Privacy Policy

Thanks for using TinyLetter. This policy explains the what, how, and why of the information we collect when you use TinyLetter. It also explains the specific ways we use and disclose that information. We never sell lists or email addresses. Because TinyLetter is run by the MailChimp team, you'll see some MailChimp references throughout this policy.

THE BASICS

1. Definitions

We’ll start by getting a few definitions out of the way that should help you understand this policy. When we say "we," "us," and "MailChimp,” we’re referring to The Rocket Science Group, LLC d/b/a MailChimp, a State of Georgia limited liability company. When we say “you” or “Member,” we’re referring to the person or entity that’s registered with us to use the Services.

We provide online platforms that you may use to create, send, and manage emails (the “Services”). We offer the Services on our websites http://www.mailchimp.com, http://www.tinyletter.com, and http://www.mandrill.com (each a “Website” and together the “Websites”). In the course of providing the Services, we may collect Personal Information, which means information about a Member. A "Distribution List" is a list of email addresses that one of our Members has sent, or intends to send, emails to, and all information relating to those email addresses.

MailChimp has TRUSTe's Privacy Seal, which means this privacy policy has been reviewed by TRUSTe for compliance with their program requirements, including transparency, accountability, and choice related to the collection and use of your personal information. The TRUSTe program covers our Websites, http://www.mailchimp.com, http://www.tinyletter.com, http://www.mandrill.com, as well as the Golden Monkeys mobile app. TRUSTe is an independent third party that operates a globally recognized privacy trustmark.

2. Changes

If there are any changes to this Privacy Policy, we’ll post them on the Website and send them to the last email address you gave us. Any changes will be effective as of the date we post on the Website or send the email (or whichever date is later). You may object to any changes within 20 days after they’re posted on our Website or delivered to you, in which case none of the proposed changes will be effective with respect to information that we’ve already collected from you; but will apply only to information we collect in the future. We won't treat information of any open account differently from any other open account. If you object to changes in our Privacy Policy, we’ll have to terminate your account. That said, if we ever changed our Privacy Policy to expand our rights to use or disclose Personal Information for marketing purposes, you‘d be able to opt out without termination.

3. Effective Date

This Privacy Policy is effective with respect to any data that we’ve collected, or collect, about and/or from you, according to our Terms of Use.

4. Questions

If you have any questions or comments, or if you want to update, delete, or change any Personal Information you’ve submitted on the Website, please use our contact form to get in touch. You may also contact us by postal mail at:

MailChimp
Privacy Department
512 Means St. Suite 404
Atlanta, GA 30318

If you’re not satisfied with our response you can contact TRUSTe.

YOUR INFORMATION

5. Information We Collect

  1. Information You Provide to Us: When you register to use the Services, communicate with our customer service team, send us an email, or post on our blog, you’re giving us information that we collect. That information may include your IP address, name, physical address, email address, phone number, credit card information, and other details like gender, occupation, and other demographic information. By giving us this information, you consent to your information being collected, used, disclosed, and stored by us, only as described in our Terms of Use and Privacy Policy.
  2. List and Email Information: When you add an email Distribution List or create an email with the Services, we have access to the data on your list and the information in your email.
  3. Information from your Use of the Service: We may get information about how and when you use the Services. This information may include your IP address, time, date, browser used, and actions taken by you within the application.
  4. Cookies: When you register to use MailChimp, we store "cookies," which are strings of code, on your computer. We use those cookies to collect information about when you visit our Website, when you use the Services, your browser type and version, your operating system, and other similar information. You may turn off cookies that have been placed on your computer by following the instructions on your browser, but if you block our cookies, it may be more difficult (and maybe even impossible) to use the Services. When you play one of the videos on the Websites, the Flash player may use local shared objects, which are also called Flash cookies. We don’t use these Flash cookies for anything, but we can’t stop the player from dropping them (we tried).
  5. Web Beacons: When we send emails to registered MailChimp customers, we'll sometimes track who opened the emails and who clicked the links. We do that to measure our Email Campaigns’ performance and to improve our features for specific segments of customers. To do this, we include single pixel gifs, also called web beacons, in emails we send. Web beacons allow us to collect information about when you open the email, your IP address, your browser or email client type, and other similar details. We also include Web Beacons in the emails we deliver for you. We use the data from those Web Beacons to create the reports you see about who has or hasn’t opened emails or clicked links. Reports are also available to us when we send you email, so we may collect and review that information.
  6. Information from Other Sources: We may get more information about you, like name, age and participation in social media websites, by searching the internet or querying third parties (we’ll refer to that information as Supplemental Member Information). We only collect data that’s publicly available or provided by a third party according to its terms of use.

6. Use and Disclosure of Your Personal Information

We may use and disclose your Personal Information only as follows:

  1. To promote use of our Services. For example, if you leave your Personal Information when you visit our Website and don’t sign up for any of the Services, we may send you an email asking whether you want to sign up. And if you use any of our Services, and we think you might benefit from using another Service we offer, we may send you an email telling you about it.
  2. To bill and collect money owed to us. This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and we send billing information to those third parties to process your orders and credit card payments. To learn more about the steps we take to safeguard that data, see Section 7 below.
  3. To send you System Alert Messages. For example, we may let you know about temporary or permanent changes to our Services, like planned outages, new features, version updates, releases, abuse warnings, and changes to our Privacy Policy.
  4. To enforce compliance with our Terms of Use and applicable law. This may include developing tools and algorithms that help us prevent violations.
  5. To provide customer support.
  6. To protect the rights and safety of our Members and third parties, as well as our own.
  7. To meet legal requirements like complying with court orders and valid subpoenas.
  8. To provide information to representatives and advisors, like attorneys and accountants, to help us comply with legal, accounting, or security requirements.
  9. To prosecute and defend a court, arbitration, or similar proceeding.
  10. To support and improve the Services we offer. This includes adding features that compare Members' Email Campaigns, or using data to suggest other publishers your subscribers may be interested in.
  11. To communicate with you about your account for informational, not promotional, reasons.
  12. To transfer your information in the case of a sale, merger, consolidation or acquisition. In that event, any acquirer will be subject to our obligations under this Privacy Policy.
  13. To send you informational and promotional content that you may choose (or "opt in") to receive. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email.

7. Public Information and Third Parties

  1. Blog. We have public blogs on our Websites. Any information you include in a comment on our blog may be read, collected, and used by anyone. If your Personal Information appears on our blogs and you’d like it to be removed, contact us here. If we’re not able to remove your information, we’ll let you know why.
  2. Social Media Widgets. Our Websites include social media features, like the Facebook Like button. These features may collect information about your IP address and which page you’re visiting on our site, and they may set a cookie to make sure the feature functions properly. Social media features and widgets are either hosted by a third party or hosted directly on our site. Your interactions with those features are governed by the privacy policies of the companies that provide them.
  3. Links to Third-Party Sites. Our Websites include links to other websites, whose privacy practices may be different from MailChimp’s. If you submit Personal Information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any Website you visit.

8. Content of Email Campaigns

When you send email marketing, it bounces around from server to server as it crosses the internet. Along the way, server administrators can read what you send. Email wasn’t built for confidential information. If you have something confidential to send, please don’t use MailChimp.

Sometimes we review the content of our Members’ email campaigns to make sure they comply with our Terms of Use. To improve that process, we have software that helps us find email campaigns that may violate our Terms. Our employees or independent contractors may review those particular Email Campaigns. This benefits all of our Members who comply with the Terms of Use because, among other things, it reduces the amount of spam being sent through our servers and helps to maintain high deliverability.

YOUR LISTS

9. Your Distribution Lists

Your subscriber lists are stored on a secure MailChimp server. We don’t, under any circumstances, sell your lists, contact people on your lists, market to people on your lists, steal your lists, or share your lists with any other party, unless it’s required by law. If someone on your list complains or contacts us, we may then contact that person. Only authorized employees have access to view Distribution Lists. You may export (download) your lists from MailChimp at any time, as long as we have a copy.

We’ll use and disclose the information in your Distribution Lists only for the reasons listed under Use of Your Personal Information, except the following. (In other words, we will not use and disclose the information in your Distribution Lists to):

  • bill or collect money owed to us;
  • send you system alert messages;
  • communicate with you about your account; or
  • send you informational and promotional content.

SECURITY

10. Notice of Breach of Security

Nobody’s safe from hackers. If a security breach causes an unauthorized intrusion into our system that materially affects you or people on your Distribution Lists, then MailChimp will notify you as soon as possible and later report the action we took in response.

11. Safeguarding Your Information

To protect your information, our credit card processing vendor uses the latest 128-bit Secure Socket Layer (SSL) technology for secure transactions. Our vendor is certified as compliant with card association security initiatives, like the Visa Cardholder Information Security and Compliance (CISP), MasterCard® (SDP), and Discovery Information Security and Compliance (DISC).

MailChimp accounts require a username and password to log in. You must keep your username and password secure, and never disclose it to a third party. Because the information in your Distribution Lists is so sensitive, account passwords are encrypted, which means we can’t see your passwords. We can’t resend forgotten passwords either. We’ll only reset them.

COMPLIANCE

12. Safe Harbor Certification.

MailChimp complies with the U.S.–E.U. and U.S.–Swiss Safe Harbor Framework, which is overseen by the U.S. Department of Commerce and covers the collection, use, and retention of personal data from European Union member countries and Switzerland. We certify that we follow the principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. A data processing agreement is available upon request, please contact privacy@mailchimp.com.

13. Accuracy of Data, Transparency, and Choice

We do our best to keep your data accurate and up to date, to the extent that you provide us with the information we need to do that. If your data changes (like a new email address), then you’re responsible for notifying us of those changes.

We only store data about you for as long as it’s reasonably required to fulfill the purposes that gave us the right to access it in the first place. We keep some data indefinitely, relating to when and where Emails were sent, which bounced, which resulted in a complaint, and similar information, because we use it to help us screen out people who violate SPAM laws, and for other reasons explained in this policy.

We’ll give you access to any Personal Information about you that we hold within 30 days of any request for that information you make by emailing legal@mailchimp.com. Unless it’s prohibited by law, we’ll remove any Personal Information about you from our servers at your request.

14. Enforcement

We and TRUSTe regularly review our compliance with this Privacy Policy. If we receive a written complaint, then we’ll respond to the person who made it. We work with TRUSTe to resolve any complaints that we can’t resolve with our Members directly.

Thanks for taking the time to learn about The Rocket Science Group’s privacy policy, and thanks for trusting us to handle your email.

Updated March 15, 2013