Privacy Policy

Policy Version Date: August 2, 2011

SendGrid, Inc. (“SendGrid,” “Us,” or “We”) is committed to protecting the privacy of the users of the http://www.sendgrid.com web site (the “Site”) and the services offered through the Site, including by way of example the email and other communications sent through those services (the “Services”). Additionally, SendGrid adheres to the Safe Harbor Principles as agreed to and set forth by the United States Department of Commerce and the European Union (“EU”). This privacy policy (the “Policy”)) discloses SendGrid’s information privacy practices for the Site and Services. This policy is intended to inform users of our Services and other visitors to the Site of the information collection and use practices of the Site and Services.

Please see the Notification of Changes section below for information regarding changes to this Policy. If you have questions or concerns regarding this Policy, you should contact SendGrid by e-mail at legal@sendgrid.com.

COLLECTION AND USE OF INFORMATION GENERALLY.

SendGrid collects information directly from the users of our Site and Services. SendGrid also receives information regarding users from our customers and from other third parties. We will not sell, share, transfer, or use the information we collect from users or receive from our customers or other third parties regarding users other than as stated in this Policy

In addition, we will not sell, share, transfer, or use the information we receive from our customers or from other third parties regarding users except in accordance with the directions of those customers and other third parties.

COLLECTION AND USE OF INFORMATION BY OUR CUSTOMERS AND OTHER THIRD PARTIES.

Certain of the web sites of SendGrid’s customers, advertisers or affiliates and other third-parties may be accessible through the Site or through email or other communications sent through the Services. You may be asked to provide personally identifiable information (or other information) to these customers or other third parties through these web sites or through the communications sent to you through the Services, including by way of example when you click on a link on the Site to one of these other web sites or on a link in an email or other communication sent through the Services. These customers and third parties maintain their own privacy and data collection policies and practices. This Policy covers only information collected through the Site and Services and does not extend to our customers or any third parties. SENDGRID IS NOT RESPONSIBLE FOR THE POLICIES OR PRACTICES OF OUR CUSTOMERS OR ANY THIRD PARTIES. YOU SHOULD REVIEW THE APPLICABLE PRIVACY POLICIES OF OUR CUSTOMERS AND ANY THIRD PARTIES BEFORE PROVIDING THEM WITH ANY PERSONALLY IDENTIFIABLE INFORMATION.

COLLECTION AND USE OF PERSONALLY IDENTIFIABLE INFORMATION BY SENDGRID.

We only collect and use personally identifiable information regarding users of the Site or Services as described in this Policy. In addition, we do not process or use personally identifiable information that we collect or that is received from our customers or from other third parties in a way that is incompatible with the purposes for which it was collected or received or subsequently authorized by you. Except as noted in this Policy, personally identifiable information collected by SendGrid on the Site or through the Services is NOT shared with third parties without your consent.

We may automatically collect personally identifiable information from you when you access the Site or use or access the Services. We may also collect personally identifiable information from you through a number of voluntary sources on the Site or through the Services, including through emails or other communications sent through the Services. For example, these sources may include responses, registrations, surveys, reviews, comments, confirmations, emails, postings, messages, telephone calls, written correspondence or other electronic submissions and communications sent by you to the Site or through the Services. The personally identifiable information we may collect from you will include, by way of example:

  • Domain name and Internet Protocol (IP) address;
  • E-mail address;
  • Contact information (including, name, address, zip code, country, and phone number);
  • Gender;
  • Financial information, such as account or credit card numbers;
  • User-specific and aggregate information on areas of the Site accessed and the Services used;
  • Username and password information for the Site or Services; and
  • Other information you volunteer to the Site, through the Services or through other means of communication, such as responses, registrations, surveys, reviews, comments, confirmations, emails, postings, messages, telephone calls, written correspondence or other electronic submissions and communications sent by you to the Site or through the Services.

YOU SHOULD NOT PROVIDE SENDGRID WITH ANY PERSONALLY IDENTIFIABLE INFORMATION (OR SUBMIT OR POST ANY PERSONALLY IDENTIFIABLE INFORMATION TO THE SITE OR IN RESPONSE TO ANY EMAIL OR OTHER COMMUNICATION) UNLESS YOU WOULD LIKE THAT INFORMATION TO BE USED IN ACCORDANCE WITH THIS POLICY.

If you register for the Site or Services through a third-party, the personally identifiable information you have provided in connection with your registration may be imported into your account on for the Services. The personally identifiable information we may collect from you will also include any information imported from any such third-party.

The personally identifiable information that SendGrid collects from users of the Site or Services (both registered and unregistered) may be used for a variety of purposes, including by way of example:

  • Providing the Services;
  • Customizing advertising or other content displayed on the Site or through the Services;
  • Customizing the layout of the Site or Services;
  • Notifying users of the Site or Services about updates to and activities on the Site or Services and about goods and services that we feel may be of interest to you;
  • Improving the content of the Site or Services;
  • Analyzing data and patterns regarding usage of the Site or Services;
  • Contacting users of the Site or Services for marketing purposes; and
  • Contacting users of the Site or Services for information verification purposes.

We may also share certain personally identifiable information we collect through the Site or Services with third party companies so that they may offer products and services to users of our Site or Services that we believe will be of interest to those users. We may also share certain personally identifiable information with third party advertisement serving companies to better target the advertising and other content displayed on the Site or Services and provide pertinent offers we think may be of interest to our users. You may opt-out of disclosure of your information to third parties for direct marketing purposes. Please see the Choice and Opt-out section below. In addition, third party advertisers may receive certain personally identifiable information about you if you click on advertisements displayed on the Site or through the Services. Clicking on any advertisement displayed on the Site or through the Services will be considered your consent to “opt in” for this transfer.

USE OF PERSONAL INFORMATION RECEIVED FROM THE EU.

When SendGrid is a data controller. SendGrid adheres to the Safe Harbor Principles as described in this Policy with respect to the personal data we collect from EU data subjects, which includes data used to establish accounts, process orders, process payments and otherwise provide the Services. We have certified our compliance with the Safe Harbor Principles to the United States Department of Commerce, and our certification can be found at http://www.export.gov/safeharbor.

When SendGrid is a data processor. SendGrid’s obligations with respect to personal data for which we are solely a data processor, such as personal data received from our customers or from other third parties that we use to generate and transmit email and other communications through the Services, are defined in our agreements with those customers and are not included in this Policy. In those circumstances, we receive personal data from the EU as an agent for the customer or other third party merely for processing and are not required to apply the Safe Harbor principles to that information. In those circumstances, our customers or those other third parties will remain responsible for personal data that they collect and for compliance with the applicable data protection laws.

COLLECTION AND USE OF NON-PERSONALLY IDENTIFIABLE INFORMATION BY SENDGRID.

Where possible, our server automatically recognizes and collects certain non-personally identifiable information regarding visitors to the Site and users of the Services, including by way of example, IP address, browser type, and other information regarding the system and connection of each visitor or user. We also collect information about how visitors access and use the Site and Services, including by way of example what pages of the Site are viewed and what portions of services are used. When providing the Services, we collect information regarding the performance of the Services, which includes metrics related to the deliverability of emails and other electronic communications. This information allows us to improve the content of the Site and Services, facilitate research and analysis of the Site and Services, and develop and refine our Services. Sometimes, we utilize the services of a third party to help us understand this information better, although the information that is disclosed to these entities remains at all times in anonymous and non-personally identifiable form. We may also provide this information to our customers in anonymous and non-personally identifiable form.

CHILDREN.

The Site and Services are not directed to children under 13 years of age. SendGrid does not knowingly solicit or collect personal information from children under 13 years of age.

SENSITIVE INFORMATION.

SendGrid does not knowingly solicit or collect, and you should not provide, any information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs or other sensitive information.

DISCLOSURE AS REQUIRED BY LAW.

Though we make every reasonable effort to preserve user privacy, we may need to disclose personally identifiable information of certain users of the Site or Services when we have a reasonable and good-faith belief that the disclosure is necessary to enforce the Terms of Use for the Site, comply with a judicial proceeding, court order or other legal process, or to otherwise enforce or protect SendGrid’s rights under applicable law, including, without limitation, SendGrid’s intellectual property rights. In this situation we will use reasonable efforts to provide notice of this disclosure to all affected users, to the extent reasonably possible under the circumstances.

ENHANCEMENT OF PERSONAL INFORMATION.

We may combine and enhance the information we collect from our users with third party data and information to better target our advertising and provide pertinent offers in which we think our users would be interested. Certain summary demographics are also used in our research product offerings. Individual personally identifiable information we collect is never used in our research product offering and is never tied back to an individual user or resold for any purposes.

SERVICE ANNOUNCEMENTS AND CUSTOMER SERVICE.

On occasion it is necessary to send out service related announcements. For instance, if the Site or any of the Services is temporarily suspended for maintenance we might send users an email. We also communicate with users to provide customer service in accordance with our Terms of Service. Generally, users may not opt-out of these communications without also deactivating their account and ceasing use of the Services. These communications are not promotional in nature.

SPECIAL OFFERS AND UPDATES.

We may send new registrants of the Site or Services a welcoming email to verify password and username. Established members may occasionally also receive information on products, services and special deals, and periodic newsletters. Out of respect for the privacy of our users we present the option to not receive these types of communications. Please see the Choice and Opt-out section.

YOUR CALIFORNIA PRIVACY RIGHTS.

California law provides that California residents have a right to request that businesses tell them how their personally identifiable information has been shared with third parties for those third parties’ direct marketing purposes. However, there is an exception to this requirement for businesses that have adopted and disclosed, in their privacy policy, a policy of not disclosing a person’s personally identifiable information to third parties for those third parties’ direct marketing purposes if that person has exercised an option to opt-out of the disclosure of their personally identifiable information to third parties for such purposes.

SendGrid has adopted a policy of allowing you to opt-out of the disclosure of your personally identifiable information to third parties for their direct marketing purposes and thus falls within this exception. Instructions for opting out can be found in the section below entitled “Choice and Opt-Out.”

CHOICE AND OPT-OUT.

We provide you with a choice whether to receive certain emails and other communications through the Site and Services.

We provide you the opportunity to ‘opt-out’ of having your personally identifiable information used for certain purposes. If you are a user of the Site or Services and you no longer wish to receive emails or other communications from us or have your email address or other contect information shared with third parties, you may opt-out of receiving email or other communications from us or having your email address or other contact information shared with third parties. Some communications (e.g. important account notifications and billing information) are considered transactional and are necessary for all SendGrid customers. Customers must cancel your SendGrid account to unsubscribe you from these communications.

In addition, if you would prefer that we not share your personally identifiable information with third parties for the third parties’ direct marketing purposes, you may opt-out of having your personally identifiable information shared with third parties for the third parties’ direct marketing purposes.

All opt-out requests can be made by emailing us at: legal@sendgrid.com. Please note that it may take up to 10 days to remove your contact information from our marketing communications lists, so you may receive correspondence from us for a short time after you make your request.

COOKIES AND WEB BEACONS.

“Cookies” include commonly used pieces of information in the form of small files that are placed on an individual’s computer hard drive to enable the individual to more easily communicate and interact with the Site and Services. We may use cookies on the site or in communications sent through the Services for various purposes, including by way of example:

  • Saving user preferences;
  • Customizing content of the Site for individual users;
  • Ensuring that users are not repeatedly sent the same banner ads;
  • Recording session information;
  • Saving certain information about users of the Site and others who visit the Site; and
  • Facilitating and enhancing interaction with the Site.

SendGrid does not use cookies to retrieve information from a computer that is unrelated to SendGrid or the Site or Services.

A cookie does not collect or keep your name or other personally identifying information; however, we may link the information obtained through cookies to other personally identifiable information to give us a better understanding of your preferences, so that we can provide a more meaningful experience to you on our Site and through our Services.

“Web beacons” (also known as “single-pixel” or “clear” GIFs) include electronic images imbedded in the Site or in communications sent through the Services which are invisible to users. Web beacons collect information, such as identifiers, time and date of access, and descriptions of the pages or communications in which the web beacons are imbedded. The Site and communications sent through the Services may include web beacons. We may use the web beacons on the Site and in communications sent through the Services for various purposes, including by way of example to track users who have visited our Site, viewed advertisements on the Site or in communications sent through the Services, or otherwise accessed communications sent through the Services.

We may use an outside advertisement serving company to display advertisements on the Site or in communications sent through the Services. The advertisement serving company may place and collect cookies or web beacons when it displays an advertisement on the Site or through the Services. We do not have access to information that would confirm the use of cookies or web beacons by the advertisement serving company. We may also use a third party provider to analyze data and patterns regarding usage of the Site and the communications sent through Services. This third party provider may use cookies or web beacons to collect such information.

Most browsers will allow you to erase cookies from your computer hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You may also be able to refuse certain web beacons by adjusting the settings on your browser or email software. Please refer to your browser or email software instructions or help screen to learn more about these functions.

ACCESS, REVIEW, AND UPDATE OF INFORMATION.

SendGrid takes reasonable steps to ensure that the data we collect is reliable for its intended use, accurate, complete and current. The users of the Site or Services should email us at legal@sendgrid.com to review, delete, deactivate, update or change any personal information that was previously provided to or collected by SendGrid.

CONSENT TO THE USE OF THIRD PARTY PROVIDERS.

In addition to the specific third parties noted in this Policy, SendGrid may also contract with Agents to provide various services to SendGrid relating to the Site or Services on an outsourced basis rather than performing the services itself (as used here, “Agents” are persons on companies who act on behalf of or under the direction of SendGrid). For example, SendGrid may contract with a web site hosting provider to host all or a portion of the Site or Services for SendGrid.

SendGrid will not transfer information collected from EU data subjects to any of its Agents unless it first ascertains that the Agent subscribes to the Safe Harbor Principles or is subject to the EU Directive on Data Protection or another adequacy finding or enters into a written agreement with such Agent requiring that the Agent provide at least the same level of privacy protection as is required by the relevant Safe Harbor Principles.

By visiting the Site or using the Services, all visitors consent to SendGrid providing both personal and non-personal information received from those visitors to these Agents for the purpose of enabling the third party provider to provide these outsourced services to SendGrid. In addition, all visitors consent to the collection, maintenance, and processing of their personal and non-personal information by SendGrid and these Agents.

NOTIFICATION OF CHANGES.

We will either notify users of any changes to this Policy. Notification will be made by way of an e-mail or by posting of the changes on the Site . Changes to this Policy will be effective 30 days following notice. Your continued use of the Site or Services after any change has become effective will constitute your acceptance of that change.

Unless we seek and receive consent from a user, we will use information we collect from users in accordance with the version of the Policy effective when the information was last collected. Users may contact us regarding any change to this Policy, including to prevent their information from being used pursuant to any change to this Policy, by emailing us at legal@sendgrid.com.

SECURITY.

We will use at least industry standard security measures on the Site to protect the loss, misuse and alteration of the information under our control. While there is no such thing as “perfect security” on the Internet, we will take all reasonable steps to insure the safety of your personal information. For example, our policy is that only those individuals who need your personally identifiable information to perform a specific job are granted access to that personally identifiable information. Likewise, all employees and contractors are kept up-to-date on our security and privacy practices. Finally, the servers that we store personally identifiable information on are kept in a secure environment.

VERIFICATION.

SendGrid utilizes a self-assessment approach to ensure its compliance with this Policy. We regularly verify that this Policy is accurate, comprehensive, prominently displayed, completely implemented and in conformity with the Safe Harbor Principles and conduct our self-assessment on an annual basis. We appropriately train our employees and have internal procedures for conducting objective compliance reviews.

ENFORCEMENT.

SendGrid encourages individuals covered by this Policy to raise any concerns about our processing of personally information by contacting SendGrid as set forth below. SendGrid will seek to resolve any concerns. If your inquiry has not been satisfactorily addressed and you are located in the EU, you may contact the Direct Marketing Association, elected for Dispute Resolution pursuant to our Safe Harbor self-certification, at Direct Marketing Association, Attn: Safe Harbor Line, 1615 L Street NW, Suite 1100, Washington, D.C. 20036 orsafeharbor@the-dma.org.

CONTACT INFORMATION.

All inquiries concerning this Policy and the Site or Services in general may be sent to legal@sendgrid.com.

TRANSFER OF INFORMATION.

If SendGrid elects, in its reasonable discretion, to transfer ownership or control of the Site or Services to a third party, whether or not in the context of an acquisition, merger, or reorganization, you consent to the transfer of your personally identifiable information and non-personally identifiable information by SendGrid to that third party, provided that all use of your information by that third party remains subject to the terms of this Policy and any applicable requirements of the Safe Harbor Principles.

Thank you for visiting the Site and using the Services.