Updated November 22, 2022.
SafetyMails is a service whose purpose is to promote the improvement of the quality of email databases used for email marketing, through validations and verifications of email addresses, based on diverse information obtained from emails providers, various technical documentation, such as RFC 822 and RFC 5321, as well as other technical data sources, allowing email communication to be done without major complications, with reduced error rates, and thus with a considerable increase in reputation, reduction of the overall cost of sending, both for senders and for the services that are receiving emails.
This document will inform you of the procedures adopted by SafetyMails regarding the collection of general data, use and storage of information provided by you in our databases and how we handle the information provided by you.
In this document, you will find, among other affairs:
- Why do we offer this service?
- What are the sources of personal data?
- What kind of information does SafetyMails collect?
- How do we handle e-mail data entered into our system?
- With whom does SafetyMails share your data?
- International data transfer
- How long is the data stored?
- Permission to Send Emails
- Data Security
- What are the rights of data subjects?
- How do I contact the SafetyMails DPO?
2. Why do we offer this service?
Over the last few years we have realized that the email marketing industry in general has one problem in common: poor quality e-mail lists. We found that most sites that have a registration area don’t perform email verification using the Double Opt-in feature (where an email is sent to the address you entered for verification) or any other that would guarantee the quality level of the email addresses. In addition, many emails were left inactive for long periods in the databases, raising questions about the current status of those accounts (users tend to change email frequently and eventually delete or inactivate old email addresses ).
This behavior results in: a drop of reputation in IPs and domains, increased provider blockages, lower inbox placement and lower ROI for E-commerce. Direct marketing done correctly requires that information be up to date and correct to avoid undue contact.
The service provides that the processing of this email information is relevant to the extent that it is necessary for the execution of contracts or requests from which the recipients of the actions of our customers are part, to protect the interests of those same recipients (GDPR, Art. 6, item 1d).
For this reason, SafetyMails promotes the cleaning of email databases, because we believe that the email marketing industry can be healthier and more profitable if we avoid sending invalid emails. Providers aprove of this behavior, customers will have reduce costs and more recipientes may be hit correctly by the actions.
3. What are the sources of personal data?
The amount and type of data collected by SafetyMails varies depending on your use of our services, so we will collect data if you create an account on our system, download a material or are using the SafetyMails platform.
This policy applies to personal data we collect about or with you through the following sources:
- SafetyMails Websites: consumer-facing websites operated by or for SafetyMails, including sites under our own domains and subdomains and/or mini sites that we maintain under separate domains, such as www.emailmarketingsummit.com or on third-party platforms, such as RD Station.
- SafetyMails Platform: SafetyMails’ email verification platform.
- Data Created By Us: Our staff may, during interactions with you, create personal data about you (for example, your name, phone number and email address).
- Events: Events held and organized by SafetyMails, as well as events in which SafetyMails participates as a sponsor and/or exhibitor.
All data we collect is used solely and exclusively to provide our services. Thus, all data about you is considered as confidential.
4. What kind of information does SafetyMails collect?
4.1 Visitors to our websites
4.1.1 Website cookies
Site cookies are cookies that are sent to the user’s and administrator’s computer or device solely by the site.
The information collected via these cookies is used to improve and personalize the user experience, with some cookies being used, for example, to remember user preferences and choices, as well as to provide personalized content.
4.1.2 Third-party cookies
Some of our partners may set cookies on the devices of users who access our site.
These cookies, in general, aim to enable our partners to offer their content and services to the user who accesses our site in a personalized way, by obtaining navigation data extracted from his/her interaction with the site.
The user can obtain more information about third-party cookies and how the data obtained from them are handled, as well as access a description of the cookies used and their characteristics, by accessing the following link:
- Google Analytics – https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=pt-br
- Facebook – https://www.facebook.com/policies/cookies/
The entities in charge of collecting the cookies may assign the information obtained to third parties.
4.1.3 Cookie management
The user can oppose the registration of cookies by the site, simply by disabling this option in their own browser. More information on how to do this in some of the major browsers used today can be accessed from the following links:
- Internet Explorer: https://support.microsoft.com/pt-br/help/17442/windows-internet-explorer-delete-manage-cookies
- Safari: https://support.apple.com/pt-br/guide/safari/sfri11471/mac
- Google Chrome: https://support.google.com/chrome/answer/95647?hl=pt-BR&hlrm=pt
- Mozila Firefox: https://support.mozilla.org/pt-BR/kb/ative-e-desative-os-cookies-que-os-sites-usam
- Opera: https://www.opera.com/help/tutorials/security/privacy/
The deactivation of cookies, however, may eventually affect the availability of some tools and functionalities of the site, compromising its correct and expected functioning. Another possible consequence is the removal of user preferences that may have been saved, jeopardizing your experience.
4.2 In our platform
When you create your account at SafetyMails, we require some data that identifies you and/or your organization.
The purpose of this collection is to identify the system user and to fulfill legal obligations, such as billing data.
For account creation, we will collect:
- Contact data (Name, Email, Country, Phone)
- Digital identification data (IP address)
- Electronic location data (city based on IP address)
- Professional profile (Company name)
For contracting our services, they will be collected:
- Contact Information (Name, Email, Country, State, City, Address, Phone)
- Billing and collection data (Personal registration number – like VAT, Email, Country, State, City, Street, Telephone, Credit Card Data, when the option for this payment method is made)
To ensure the security of credit card information, SafetyMails does not store this information in its databases, and only works with encrypted data. The information is kept confidential and only held by the payment systems.
4.3 For the use of email verification services:
For the mailing list verification service:
- Email address
Personal data is collected through an upload process performed by the Controller in the SafetyMails system. In order to use SafetyMails’ e-mail validation and verification, e-mail information must be shared in order for the processing to take place. Although your e-mail database may contain other personal information of your customers, it is important to mention that SafetyMails does not control the data directly collected by your customers, it does not need it and does not use it to perform the scope of your service.
The option of uploading data from a database counts on a filtering that is configured by the user, being up to him to decide which types of e-mails he wants to be part of the final file. Only the EMAIL is mandatory and used in the treatment process, there is no mandatory collection of any other personal data in the process.
Although it is not the responsibility of SafetyMails to include this data, in order to minimize incidents involving personal data, SafetyMails adopts the best information security practices.
For the real-time email verification:
- Email address only.
4.4 On events and various forms
In order to provide access to exclusive content, digital seminars (webinars), among other content material or services, we collect data, we require:
- Contact Data (Name, Email, Country, Phone)
- Professional profile (Company name, title, number of employees, website)
This information will be used solely for SafetyMails’ relationship with the visitor.
5. How do we handle e-mail data entered into our system?
Once one or more lists are uploaded for processing, they are analyzed by SafetyMails, which can even make changes to the composition of the e-mail records, modifying domains, removing invalid characters, and generating new columns of information to the original table. This process is automatic and has no human interaction.
Results obtained from recent queries (whether an e-mail is valid, invalid, etc.) will individually be part of the SafetyMails global database in order to collaborate with future queries.
The results of consultations may also be part of evaluative research, with the purpose of informing the market about the general quality of the market bases, progress achieved, among other documents such as whitepapers, slide projections, informative videos, and others that SafetyMails considers pertinent, without mentioning specific e-mail addresses, nor characterizing individuals or companies, and therefore not violating the criteria for protection of personal data or confidentiality and secrecy agreements (NDA).
6. With whom does SafetyMails share your data?
To fulfill its processing purposes SafetyMails may share data with third parties who have data protection policies in accordance with the provisions of data protection laws.
These third parties may be services intended for, but not limited to:
- Tax services
- Communication and Marketing services and tools
7. International data transfer
SafetyMails collects and transfers personal data collected to countries located in the European Union, Canada and the United States, countries that provide an adequate level of protection. These transfers occur to SafetyMails Partners acting as personal data processing service providers who demonstrate compliance with data protection best practices and compliance with data protection laws.
By accessing and using the services of SafetyMails, you agree to the processing and transfer of such data to the countries mentioned.
8. How long is the data stored?
About the email validation service, after 3 months of the last analysis performed on a mailing list, it will be automatically deleted from your account, whether it is active or not. Therefore, it is up to the user to download the information from these databases before this period.
You can request that your data be deleted and your account closed at any time.
User information will remain in the system until the user makes a formal request for removal by email. However, although deactivated completely, SafetyMails reserves the right to store this information for a longer period of time in its databases, for evidentiary purposes in legal actions or by determination of legal obligation.
9. Permission to Send Emails
When you hire the services of SafetyMails and create your account, you allow us to send periodic e-mails informing you about aspects that are relevant to the use of the system and customer relations, such as maintenance notices, usage statements, notices of completion of procedures, payments, among others.
It is also SafetyMails’ decision to send, modify the content and design of these e-mails in order to improve the quality of the service.
This e-mailing complies with best practice guidelines for E-mail Marketing, which provide that e-mails that are integral to the provision of a particular service are permitted to be sent, and also with the guidelines of the Can-spam Act – Controlling the Assault of Non-solicited Pronography and Marketing Act of 2003 (Pub.L. 108-187).
10. Data Security
All connections to the SafetyMails control panel, as well as your website and other subdomains, are protected by encrypted SSL certificates from Comodo, the AICPA/CIA WebTrust compliant Certificate Authority.
The Data Center contracted by SafetyMails adopts the highest standard security measures in the market, benefiting from ISO/IEC 27001:2013 certification, international certifications SOC 1 type II (SSAE 16 and ISAE 3401) and SOC 2 type II, and also PCI DSS Level 1 certification.
A user’s access is based on a login (their own e-mail address, given at the time of registration) and a unique, personal password, provided only by e-mail and only once, which must be changed by the user on their first access. SafetyMails will not have access to the password chosen by the user.
In the event of a lost password, SafetyMails can offer a new password, provided there is an express request from the user, which must also be changed after your first access.
The e-mail address provided to the system cannot be changed by the user. For eventual changes, the user must send a request via e-mail (to [email protected]) and wait for a period of up to 48 working hours.
11. What are the rights of data subjects?
Data subjects have various rights in relation to their personal data. It is SafetyMails’ obligation to enable such data subjects to exercise their rights in a free and simplified manner. Among the requests that can be submitted are:
- confirmation of the existence of processing,
- access to data,
- correction of information,
- restriction of excessive data,
- data portability to another provider,
- refusal to give consent,
- revoking consent previously given,
- deleting data processed based on prior consent,
- information on past sharing, and
- review of automated decisions.
Confirmation of the processing of personal data and access (simple or complete) to this information must be made within 72 hours of the request. The other rights will be regulated later by the National Data Protection Authority.
12. How do I contact the SafetyMails DPO?
SafetyMails is Controller and Processor of personal data.
Accordingly, in the pursuit of full transparency and compliance with the highest data protection standards in Brazil and worldwide, a Data Protection Officer (DPO) is hereby appointed who shall be the SafetyMails representative to oversee all matters relating to this policy and the topic of data protection.
If you have questions or need assistance, please contact us:
- Address: Av. Nilo Peçanha, nº50, sala 1808, Centro, Rio de Janeiro, RJ, Brasil, CEP 20200-906.
- Email: [email protected]