Privacy Policy

Please, read this Privacy Policy carefully. You acknowledge that by visiting our websites and sign in up to our services you agree with all the terms described below.

Thanks for using SmartSender or visiting one of our websites. 

This Policy explains the what, how, and why of the information we collect when you visit one of our websites, or when you use our Services. It also explains the specific ways we use and disclose that information. We respect the privacy rights and data protection rights of our clients and their users and recognize the importance of protecting the personal information we collect about you. We take your privacy extremely seriously, and we never sell lists or email addresses.


1. Definitions

These definitions should help you understand this Policy. 

“SmartSender”, “we”, “us”– Smart Sender PLC d/b/a SmartSender, a Estonia Private Limited Company (osaühing or OÜ in Estonian) provides online platforms that you may use to market to or stay in contact with others, including creating, sending, and managing emails, SMSs and other information related to your Subscribers (the ‘Services’). 

“Client”, “you”, “your”  – the person or entity that is registered with us to use the Services. It is referred  to some other person who visits any of our Websites as well. 

“Subscriber”  – a person you contact through our Services, or a person who you might choose to contact at some point in the future through the use of our Services. In other words, a Subscriber is anyone on your Distribution List or about whom you have given us information. 

“Personal Data” –  means information that can be used to identify you or a Subscriber, including, but not limited to, first and last name, date of birth, email address, gender, occupation or other demographic information to the extent that such information is protected as personal data under applicable Data Protection Law

“Customer Data” – means any Personal Data that SmartSender processes on behalf of Client as a Data Processor in the course of providing Services under the Terms of Use.

“Distribution List” – a list of Subscribers and all associated information related to those Subscribers (for example, email addresses).

“Website”, “Websites” – We offer the Services on our website This Privacy Policy applies to this specific website, and as well as any other sites owned or operated by us (each a ‘Website’ and together the ‘Websites’). The ‘Websites’ include the Websites themselves, and any web pages, interactive features, applications, widgets, blogs, social networks, social network ‘tabs,’ or other online, mobile, or wireless offerings that post a link to this Privacy Policy, whether accessed via computer, mobile device, or other technology, manner or means. 

“Services” means any product or service provided by SmartSender to Client in each case in whatever format they may be offered now or in the future. While providing the Services, and as described in more detail below, we may collect Personal Data about a Website visitor, Client, person or email address on or related to a Distribution List, or Subscriber.

2. Changes

We may change this Privacy Policy at any time and from time to time. The most recent version of the Privacy Policy is reflected by the version date located at the bottom of this Privacy Policy. All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this Privacy Policy or other notice on the Website. We encourage you to review this Privacy Policy often to stay informed of changes that may affect you, as your continued use of the Website signifies your continuing consent to be bound by this Privacy Policy. Our electronically or otherwise properly stored copies of this Privacy Policy are each deemed to be the true, complete, valid, authentic, and enforceable copy of the version of this Privacy Policy which were in effect on each respective date you visited the Website.

3. Scope

This Privacy Policy is effective with respect to any data that we have collected, or collect, about and/or from you, according to our Terms of Use.

4. Questions & Concerns

If you have any questions or comments, or if you want to update, delete, or change any Personal Data we hold, or you have a concern about the way in which we have handled any privacy matter, please mail to SmartSender Attn. Privacy Officer or use our contact form to send us a message.


5. Information We Collect

  1. Information you voluntarily provide to us: When you sign up for and use the Services, consult with our customer service team, send us an email, post on our blog, integrate the Services with another website or service (for example, when you choose to connect your e-commerce account with SmartSender), or communicate with us in any way, you are voluntarily giving us information that we collect. That information may include either your or your Subscribers’ name, physical address, email address, IP address, phone number, credit card, and other payment-related information, as well as details including gender, occupation, location, purchase history, and other demographic information. By giving us this information, you consent to this information being collected, used, disclosed, transferred and stored by us, as described in our Terms of Use and in this Privacy Policy.
  2. Information we collect automatically: When you use the Services or browse one of our Websites, we may collect information about your visit to our Websites, your usage of the Services, and your web browsing. That information may include your IP address, your operating system, your browser ID, your browsing activity, and other information about how you interacted with our Websites or other websites. We may collect this information as a part of log files as well as through the use of cookies or other tracking technologies. Our use of cookies is discussed more below, and in more detail in our Cookie Statement here.
  3. List and email information: When you add a Distribution List or create an email with the Services, we have and may access the data on your list and the information in your email. If a Subscriber chooses to use the ‘forward to a friend’ (FTF) link in an email campaign you send, it will allow the Subscriber to share your email content with individuals not on your Distribution List. When a Subscriber forwards an email to a friend, we do not store your Subscriber’s email address or their friend’s email address, and no one is added to any Distribution List as a result of the FTF. The Client who created the email campaign only sees an aggregate number of times their email campaign was forwarded by a Subscriber and does not have access to the email addresses used to share or receive that forwarded content.
  4. Information from your use of the Service: We may receive information about how and when you use the Services, store it in log files or other types of files associated with your account, and link it to other information we collect about you. This information may include, for example, your IP address, time, date, browser used, and actions you have taken within the application. This type of information helps us to improve our Services for both you and for all of our users.
  5. Cookies and tracking: We and our partners use cookies or similar technologies to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base as a whole. Users can control the use of cookies at the individual browser level. We partner with a third party to either display advertising on our website or to manage our advertising on other sites. Our third party partner may use cookies or similar technologies in order to provide you advertising or other content based upon your browsing activities and interests. If you wish to opt out of interest-based advertising click (or if located in the European Union click ). Please note you might continue to receive generic ads. For more information about our use of cookies and other tracking technologies, as well as how to opt out, please refer to our Cookie Statement here.
  6. Web beacons: We use web beacons on our Websites and in our emails. When we send emails to Clients, we may track behavior such as who opened the emails and who clicked the links. This allows us to measure the performance of our email campaigns and to improve our features for specific segments of Clients. To do this, we include single pixel gifs, also called web beacons, in emails we send. Web beacons allow us to collect information about when you open the email, your IP address, your browser or email client type, and other similar details. We also include Web Beacons in the emails we deliver for you. We use the data from those Web Beacons to create reports about how your email campaign performed and what actions your Subscribers took. Reports are also available to us when we send email to you, so we may collect and review that information.
  7. Information from other sources: We may receive more information about you or your Subscribers, such as name, email address, demographic information, IP addresses, location, and use of social media websites, by searching the Internet or querying third parties (we refer to that information as ‘Supplemental Information’). We use Supplemental Information to develop features including Social Profiles, a tool that helps you learn about your Subscribers and allows you to send them more relevant content.
  8. Other Information: We may collect other information from you that is not specifically listed here. We may use any such information in accordance with this Privacy Policy or as otherwise permitted by you.
  9. Information from the use of our Mobile Apps: When you use our mobile apps, we may collect certain information in addition to information described elsewhere in this Policy. For example, we may collect information about the type of device and operating system you use. We may ask you if you want to receive push notifications about activity in your account. If you have opted in to these notifications and no longer want to receive them, you may turn them off through your operating system. We do not ask for, access or track any location-based information from your mobile device at any time while downloading or using our Mobile Apps or Services. We may use mobile analytics software to better understand how people use our application. We may collect information about how often you use the application and other performance data.

6. Data Collected for and by our Clients

As you use our Services, you may import into our system Customer Data you have collected from your Subscribers or other individuals. We have no direct relationship with your Subscribers or any person other than you, and for that reason, you are responsible for making sure you have the appropriate permission for us to collect and process information about those individuals. Consistent with the uses of the information covered in Section 6, we may transfer Customer  Data of you or your Subscribers to companies that help us promote, provide, or support our Services or the services of our Clients (‘Service Providers’). All Service Providers enter into a contract with us and obliged to meet appropriate security requirements consistent with this Policy and comply with all applicable legislation and . As part of our Services, we may use and incorporate into features information you have provided, we have collected from you, or we have collected about Subscribers. We may share this information, including Subscriber email addresses, with third parties in line with the approved uses in Section 6.

If you are a Subscriber and no longer want to be contacted by one of our Clients, please unsubscribe directly from that Client’s newsletter or contact the Client directly to update or delete your data. If you contact us, we may remove or update your information within a reasonable time and after providing notice to the Client of your request.

We will retain Customer Data we process on behalf of our Clients for as long as needed to provide our Services or to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our agreements.

7. Use and Disclosure of the Information We Collect

We may use and disclose Information only for the following purposes:

  1. To promote use of our services to you. For example, if you leave your Personal Data when you visit our Website and do not sign up for any of the Services, we may send you an email inviting you to sign up. If you use any of our Services and we think you might benefit from using another Service we offer, we may send you an email about that. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email we send. In addition, we may use information we collect in order to advertise our Services to you or suggest additional features of our Services that you might consider using. For more information on how we use cookies or other tracking technologies for this purpose, as well as how to opt out of the use of cookies, please see our Cookie Statement here.
  2. To send you informational and promotional content that you may choose (or ‘opt in’) to receive. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email.
  3. To bill and collect money owed to us by our Clients. This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and we send billing information to those third parties to process your orders and credit card payments. To learn more about the steps we take to safeguard that data, see Section 14 below.
  4. To send you System Alert messages. For example, we may inform you of temporary or permanent changes to our Services, such as planned outages, new features, version updates, releases, abuse warnings, and changes to our Privacy Policy.
  5. To communicate with our Client about their account and provide customer support.
  6. To enforce compliance with our Terms of Use and applicable law. This may include developing tools and algorithms that help us prevent violations.
  7. To protect the rights and safety of our Clients and third parties, as well as our own.
  8. To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
  9. To provide information to representatives and advisers, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.
  10. To prosecute and defend a court, arbitration, or similar legal proceeding.
  11. To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
  12. To provide, support, and improve the Services we offer. This includes our use of the data that our Clients provide us in order to enable our Clients to use the Services to communicate with their Subscribers. This also includes, for example, aggregating information from your use of the Services or visit to our Websites and sharing this information with third parties to improve our Services. This might also include sharing your information or the information you provide us about your Subscribers with third parties in order to provide and support our Services or to make certain features of the Services available to you. When we do have to share Personal Data with third parties, we take steps to protect your information by requiring these third parties to enter into a contract with us that requires them to use the Personal Data we transfer to them in a manner that is consistent with this Policy.
  13. To provide suggestions to you. This includes adding features that compare Clients’ email campaigns, or using data to suggest products or services that you may be interested in or that may be relevant to you or your Subscribers. Some of these suggestions are generated by use of our Data Science Projects. For more information about our use of cookies for this purpose, and instructions about how to opt out of having data collected through the use of cookies, please see our Cookie Statement here.
  14. To transfer your information in the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this Privacy Policy, including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on our Website.

8. Public Information and Third Party Websites

We may use and disclose Personal Data only for the following purposes:

  1. Blog. We have public blogs on our Websites. Any information you include in a comment on our blog may be read, collected, and used by anyone. We are not responsible for the personal information you choose to publicly post on the Websites. If your Personal Data appears on our blogs and you want it to be removed, contact us here. If we are unable to remove your information, we will provide you the reasons.
  2. Social media platforms and widgets. Our Websites include social media features, such as the Facebook Like button. These features may collect information about your IP address and which page you are visiting on our Website, and they may set a cookie to make sure the feature functions properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. We also maintain presences on social media platforms including Facebook, Twitter, and Instagram. Any information, communications, or materials you submit to us via a social media platform is done at your own risk without any expectation of privacy. We cannot control the actions of other users of these platforms or the actions of the platforms themselves. Your interactions with those features and platforms are governed by the privacy policies of the companies that provide them.
  3. Links to third-party websites. Our Websites include links to other websites, whose privacy practices may be different from SmartSender’s. If you submit Personal Data to any of those sites, your information is governed by their Privacy Policies. We encourage you to carefully read the Privacy Policy of any Website you visit. Please be aware that we do not warn you choose to click through to another website when using the Service.

9. Third Parties

We may disclose your personal information to the following types of third parties for the purposes described in this Policy:

  1. Service providers. Sometimes, we need to use third party Service Providers (sub processors) in order to provide and support the features of our Services. For example, if it is necessary to provide you something you have requested (like send you our affiliate  promotional materials, or enable a feature such as Social Profiles), then we may share your Personal Data with a Service Provider for that purpose. The list of our main sub-processors is presented in the Annex A to Data Processing Agreement as an addendum to our Terms of Use, and you also may request at any time the names of our new Service Providers. Just like with the other third parties we work with, these third party Service Providers enter into a contract that requires them to use your Personal Data in a manner that is consistent with this Policy.
  2. Advertising partners. We may partner with third parties to display advertising on our Websites or to manage our advertising on other sites and may share Personal Data with them for this purpose. All third parties with which we share this information enter into a contract with us that requires them to use your Personal Data in a manner that is consistent with this Policy. We or our third party partners may use technologies, such as cookies, to gather information about your activities on our Websites and other sites in order to provide you with advertising based on your browsing activities and interests. For more information about cookies, please see our Cookie Statement here.

10. Contest and Sweepstakes

We may, from time to time, offer surveys, contests, sweepstakes, or other promotions on our Websites or through social media (collectively ‘Our Promotions’). Participation in our Promotions is completely voluntary. Information requested for entry may include personal contact information such as your name, address, date of birth, phone number, email address, username, and similar details. We use the information you provide to administer Our Promotions. We may also, unless prohibited by the Promotion’s rules or law, use the information provided to communicate with you, or other people you select, about our Services. We may share this information with our affiliates and other organizations or Service Providers in line with this Policy and the rules posted for the Promotion.

11. Content of Email Campaigns

When you send an email marketing campaign, it bounces from server to server as it crosses the Internet. Along the way, server administrators can read what you send. Email was not built for confidential information. Please do not use SmartSender to send confidential information.

Sometimes we review the content of our Clients’ email campaigns to make sure they comply with our Terms of Use. To improve that process, we have software that helps us find email campaigns that may violate our Terms of Use. Our employees or independent contractors may review those particular email campaigns. This benefits all Clients who comply with our Terms of Use because it reduces the amount of spam being sent through our servers and helps us maintain high deliverability.


12. Your Distribution Lists

A Distribution List can be created in a number of ways, including by importing contacts, such as through csv or directly from your email client. Your Distribution Lists are stored on a secure SmartSender server. We do not, under any circumstances, sell your Distribution Lists. If someone on your Distribution List complains or contacts us, we might then contact that person. Only authorized employees have access to view Distribution Lists. You may export (download) your Distribution Lists from SmartSender at any time.

We will use and disclose the information in your Distribution Lists only for the reasons discussed in Sections 6-9. We will not use and disclose the information in your Distribution Lists to:

  • bill or collect money owed to us;
  • send you system alert messages;
  • communicate with you about your account; or
  • send you informational and promotional content.

If we detect abusive or illegal behavior related to your Distribution List, we may share your Distribution List or portions of it with affected ISPs or anti-spam organizations.


13. Notice of Breach of Security

If a security breach causes an unauthorized intrusion into our system that materially affects you or people on your Distribution Lists, then SmartSender will notify ASAP and later report the actions we took in response.

14. Safeguarding Your Information

We take reasonable and appropriate measures to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the Personal Data.

We limit access to personal information about you to employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their jobs. Further, we have implemented reasonable physical, electronic, and procedural safeguards designed to protect personal information about you. No method of transmission over the Internet, method of electronic storage or other security methods are one hundred percent secure. Therefore, while we strive to use reasonable efforts to protect your personal information, we cannot guarantee its absolute security. You can find out more about our technical and organizational safeguards on our Security page.

Our credit card processing vendor uses security measures to protect your information both during the transaction and after it is complete. Our vendor is certified as compliant with card association security initiatives, including the Visa Cardholder Information Security and Compliance (CISP), MasterCard® (SDP), and Discovery Information Security and Compliance (DISC). We also perform annual SOC II audits. If you have any questions about the security of your Personal Data, you may contact us at

SmartSender accounts require a username and password to log in. You must keep your username and password secure, and never disclose it to a third party. Because the information in your Distribution Lists is so sensitive, account passwords are encrypted, which means we cannot see your passwords. We cannot resend forgotten passwords either. We will only reset them.


15. EU General Data Protection Regulation

SmartSender as an Estonian company is guided by the General Data Protection Regulation EU 2016/679 (GDPR) and Estonian Law. SmartSender has taken all necessary measures to comply with the GDPR. However, an organization that it is not established within the EU will still be subject to the GDPR if it processes personal data of data subjects who are in the Union where the processing activities are related “to the offering of goods or services” (Article 3(2)(a)) (no payment is required) to such data subjects in the EU or “the monitoring of their behaviour” (Article 3(2)(b)) as far as their behaviour takes place within the EU.

At the same time our servers and offices are located in the EU and United States, so your information may be transferred to, stored, or processed in the United States. By using our Websites, you understand and consent to the collection, storage, processing, and transfer of your information to our facilities in the United States and those third parties with whom we share it as described in this Policy.

16. Data Transfers from the EU to Third Countries

SmartSender is responsible for the processing of Personal Data it receives in accordance with the requirements of the GDPR. 

Transfers of personal data to third countries outside of the EU (and Norway, Liechtenstein and Iceland) are only permitted where the conditions laid down in the GDPR.

Currently, the following countries or territories enjoy adequacy decisions: Andorra, Argentina, Canada (with some exceptions), Switzerland, Faroe Islands, Guernsey, Israel, Isle of Man, Jersey, Eastern Republic of Uruguay and New Zealand.

Transfers to third countries are also permitted where appropriate safeguards have been provided by the controller or processor and on condition that enforceable data subject rights and effective legal remedies for the data subject are available. The list of appropriate safeguards includes among others binding corporate rules, standard contractual clauses, and the EU – U.S. Privacy Shield Framework.

The GDPR also includes a list of context specific derogations, permitting transfers to third countries where: 

  1. explicit informed consent has been obtained;
  2. the transfer is necessary for the performance of a contract or the implementation of pre-contractual measures;
  3. the transfer is necessary for the conclusion or performance of a contract concluded in the interests of the data subject between the controller and another natural or legal person;
  4. the transfer is necessary for important reasons of public interest;
  5. the transfer is necessary for the establishment, exercise or defense of legal claims;
  6. the transfer is necessary in order to protect the vital interests of the data subject where consent cannot be obtained; or
  7. the transfer is made from a register which according to EU or Member State law is intended to provide information to the public, subject to certain conditions. 

Transfers demanded by courts, tribunals or administrative authorities of countries outside the EU are only recognised or enforceable (within the EU) where they are based on an international agreement such as a mutual legal assistance treaty in force between the requesting third country and the EU or Member State; a transfer in response to such requests where there is no other legal basis for transfer will infringe the GDPR.

Learn more about the GDPR requirements on transfers of personal data to third countries or international organisations (Chapter V) here.

17. Accuracy of Data, Transparency, and Choice

We do our best to keep your data accurate and up to date, to the extent that you provide us with the information we need to do so. If your data changes (for example, if you have a new email address), then you are responsible for notifying us of those changes. Upon request, we will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Data.

We will retain your information for as long as your account is active or as long as needed to provide you with our Services. We may also retain and use your information in order to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our Agreements.

As explained in Sections 6 and 9 of this Policy, SmartSender shares your Personal Data and the Personal Data you may have collected from your Subscribers with Service Providers (Sub-processors) in order to provide and support our Services. With respect to Personal Data we share with our advertising partners, you have a choice. You can opt-out of this sharing with our third party advertising partners by adjusting your cookie settings as explained in more detail in Section 5 and in our Cookie Statement here.

18. Right of Access, Right of Rectification and Right to be forgotten

We will give an individual, either you or a Subscriber, access to any Personal Data we hold about them within 30 days of any request for that information. Individuals may request to access, correct, amend or delete information we hold about them by contacting us here

Client may rectify his/her personal information at any time through account settings. The Client can also contact us directly to edit or rectify the information.

We will remove any Personal Data about an individual, either you or a Subscriber, from our servers at your or their request. There is no charge for an individual to access or update their Personal Data.

If any question, please, feel free to contact us through our contact form or email at

19. Do Not Track Disclosure

‘Do Not Track’ is a standard that is currently under development. Because it is not yet finalized, SmartSender adheres to the standards in this Policy and does not monitor or follow any Do Not Track browser requests. That said, some of our features may have the ability to monitor or follow Do Not Track browser requests.

20. California Privacy

Information for California residents. 

a) SmartSender, being a company registered in an EU member state, is fully compliant with GDPR. But, given that the California Consumer Protection Act, AB 375, has its own specific requirements, our company takes all measures to ensure compliance and protect the privacy rights of California resident-clients, particularly:

  • Know what personal information is being collected about them, know whether their personal information is sold or disclosed and to whom

They can request the information about what, how we have collected and used their Personal Information over the past 12 months, as well as the purposes for collecting Personal Information and the types of third parties with whom we share Personal Information and the categories of Personal Information we disclosed to Third parties at any time, but not more than twice in a 12-month period.

  • Say no to the sale of personal information

As it was mentioned in the Preambulе of this document, SmartSender never sells lists or email addresses.

  • Access their Personal Information

They may request a copy of Personal Information that we have collected about them or update, delete, or change any Personal Information by sending an email to Attn. Privacy Officer or by sending us a request message  using our contact form. SmartSender will undertake the steps within 45 days (the time period to provide the required information may be extended once by an additional 45 days) to disclose and deliver free of charge Personal Information upon receipt of a verifiable request.

  • Request a business to delete any personal information about a Client collected from that Client

They may request SmartSender to delete any Personal Information by sending an email to Attn. Privacy Officer or by sending us a request message using our contact form .

SmartSender will delete the client’s Personal Information from its records and direct any service providers to delete the client’s personal information from their records.

  • Be not discriminated against for exercising their privacy rights

They are entitled to exercise the rights described above free from discrimination prohibited by the CCPA. SmartSender assures all its Clients that they are free to exercise their rights without any discriminations.

b) SmartSender, offering services to its Clients, acts as a “service provider” under the CCPA. Our receipt and collection of any Subscriber Personal Information is completed on behalf of our Clients in order for us to provide the Service. Please direct any requests for access or deletion of your Personal Information under the CCPA to the entity with whom you have a direct relationship.

Last updated: 01 January 2020