content or creating sample email campaigns as part of our service offerings. Some of those employees, contractors and affiliated organizations may be located outside of your home country.
Security breaches.Notwithstanding our efforts, we cannot guarantee absolute or unqualified protection of this information given the open nature and resulting instability of the Internet and World Wide Web, and we make no representations or warranties as to the effectiveness of our security and assume no liability for security breaches or any failure in the security that occur outside of our reasonable control or a failure of your computer equipment, your Internet service provider or other networks and communications providers.
Single Sign On.We allow you to access FlashIssue by using the sign-in services such as Google’s OAuth. These services will authenticate your identity and provide you the option to share certain personal information with us in order to create your account and use our Service. Such information may include your name, email address and contacts in your address book so you can create the Mailing Lists by using your Google contact list or create your account.
Disclosure of personal data
We disclose your personal data to our suppliers or subcontractors (data processors), if it is necessary to ensure the proper functioning of FlashIssue and provide you with the requested services. If we disclose your personal data to third parties that are not our suppliers or subcontractors, we will seek your prior consent that can be withdrawn or limited by you at any time. Please note that you cannot limit our disclosure of your personal data to third parties, if such a disclose is necessary for (i) ensuring the performance of a contract with you or (ii) pursuing our legitimate business interests. The disclosure of your personal data is limited to the situations when such data is required for the following purposes (for other purposes, we will seek your consent and you will have the right to object):
- Ensuring the operation of FlashIssue;
- Ensuring the delivery of the services requested by you;
- Providing you with the requested information;
- Processing payments;
- Pursuing our legitimate business interests;
- Enforcing our rights, preventing fraud, and security purposes;
- Carrying out our contractual obligations;
- Law enforcement purposes; or
- If you provide your prior consent to such a disclosure.
List of data processors.We will share your personal data only with the third parties that agree to ensure an adequate level of protection of personal data that is consistent with this Privacy Policy and the applicable data protection laws. The third parties (data processors) that may have access to your personal data are specified below.
Subscription management service providerRecurlyThe United Stateshttps://recurly.comPayment processing service providerStripeThe United Stateshttps://stripe.comAnalytics service providersGoogleAnalytics
MixPanel
SegmentThe United Stateshttps://analytics.google.com
https://mixpanel.com
https://segment.comSupport service providerZendeskThe United Stateshttps://www.zendesk.com/
| Service | Name | Location | More Information |
|---|---|---|---|
| Hosting service provider | Amazon Web Services | The United States | https://aws.amazon.com |
Data processing agreements.To ensure that your personal data is processed in-line with this Privacy Policy and the strictest data protection standards, we conclude data processing agreements with all our data processors and sub-processors. Such agreements ensure that our data processors and sub-processors: (i) use personal data only for limited and specified purposes; (ii) provide at least the same level of protection for your personal data; (iii) take reasonable and appropriate steps to ensure that they effectively process the personal data in a manner consistent with our obligations; (iv) notify us if they make a determination that they can no longer meet their obligations to provide the same level of protection; and (v) take reasonable and appropriate steps to stop and remediate unauthorised processing of personal data. If requested by a public authority, we will provide a summary or a representative copy of the data processing agreement.
Sharing of non-personal data.We may disclose or use non-personal data and de-identified data for any purpose. For example, we may share it with prospects or partners for business or research purposes, for improving FlashIssue, responding to lawful requests from public authorities or developing new products and services.
Legal requests. If requested by a public authority, we will disclose information about the users of FlashIssue to the extent necessary for pursuing a public interest objective, such as national security or law enforcement.
Successors.In case our business is sold partly or fully, we will provide your personal data to a purchaser or successor entity and request the successor to handle your personal data in line with this Privacy Policy.
International transfers of personal data
Some of our data processors listed above are located outside the country in which you reside. For example, if you reside in the European Economic Area (EEA), we may need to transfer your personal data to jurisdictions outside the EEA. In case it is necessary to make such a transfer, we will make sure that the jurisdiction in which the recipient third party is located guarantees an adequate level of protection for your personal data (e.g., the country in which the recipient is located is white-listed by the European Commission or the recipient is a Privacy-Shield certified entity) or we conclude an agreement with the respective third party that ensures such protection (e.g., a data processing agreement based on the Standard Contractual Clauses provided by the European Commission).
Age limitations
We do not allow anyone younger than 18 years old to use FlashIssue. Thus, we do not knowingly collect personal data of persons below the age of 18. If you learn that anyone younger than 18 has unlawfully provided us with personal data and you are a parent or legal guardian of that person, please contact us and we will take immediate steps to delete such personal data.
Marketing and informational notices
After you subscribe for our newsletter, register a user account, or place an order, we will, from time to time, send you marketing messages, such as newsletters, brochures, promotions and advertisements, informing you about new available services or new features of FlashIssue. We will send such marketing communication only if:
- You provide your express (“opt-in”) consent to receive such marketing messages (your voluntary subscription to our newsletter constitutes such consent); or
- We would like to inform you about the services similar to the services already used by you.
Opting-out.You can opt-out from receiving marketing messages at any time free-of-charge by clicking on the “unsubscribe” link contained in any of the messages sent to you or by contacting us directly.
Informational notices.From time to time, we may send you informational notices, such as service-related, technical or administrative emails, information about your orders, FlashIssue, your privacy and security, and other important matters. Please note that we will send such notices on an “if-needed” basis and they do not fall within the scope of direct marketing communication that requires your prior consent.
Retaining personal data
Retention period.We will keep your personal data in our systems only: (i) as long as such personal data is required for the purposes described in this Privacy Policy; (ii) if we are obliged by law to store such data for certain period of time; or (iii) until you request us to delete personal data – whichever comes first. After the personal data is no longer necessary for its purposes and there is no other legal basis for storing it, we will immediately securely delete such personal data from our systems.
Retention as required by law. Please note that, in some cases, we may be obliged by law to store personal data for certain period of time (e.g., if we have to keep our accountancy records for the time period prescribed by law). In such cases, we will store personal data for the time period stipulated by the applicable law and delete the personal data as soon as the required retention period expires.
Your rights
You have the right to manage your personal data processed through FlashIssue. In instances when we act as a data controller, you may ask us to:
- Get a copy of your personal data that we store;
- Get a list of purposes for which your personal data is processed;
- Rectify inaccurate personal data;
- Move your personal data to another processor;
- Delete your personal data from our systems;
- Object and restrict processing of your personal data; and
- Withdraw your consent; orProcess your complaint regarding your personal data.
For example, you have an opportunity to choose (opt out) whether your personal data is (i) to be disclosed to a third party for purposes that are not relevant to your use of FlashIssue or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorised by you. You can do so by contacting us at support+privacy@automailtion.com Please note that, in certain situations (e.g., when a disclosure is made to a third party that is acting as an agent to perform task(s) on our behalf or under our instructions and we have entered into a contract with such party), it may not be possible to opt-out with our impairing the services provided by us.
How to exercise your rights?If you would like to exercise your rights, please contact us by email at
support+privacy@automailtion.com and explain in detail your request. In order verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information, so that we would be able to locate you in our system. We will answer your request within a reasonable timeframe but no later than 2 weeks.
Requests submitted to a data processor.We act in the capacity of a data processor with regard to the Records. You act as a data controller with regard to the Records. Therefore, we do not accommodate requests related to access, rectification, and deletion of personal data and other rights the owners of names, email addresses, and other information included in the Records. The persons that would like to exercise their rights with regard to the Records processed by us are requested to contact the respective data controller. In case we receive such requests directly from data subjects, we will not take action and inform the respective data controller without undue delay so that it could act accordingly.
How to launch a complaint?We commit to resolve any complaints that we receive about our data protection practices. If you have any inquiries or complaints regarding this Privacy Policy, you should first contact us at support+privacy@automailtion.com and explain your concern. We will respond to your claim without undue delay (no later than 2 weeks). We are further committed to refer unresolved disputes free-of-charge to you to an independent dispute resolution mechanism. We have designated an independent recourse mechanism, namely, the American Arbitration Association (AAA), as an alternative dispute resolution provider. If you are not satisfied with how we handle your claim, you can visit http://go.adr.org/privacyshield.html for more information and an opportunity to file a complaint. If you are based in the EU and would like to launch a complain about our handling of your personal data, you can contact the data protection authority in the country where you reside. We will respond expeditiously to complaints regarding our compliance referred to us by any public authority.
Our compliance with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework
Our commitment. We comply with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.
Privacy Shield Principles. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles (the “Principles”). If there is any conflict between the terms in this Privacy Policy and the Principles, the Principles shall govern. We comply with the following Principles:
- Notice. In this Privacy Policy, we notify individuals whose personal data is obtained from the EU or Switzerland about our data protection practices, including (i) the types of personal data that we collect, (ii) the purposes for which we collect and use personal data, (iii) the types of third parties to which we disclose personal data and the purposes for which we do so, (iv) an opportunity to access personal data, (v) the choices and means that we offer for limiting our use and disclosure of personal data, (vi) how our obligations under the Privacy Shield are enforced, and (vii) how you can contact us with any inquiries or complaints.
- Choice. You have an opportunity to choose (opt out) whether your personal data is (i) to be disclosed to a third party or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorised by you. You can do so by contacting us at support+privacy@automailtion.com.. Please note that, in certain situations (e.g., when a disclosure is made to a third party that is acting as an agent to perform task(s) on our behalf or under our instructions and we have entered into a contract with such party), it may not be possible to opt-out with our impairing the services provided by us.
- Accountability for onward transfer. When we act in the capacity of a data controller and transfer your personal data to a third party, we comply with the Principles of “notice” and “choice” described above. We also enter into a contract with the third-party contractor that ensures that such data may only be processed for limited and specified purposes consistent with the consent provided by a data subject and that the recipient will provide the same level of protection as the Principles and, if this obligation is no longer met, a notification will be provided to us. The contract shall also provide that, when such a determination is made, the third-party controller ceases processing or takes other reasonable and appropriate steps to remediate. When we transfer personal data to a third party acting as an agent (our data processor), we will ensure that the agent: (i) shall use personal data only for limited and specified purposes; (ii) is obligated to provide at least the same level of protection as it is required by the Principles; (iii) takes reasonable and appropriate steps to ensure that it effectively processes the personal data transferred in a manner consistent with our obligations under the Principles; (iv) is required to notify us if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles; and (v) upon our notice, including under (iv), takes reasonable and appropriate steps to stop and remediate unauthorised processing of personal data. We will also provide a summary or a representative copy of the relevant privacy provisions of the contract, upon request of a public authority.
- Security. We take reasonable and appropriate measures to protect personal data from loss, misuse, unauthorised access, disclosure, alteration and destruction. When ensuring such security, we take into due account the risks involved in the processing and the nature of the personal data. Our security measures are listed in the section “Protection of personal data”.
- Data integrity and purpose limitation. We collect only minimal amount of personal data that is relevant for the purposes of processing. We do not process personal data in a way that is incompatible with the purposes for which such personal data was collected or subsequently authorised by an individual. Moreover, we put reasonable efforts to ensure that personal data is reliable for its intended use, accurate, complete, and current. We adhere to the Principles for as long as we retain personal data.
- Access. You have the right to access the personal data that we hold about you. Moreover, you are able to correct, amend, or delete that data where it is inaccurate, or has been processed in violation of the Principles. Your rights are described in detail in section “Your Rights”. Please note that this right cannot be exercised if the burden or expense of providing access to your personal data would be disproportionate to the risks to your privacy or where the rights of persons other than you would be violated. You can exercise your rights by contacting us at support+privacy@automailtion.com
- Recourse, enforcement, and liability. The government agency in the US that is responsible for investigation and enforcement of our obligations under the Privacy Shield Framework is the US Federal Trade Commission (https://www.ftc.gov). In compliance with the Principles, we commit to resolve any complaints that we receive about our data protection practices. If you have any inquiries or complaints regarding this Privacy Policy or the Principles, you should first contact us at support+privacy@automailtion.com and explain your concern. We will respond to your claim without undue delay (no later than 2 weeks). We are further committed to refer unresolved disputes free-of-charge to you to an independent dispute resolution mechanism (binding arbitration). We have designated an independent recourse mechanism, namely, the American Arbitration Association (AAA), as an alternative dispute resolution provider. If you are not satisfied with how we handle your claim, you can visit http://go.adr.org/privacyshield.html for more information and an opportunity to file a complaint. Under certain conditions detailed in the Privacy Shield, you may be able to invoke binding arbitration before the Privacy Shield panel. Also, if you are based in the EU and would like to launch a complain about our handling of your personal data, you can contact the data protection authority in the country where you reside. We will respond expeditiously to complaints regarding our compliance with the Principles referred to us by any public authority. We further agree to periodically review and verify our compliance with the Principles and remedy any issues arising out of our failure to comply with the Principles. We acknowledge that our failure to provide an annual self-certification to the US Department of Commerce will remove us from the Department’s list of Privacy Shield participants. In the context of an onward transfer, we are responsible for the processing of personal data that we transfer to a data processor. We remain liable under the Principles if our data processors processes personal dat in a manner inconsistent with the Principles, unless can prove otherwise.
More information about Privacy Shield.For more information on the Privacy Shield Framework, please visit https://www.privacyshield.gov. You can easily check our Privacy Shield status by visiting the website of the US Department of Commerce available at https://www.privacyshield.gov/list.
Cookies
About cookies.A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. Cookies are designed to allow the recognition of your device and collection of certain information about your use of a website. Thus, over time, cookies allow websites to “remember” your actions, login information, and preferences. There are several types of cookies, namely, (i) persistent cookies, which remain valid until deleted, (ii) cookies that remain valid until their expiration date, and (iii) session cookies that are stored on a web browser and remain valid until the moment the browser is closed. Cookies may also be (i) first-party cookies (set by the website itself) and (ii) third-party cookies (placed by third-party websites).
Cookies that we use.We use several types of cookies on FlashIssue, including:
- Technical cookies,which are essential to ensure the correct functioning of FlashIssue and to provide the services requested by you;
- Marketing cookies,that support our marketing campaigns. For example, they allow us to create, implement, and examine our digital marketing strategies, reach the right customers, analyze the productivity of our marketing campaigns, and offer you personalized advertisement; and
- Statistics cookies,that are used to create statistical reports about how our customers use FlashIssue.
Purposes of cookies.We use cookies for their specific purposes. In general, our cookies are used to:
- To verify and remember your details while you are navigating on FlashIssue;
- To identify you as a unique user when you visit FlashIssue;
- To customize and personalize FlashIssue for your particular needs;
- To remember your custom preferences that you have about FlashIssue; and
- To generate reports about your browsing patterns.
In the table below, we provide an overview of the cookies used by us, their purposes, expiration time, and other details.
Strictly necessary technical cookies
| Name | Type | Provider | Expiration | Purpose |
|---|---|---|---|---|
| __cfduid | First-party
HTTP cookie |
FlashIssue
luckyorange.net |
1 year | The cookie is used by the content network Cloudflare to identify trusted web traffic. |
| debug | First-party
HTTP cookie |
Flashissue | Persistent | The cookie is used to identify and resolve software errors. |
Statistics cookies
| Name | Type | Provider | Expiration | Purpose |
|---|---|---|---|---|
| Google Analytics cookies __utm.gif,_utma, __utmb, __utmc, __utmt, __utmz, _ga, _gat, _gd#, _gid |
First-party
HTTP cookie |
FlashIssue | <1 hour – 2 years |
These cookies are used to calculate visitor, session and campaign data for our analytics reports. |
| ajs_anonymous_id | First-party
HTTP cookie |
Flashissue | 1 year | The cookie is used to identify a specific visitor. |
| Collect | Third-party pixel cookie | Google Analytics | End of session | The cookie is used to send information to Google Analytics about your device and behaviour. |
| p.gif | Third-party Pixel cookie | typekit.net | End of session | The cookie keeps track of special fonts used on the website for internal analysis. The cookie does not register any visitor data. |
Marketing cookiesNameTypeProviderExpirationPurpose
| __tld__ |
First-party HTTP cookie |
FlashIssue | End of session | The cookie is used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor’s preferences. |
| ajs%3Acookies ajs%3Atest |
First-party HTTP cookie |
Flashissue | 1 year | The cookies collect data on visitors. This information is used to assign visitors into segments, making website advertisement more efficient. |
| ajs_group_id | First-Party HTTP cookie | FlashIssue | 1 year | The cookie is used to assign specific visitors into segments, this segmentation is based on visitor behavior on the website – the segmentation can be used to target larger groups. |
| ajs_group_id ajs_group_properties ajs_user_id ajs_user_traits |
First-Party HTML cookie | FlashIssue | Persistent | The cookies collect data on visitors. This information is used to assign visitors into segments, making website advertisement more efficient. |
| GPS | Third-party HTTP cookie | Youtube | 1 day | The cookie registers a unique ID on mobile devices to enable tracking based on geographical GPS location. |
| IDE | Third-party HTTP cookie | DoubleClick | 1 year | The cookie is sed by Google DoubleClick to register and report the website user’s actions after viewing or clicking one of the advertiser’s ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user. |
| optimizely_data$$first_session | First-party HTML cookies | FlashIssue | End of session | The cookies are used for targeted advertising. |
| PREF | Third-party HTTP cookie | Youtube | 8 months | The cookie registers a unique ID that is used by Google to keep statistics of how the visitor uses YouTube videos across different websites. |
| test_cookie | Third-party HTTP cookie | DoubleClick | 1 day | The cookie is used to check if the user’s browser supports cookies. |
| VISITOR_INFO1_LIVE | Third-party HTTP cookie | Youtube | 179 days | The cookie tries to estimate the users’ bandwidth on pages with integrated YouTube videos. |
| YSC yt-remote-connected-devices yt-remote-device-id yt-remote-fast-check-period yt-remote-session-app yt-remote-session-name |
Third-party HTTP cookies | Youtube | End of session or persistent | The cookies store the user’s video player preferences using embedded YouTube video. |
Cookie consent.In some countries, certain cookie-generated data is considered to be personal data. Thus, when you visit FlashIssue for the first time, we may ask you to consent to our use of cookies. You are entitled to accept or deny our use of all types of cookies. If you do not provide your consent to our use of all cookies, we will serve you technical cookies only that are strictly necessary to ensure the proper functioning of FlashIssue. The use of such cookies does not require your consent. Please note that we may not be able to provide you with the best possible user experience if not all cookies are enabled.
Refusing cookies.If you would like to refuse our use of cookies on FlashIssue, you can decline our use of non-technical cookies through the cookie banner available on FlashIssue (the first time you visit FlashIssue). Also, at any time, you can disable cookies in your browser or device. Please note that some parts of FlashIssue may not function properly without cookies and you cannot decline strictly necessary cookies. For more information, please consult your browser’s FAQ. Links to some cookie management instructions are provided below:
- Apple Safari:https://support.apple.com/en-gb/guide/safari/manage-cookies-and-website-data-sfri11471/mac
- Google Chrome:https://support.google.com/chrome/answer/95647
- Firefox:https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- Internet Explorer:https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
- Microsoft Edge:https://support.microsoft.com/en-us/help/4468242/microsoft-edge-browsing-data-and-privacy-microsoft-privacy
Privacy Policy Changes
Although most changes are likely to be minor, we may change its Privacy Policy from time to time and post the latest version of the Privacy Policy on this page with a new effective date. If we have your contact details, we will send you a notice informing you about the changes implemented by us. For substantial changes to the Privacy Policy or where required by law, we will seek your consent.
Contact us
If you have any questions, inquiries, complaints, or questions about our Privacy Policy, the personal data that we have collected from you, the practices of FlashIssue, or your dealings with FlashIssue, please contact us:
Automailtion LLC
1495 Spalding Drive,
Atlanta GA 30350, USA
or via email at support+privacy@automailtion.com
A small part of this document has been provided by WordPress.org under Creative Commons licensing. We appreciate them making this available.
DATA PROTECTION ADDENDUM
This Data Protection Addendum (“Addendum”) is entered into as of May 24, 2018 (“Effective Date”) and forms part of the Terms of Service between Automailtion LLC (“Vendor”) and You (“Company”).
WHEREAS, in the course of providing the Services (defined below) to Company pursuant to the Services Agreement, the parties anticipate that Vendor may process Personal Data (defined below); and
WHERAS, the parties desire to set forth their mutual obligations and responsibilities concerning the processing of the Personal Data;
NOW THEREFORE, in consideration of the mutual obligations set out herein, the parties hereby agree that the terms and conditions set out below shall be added as an Addendum to the Services Agreement.
1. DEFINITIONS
The terms used in this Addendum shall have the meanings set forth in this Addendum. Capitalized terms not otherwise defined herein shall have the meaning given to them in the Services Agreement. Except as modified below, the terms of the Services Agreement shall remain in full force and effect.
“Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
“Controller” means the entity which determines the purposes and means of the Processing of Personal Data.
“Data Protection Laws and Regulations” means all laws and regulations, including laws and regulations of the European Union, the European Economic Area and their member states, Switzerland and the United Kingdom, applicable to the Processing of Personal Data under the Services Agreement.
“Data Subject” means the identified or identifiable person to whom Personal Data relates.
“GDPR” means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
“Personal Data” means any information relating to an identified or identifiable natural person.
“Processing” or “Process” means any operation or set of operations which is performed upon Personal Data or on sets of Personal Data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Processor” means the entity which Processes Personal Data on behalf of the Controller.
“Services” unless otherwise specifically defined within the Services Agreement shall mean those services being performed by Vendor on behalf of Company pursuant to the terms and conditions of the Services Agreement.
“Standard Contractual Clauses” means the terms approved by the European Commission’s decision (C(2010)593) of 5 February 2010 on Standard Contractual Clauses for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection, as may be amended from time-to-time by the European Commission.
“Sub-processor” means any Processor engaged by Vendor to Process Personal Data according to the terms of this Addendum, in connection with the performance of the Services under the Services Agreement.
“Supervisory Authority” means an independent public authority which is established by an EU Member State pursuant to the GDPR
2. PROCESSING OF PERSONAL DATA
2.1. Roles of the Parties. The parties acknowledge and agree that with regard to the Processing of Personal Data in connection with the performance of the Services under the Services Agreement, Company is the Controller, Vendor is the Processor and Vendor may engage Sub-processors solely pursuant to the requirements set forth in Section 5 below.
2.2 Company’s Requests for Processing of Personal Data. Company shall, in its use of the Services, Process Personal Data in accordance with the requirements of Data Protection Laws and Regulations. For the avoidance of doubt, Company’s instructions for the Processing of Personal Data shall comply with Data Protection Laws and Regulations. Company shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Company acquired Personal Data and transferred it to Vendor.
2.3 Vendor’s Processing of Personal Data. Unless required by applicable law, Vendor shall only Process Personal Data in accordance with Company’s documented instructions, and on its behalf, for the following purposes: (i) Processing in the performance of the Services in accordance with the Services Agreement; and (ii) Processing to comply with other reasonable documented instructions provided by Company where such instructions are consistent with the terms of the Services Agreement.
2.4 Details of the Processing. The subject-matter, the nature and purpose of the Processing of Personal Data by Vendor is the performance of the Services pursuant to the Services Agreement. The duration of the Processing of Personal Data by Vendor shall be for the Term of the Services Agreement. The types of Personal Data and categories of Data Subjects Processed under this Addendum are further specified in Schedule 1 (Details of the Processing) to this Addendum.
3. Vendor Personnel
3.1 Vendor shall take reasonable steps to ensure the reliability of any employee, agent or contractor who may have access to Personal Data, ensuring in each case that access is limited to those individuals who need to know, or have access to, the Personal Data for the performance of the Services in accordance with the terms of the Services Agreement, and to comply with applicable laws. Vendor shall ensure that its personnel engaged in the Processing of Personal Data are informed of the confidential nature of the Personal Data, have received appropriate training on their responsibilities, and have executed written confidentiality agreements.
Security
4.1 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Vendor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
4.2 In assessing the appropriate level of security, Vendor shall take into account in particular the risks that are presented by Processing, including protection against unauthorized or unlawful Processing and against accidental or unlawful destruction, loss or alteration or damage, unauthorized disclosure of, or access to, Personal Data.
5. Sub-processing
5.1 Company hereby agrees that Vendor may appoint Sub-processors in accordance with this Section 5 in furtherance of the performance of the Services according to the terms and conditions of the Services Agreement.
5.2 Company acknowledges that it is aware of the Sub-processors currently engaged by Vendor and agrees that Vendor may continue to use any Sub-processors already engaged by Vendor as of the date of this Addendum. Vendor has entered into a written agreement with each Sub-processor containing data protection obligations not less protective than those in this Addendum with respect to the protection of Personal Data to the extent applicable to the nature of the services provided by such Sub-processor
5.3 Vendor shall give Company prior written notice of its intent to appoint any new Sub-processor during the Term of the Services Agreement, including full details of the Processing to be undertaken by the Sub-processor. If, within five (5) days of receipt of that notice, Company notifies Vendor in writing of any reasonably objections to the proposed appointment, the parties agree to work in good-faith to address the concerns raised by Company or identify an alternate Sub-processor. Vendor shall not provide any Personal Data to any new Sub-processor for Processing prior to the end of the five-day notice period or in the event Company reasonably objects to the appointment, until the parties have mutually resolved Company’s concerns.
5.4 Vendor shall ensure that each Sub-processor performs its obligations in a manner consistent with the terms of this Addendum and the Services Agreement. Vendor shall be liable for the acts and omissions of its Sub-processors to the same extent Vendor would be liable if performing the services of each Sub-processor directly under the terms of this Addendum.
6. Data Subject Rights
6.1 Taking into account the nature of the Processing, Vendor shall assist Company by implementing appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Company’s obligations to respond to requests to exercise Data Subject rights under the Data Protection Laws and Regulations.
6.2 To the extent legally permitted, Vendor shall promptly notify Company if Vendor receives a request from a Data Subject to exercise the Data Subject’s right of access, right to rectification, restriction of Processing, erasure (“right to be forgotten”), data portability, object to the Processing, or its right not to be subject to an automated individual decision making (each a “Data Subject Request”). Vendor shall not respond to any Data Subject Requests except on the documented instructions of Company or as required by applicable laws.
6.3 To the extent Company does not have the ability to address a Data Subject Request, Vendor shall upon Company’s request provide commercially reasonable efforts to assist Company in responding to such Data Subject Request, to the extent Vendor is legally permitted to do so and the response to such Data Subject Request is required under Data Protection Laws and Regulations. Company shall be responsible for any costs arising from Vendor’s provision of such assistance.
7. Personal Data Breach
7.1 Vendor shall notify Company without undue delay upon Vendor or any Sub-processor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Company with sufficient information to allow Company to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws and Regulations.
7.2 Vendor shall cooperate with Company and take such reasonable commercial steps as are directed by Company to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
8. Data Protection Impact Assessment and Prior Consultation
8.1 Vendor shall provide reasonable assistance to Company with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Company reasonably considers to be required by the applicable Data Protection Laws and Regulations, in each case solely in relation to Processing of Company Personal Data by, and taking into account the nature of the Processing and information available to Vendor. Company shall be responsible for any costs arising from Vendor’s provision of such assistance.
Deletion or return of Company Personal Data
9.1 Subject to Section 9.2, upon termination of the Services Agreement between the parties, Company may by written notice to Vendor, require Vendor and any Sub-processor to (a) return a complete copy of all Company Personal Data to Company by secure file transfer; and/or (b) delete and procure the deletion of any other copies of Company Personal Data Processed by Vendor. Vendor shall promptly comply with such written requests. If Company has not provided a written request for the return of the Company Personal Data within thirty (30) days of the termination of the Services Agreement, Vendor shall be permitted to delete the Company Personal Data with no further liability to Company.
9.2 Vendor and any Sub-processor may retain Company Personal Data to the extent required by applicable laws and only to the extent and for such period as required by applicable laws and always provided that Vendor and each Sub-processor shall ensure the confidentiality of all such Company Personal Data and shall ensure that such Company Personal Data is only Processed as necessary for the purpose(s) specified in the applicable laws requiring its storage and for no other purpose.
10. Audit rights
10.1. Subjection to Section 10.2, Vendor shall make available to Company on request all information reasonably necessary to demonstrate compliance with this Addendum, and shall allow for and contribute to audits, including inspections, by Company or an auditor mandated by Company in relation to the Processing of Personal Data by Vendor for Company.
10.2 Company shall give Vendor reasonable notice of any audit or inspection to be conducted under section 10.1 and shall make (and ensure that each of its mandated auditors makes) reasonable endeavors to avoid causing any damage, injury or disruption to the Vendor’s premises, equipment, personnel and business while its personnel are on those premises in the course of such an audit or inspection. Company shall conduct, or have such audits or inspections conducted during normal business hours, unless otherwise required under applicable law. Company shall only perform such audits or inspections no more than once per calendar year, unless the audit or inspection is required due to a Vendor’s breach of the terms of this Addendum or is expressly requested or required by a Supervisory Authority.
11. Restricted Transfers
11.1 To the extent that the Processing to be performed by Vendor in the performance of the Services involves the transfer of Personal Data from the European Economic Area to the United States, Company (as “data exporter”) and Vendor (as “data importer”) hereby enter into the Standard Contractual Clauses, as may be amended by the European Commission from time-to-time to ensure compliance with the Data Protection Laws and Regulations. In the event, during the Term of the Services Agreement, the Standard Clauses are deemed insufficient to allow for a transfer of Personal Data to the United States in compliance with the Data Protection Laws and Regulations, the parties agree to work together in good-faith to amend this Addendum as necessary to permit the necessary transfer of Personal Data.
12. Limitation of Liability
12.1 Each party’s liability arising out of or related to this Addendum, whether in contract, tort or under any other theory of liability, is subject to the Limitation of Liability section of the Services Agreement, and any reference in such section to the liability of a party means the aggregate liability of that party and all of its Affiliates under the Agreement and this Addendum together.
13. General Terms
13.1 Nothing in this Addendum reduces Vendor or Company’s obligations under the Services Agreement in relation to the protection of Personal Data or permits Vendor to Process (or permit the Processing of) Personal Data in a manner which is prohibited by the Services Agreement. In the event of any conflict or inconsistency between this Addendum, the Services Agreement and the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail, followed by the terms of the Addendum.
13.2 Should any provision of this Addendum be invalid or unenforceable, then the remainder of this Addendum shall remain valid and in force. The invalid or unenforceable provision shall be either (i) amended as necessary to ensure its validity and enforceability, while preserving the parties’ intentions as closely as possible or, if this is not possible, (ii) construed in a manner as if the invalid or unenforceable part had never been contained therein.
SCHEDULE 1: DETAILS OF PROCESSING OF COMPANY PERSONAL DATA
This Schedule 1 includes certain details of the Processing of Company Personal Data as required by Article 28(3) GDPR.
Subject matter and duration of the Processing of Company Personal Data
The subject matter and duration of the Processing of the Company Personal Data is set out in the Services Agreement between the parties.
The nature and purpose of the Processing of Company Personal Data
The nature and purpose of the Processing of the Company Personal Data is set out in the Services Agreement between the parties.
The types of Company Personal Data to be Processed
- Names
- Email addresses
- IP addresses
- Browser type
- URL query string
The categories of Data Subject to whom the Company Personal Data relates
- Company Customers
- Subscribers to Company mailing lists
The obligations and rights of Company and Company Affiliates
The obligations and rights of Company and Company Affiliates are set out in the Services Agreement and this Addendum