PoliteMail Privacy Policy Statement

Privacy Policy Statement

This policy applies to use of our products and services, including PoliteMail for Outlook, Commlytics for Teams, EntraSync, Circular Gauge with Comparison for PowerBI, as well as use of our websites including PoliteMail.com, Commlytics.com, and any domains utilized for provision of our SaaS services.

If you license and operate our products on premise, you are in control of your own data privacy and security, other than the data you share with us for purchasing and provisioning, which is covered herein.

Your data is your data. We secure and protect it. We do not use, rent, sell or otherwise provide your email address(es), database or personal data to any third party for marketing or any other purpose other than to provision and maintain the products and services we provide to you.

PoliteMail provides corporate communications software and services. We understand and respect the importance of your employee data privacy and security.

This policy statement describes the data collected by PoliteMail.com as well as data collected as a function of your utilization of our software and cloud services, and explains how PoliteMail Software and any owned and operated websites including PoliteMail.com protect and use personal information you may provide to us; or that is collected through your interactions with us as well as the use of our products and cloud services.

Summary

We will not share, sell, lease or otherwise provide your data or personal information to other parties for marketing or sales purposes. We ensure any third party vendors engaged by PoliteMail with access to systems containing your data shall be obligated to have and follow a data security and privacy program at least equivalent to our own.

We do not store your credit card information on any of our systems or servers. For recurring purchases, our credit card agents (Stripe, Inc., Intuit, Inc. (Quickbooks.intuit.com), Authorize.Net) securely process and store your information within a PCI compliant infrastructure. Our payment processing agents may collect identifying data for transactions via forms, cookies or similar technologies for devices which connect to their services. Such information to provide and improve the services, and for authentication, fraud detection, loss prevention, and analytics related to the services system performance. For more information, please see our agents privacy policies via the links above.

We do not operate our own network data operations center. We partner with  Microsoft Azure and Cloudflare, and have third party security vendors conduct annual SOC-2 and ISO27001 certification audits of our own operational and SaaS production infrastructure and systems.

PoliteMail utilizes first party cookies and web tracking devices (beacons) to measure interactive behavior, interests, activities and interactions with our business and products. The intent of this data collection is to provide conveniences and service, while informing our communications and product development decisions.

We are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). We may also be required at times to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Unless otherwise prohibited, we will notify you of such requests and provide an opportunity to waive your rights or to seek a protective order or other appropriate remedy.

If our business is acquired, then your information will be transferred upon sale to the purchasing entity, without prior notice.

GDPR, CCPA, PIPEDA and other privacy legislation

PoliteMail complies with the European Union and United Kingdom General Data Protection Regulation (GDPR), the California Consumer Privacy Act of 2018 (CCPA) the Canadian Personal Information Protection nd Electronic Documents Act (PIPEDA), as well as other similar data privacy and protection legislation regarding the collection, use, and retention of personal data. When applicable, PoliteMail relies on the Standard Contractual Clauses (SCCs) approved by the European Commission and UK for data transfers from controllers or processors in those regions to our processing in the United States. These clauses provide appropriate safeguards, including enforceable data subject rights and effective legal remedies, pursuant to Article 46(1) and Article 46(2)(c) of the GDPR. The SCCs ensure that all personal data transferred to third countries is processed in compliance with GDPR requirements.

Security

PoliteMail Software takes commercially reasonable steps to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. PoliteMail Software has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. We utilize firewalls, secure socket layers and encryption techniques to safeguard your information. Information is encrypted during transfer via secure (HTTPS) connections and encrypted at rest via AES-256 within databases and storage areas protected by firewalls. Access to your information is restricted to authorized accounts, authorized PoliteMail Software personnel and authorized contracted partners only. PoliteMail Software requires employees complete annual security awareness training appropriate to their roles and access permissions.

Data Integrity

PoliteMail Software shall only process Personal Data in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the data owner/controller. To the extent necessary for those purposes, PoliteMail Software shall take reasonable steps to ensure that Personal Data is accurate, complete, current and reliable for its intended use.

Access

Data subjects have the right to access Personal Data held by PoliteMail Software about them. Any data subject that desires to review or update his or her Personal Data may do so by contacting PoliteMail Software through the Contact Information described below. Upon request, PoliteMail Software will grant individuals reasonable access to their Personal Data and shall take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. In the case where PoliteMail is collecting data for our Customer, the Customer is responsible to provide such access, and PoliteMail will cooperate with the Customer to provide reasonable access. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should submit a written request to the contact information listed below. If requested to remove data, we will respond within a reasonable timeframe.

Contact Information

Questions or comments regarding this Privacy Statement should be submitted to PoliteMail Software by mail.

Data Privacy & Security Office
Politemail Software
655 Portsmouth Ave, Suite 11
Greenland, NH 03840
US