Terms of Service

LAST UPDATE: 03 MAY 2022

Privacy and security are of utmost importance to Pigeon Mail and we strive to ensure that our technical and organisational measures in place respect your data protection rights.

This Terms of Service describes how we manage, process and store personal data submitted in the context of providing our services. “Personal data” refers to any information relating to an identifiable individual or his or her personal identity.

Pigeon Mail's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.


CONSENT

In subscribing to our services or filling in a contact form on our website, you agree and accept that we may gather, process, store and/or use the personal data submitted in accordance with the rules set forth below.

By giving your consent to us, you also retain the right to have your personal data rectified, to be forgotten and/or to be erased.


PERSONAL DATA COLLECTED

With each mail merge campaign, only a subset of information are stored in our secure servers. Such information are called metadata and contain the followings:

• Spreadsheet’s ID
• Unique identifier for email recipient (Not Personally Identifiable Information)

To protect users' and their data privacy, we convert the recipient email address into an alphanumeric code that is stored at the backend to keep a track of the email opens, bounce, etc. The recipients' email addresses are never stored on our servers.

This is the exhaustive list of information that are saved at each merge. As seen above, email addresses of your recipients are not transmitted to our server, nor any other information inside the sheet.


SCOPE JUSTIFICATION

Our app collects different sensitive and restricted scopes in order to deliver the intended experience for our users

• Send email as you
  Our tool is meant to send personalized emails using Gmail and hence, “sending email as you” is a critical scope that we need permission to. This utilizes add-ons Email Quota of 100 emails per day


• Connect to an external service
  We need to check the details of the user’s subscription and account quota limit before we allow them to send personalized emails. For this purpose, access to an external service is required. However, we never transmit any user sensitive information to external APIs.
  
  
• Allow this application to run when you are not present
  The app allows users to schedule the emails at a later time for the email scheduling feature. Hence, permission is required. Additionally, the app also updates the status of the emails when it is ‘SENT’, ‘BOUNCED’, ‘READ’, etc. The status updates in the background even when the user is not using the sheet.
  
  
• Display and run third-party web content in prompts and sidebars inside Google applications
  Our app users can access our app from the sidebar on Google Sheets, Gmail or other Google Products for easier access. Users can click on our app icon from the sidebar and then perform the task of sending personalized emails.
  
  
• Send email on your behalf
  Our tool is meant to send personalized emails using Gmail and hence, “sending email as you” is a critical scope that we need permission to. This utilizes Gmail User's Quota of 500 emails per day.
  
  
• View your email messages and settings
  Our app updates the status of the sent emails such as “SENT”, “BOUNCED”, “OPENED”, hence this permission is required. We also need to fetch the drafts to pick messages to send the email campaigns.

Although our app has to request permission to send emails on your behalf or read your emails, our app does not use these scopes to read any of your emails at all. The only data that is transmitted to our secure servers is an alpanumeric identifier for all the users whom you are sending the emails. This data has to be used to ensure that we're able to monitor the email opens or bounces and indicate the same on the spreadsheet.


NEWSLETTER AND MARKETING EMAILS

An unsubscribe link should be included in every newsletter and marketing email sent by you. For those of you that have expressly opted in to receive our Pigeon Mail newsletter, you are easily able to unsubscribe by following the “unsubscribe” links included in every email.


EMAIL STATISTICS

Without systematically doing so, we may analyse and track the various rates (for example: click, open, bounce rates) and the number of emails sent which you open to assess performance rates on your emailing campaigns.
However, while doing so, none of these data are stored on our servers. Even the email content is fetched from your Gmail's Draft Folder


TESTIMONIALS

We may publish Customer Testimonials on its site with information on our customers’ names and job titles. Pigeon Mail undertakes to obtain the authorisation of every customer before publishing any testimonial on its website. If you wish to be removed from this list, you can send us an email to mark@pigeonmail.co and we will delete your information promptly.


THIRD PARTY DISCLOSURES

Pigeon Mail does not sell or rent your personal data to third parties for marketing purposes whatsoever. We do not store any data in our backend servers as well.


YOUR DATA PROTECTION RIGHTS

You have a right of access, correction and removal of your data which you may exercise by sending us a support ticket at mark@pigeonmail.co. Your requests will be processed within 30 days.


TRACKING

Pigeon Mail uses analytics and tracking tools to measure website and digital data to gain customer insights, to carry out analyses on browsing experience so as to improve content.


THIRD PARTY DATA

• In the context of using our services, namely creating bulk email campaigns, Pigeon Mail has access to some information contained in the spreadsheet you created inside Google services (namely Google Mail and Google Spreadsheet), as well as the subject and content of the emails that you send out via our services.
• This data is not stored on our secure servers, but is processed on Google services directly. Only a limited part of such data (namely metadata that is not personally identifiable) are transmitted to our secure servers, with a limited list of people that are authorised to access such data, in particular for the purpose of providing support services.
• You are easily able to recover, modify and or delete such information, at any time, right from your Google Spreadsheet. Once such data are removed from Google Spreadsheet, we are unable to retrieve metadata.
• In no case does Pigeon Mail sell, share or rent out any of your information to third parties, including but not limited to contacts list, nor does it use them for any purposes other than those set forth in this policy. We will use the information from your Google Spreadsheet only for technical requirements and for the purposes of providing you with customer support services.

As a creator of the contact lists and associated email campaigns, you are considered the data controller within the meaning of the GDPR, and Pigeon Mail is acting only as a data processor. In this capacity, you are responsible in particular for:

• making all the declarations necessary to the relative data protection authority,
• complying with all current regulations in force, including the data protection laws,
• obtaining the explicit consent of the persons concerned when collecting their personal data,
• ensuring your authority to use the personal data collected in accordance with the defined end purposes and refraining from any unauthorised use.

If a recipient of your emails sent via our services requests us to modify or delete his/her personal data, we will honor that request after proper verification and will inform you of it.


DATA RETENTION PERIODS

Pigeon Mail only stores your data for the time needed to provide to you our services, and in no event no longer than 3 months after closing your account (unless otherwise required by law). You are able to access your personal data for as long as you hold an active account with us and for a period that varies depending on the type of data concerned. Your event data (statistics, for example), will be deleted every 3 months during active use of your account. Other data may be deleted at any time during active use of your account in accordance with the provisions set forth above.


LOCATION OF DATA STORAGE AND TRANSFERS

The host servers on which Pigeon Mail processes and stores its databases are located exclusively within the Google infrastructure.
Pigeon Mail will inform you immediately, to the extent we are legally authorised to do so, in case of any application or order originating from an administrative or judicial authority relating to your personal data.


SECURITY

Within the framework of its services, Pigeon Mail attributes the very highest importance to the security and integrity of its customers’ personal data.

Thus and in accordance with the GDPR, Pigeon Mail undertakes to take all pertinent precautions in order to preserve the security of the data and, in particular, to protect them against any accidental or unlawful destruction, accidental loss, corruption, unauthorised circulation or access, as well as against any other form of unlawful processing or disclosure to unauthorised persons.

To this end, Pigeon Mail implements industry standard security measures to protect personal data from unauthorised disclosure. In using industry recommended methods of encoding, Pigeon Mail takes the measures necessary to protect information connected with payments and credit cards.

Moreover, in order to avoid in particular all unauthorised access, to guarantee accuracy and the proper use of the data, Pigeon Mail has put the appropriate electronic, physical and managerial procedures in place with a view to safeguarding and preserving the data gathered through its services.

Nothwithstanding this, there is no absolute safety from piracy or hackers. That is why in the event a breach of security were to affect you, Pigeon Mail undertakes to inform you thereof without undue delay and to use its best efforts to take all possible measures to neutralise the intrusion and minimise the impacts. Should you suffer any loss by reason of the exploitation by a third party of a security breach, Pigeon Mail undertakes to provide you with every assistance necessary so you are able to assert your rights. Moreover if, by some exceptional case, the direct loss incurred arose due to fault or gross negligence by Pigeon Mail, you will be able to seek compensation within the limit of liability referred to in our Terms of Use.

You should keep in mind that any user, customer or hacker who discovers and takes advantage of a breach in security renders him or herself liable to criminal prosecution and that Pigeon Mail will take all measures, including filing a complaint and/or bringing court action, to preserve the data and the rights of its users and of itself and to limit the impacts.


Terms of Service CHANGES

Pigeon Mail reserves the right to update this Terms of Service at any time, in particular pursuant to any changes made to the laws and regulations in force. Any modifications made will be notified to you via our Website or by email, to the extent possible, thirty (30) days at least before any changes come into force. We would recommend that you check these rules from time to time to stay informed of our procedures and rules relating to your personal information.


CONTACT US

If you have questions, you can email us at Data Protection Officer directly at: mark@pigeonmail.co