We recommend that you read this Policy in full to ensure you are fully informed. However, if you only want to access a particular section of this Policy, then you can click on the relevant link below to jump to that section.
When setting up a SendGrid account, You will be asked to provide certain basic information such as a name, email address, username, password, company name, occupation, location and phone number (e.g. if You are using two-factor authentication). If You purchase one of Our paid plans, You may also need to provide Us with payment and billing information such as the Customer’s credit card details and billing address.
As a Customer, SendGrid will also maintain a record of Your purchases, transactional information, Services history and usage, and any communications and responses.
We may also collect personal information, such as Your contact information, job details and feedback, when You attend Our events, take part in surveys, or through other business or marketing interactions We may have with You.
We collect this information automatically through the use of various commonly used information-gathering technologies including cookies and web beacons, to collect information as users and Visitors navigate the Website and use the Services (“Web Site Navigational Information”). We use these technologies to analyze trends, administer Web sites and Services, track users’ and Visitors’ movements around Our Website and Services, serve targeted advertisements and gather demographic information about Our user and Visitor base as a whole. Additional information about Our use of Web Site Navigational Information is available at https://sendgrid.com/policies/privacy/website-navigational-information/.
We will use such personal information to: provide and deliver the Services to the Customer, prevent or address any service or technical issues, respond to a Customer’s request, instructions or support request, or for any other purpose provided for in the Customer agreement, or in accordance with or as may be required by law.
In such cases, it is the Customer (or, as the case may be, other third parties) who remain responsible for the handling of the personal information and with compliance with any applicable data privacy laws. If You have questions or concerns about how such personal information is handled, You should contact the relevant entity that is using the Services, and refer to their separate privacy policies.
Legal basis for processing (EEA individuals only)
If You are from the European Economic Area (“EEA”), Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which We collect it.
However, We will normally collect personal information from You only where We have Your consent to do so, where We need the personal information to perform a contract with You, or where the processing is in Our legitimate interests and not overridden by Your data protection interests or fundamental rights and freedoms. In some cases, We may also have a legal obligation to collect the personal information in question.
If We ask You to provide personal information to comply with a legal requirement or to perform a contract with You, we will make this clear at the relevant time and advise You whether the provision of Your personal information is mandatory or not (as well as of the possible consequences if You do not provide Your personal information).
Similarly, if We collect and use Your personal information in reliance on Our or a third party's legitimate interests and those interests are not already listed above (in the "Use of Information" section), We will make clear to You at the relevant time what those legitimate interests are.
If You have questions about or need further information concerning the legal basis on which We collect and use Your personal information, please contact Us using the contact details provided in Section 14 below.
We may also share personal information collected through the Services with third party companies so that they may offer products and services that We believe will be of interest to You. We may also share personal information with third party advertising-serving companies to better target the adverts and other content displayed on Our site and to provide offers We think may be of interest to You. You may opt-out of disclosure of Your information to third parties for direct marketing purposes – see the Choice and Opt-Out section below. In addition, third party advertisers may receive certain personal information about You if you click on advertisements displayed on Our Website or Services. If You do not wish these third parties to process Your personal information, please do not click on these adverts.
Your personal information may be stored and processed by Us in any country where We have facilities or where We engage service providers, and by reading this Policy and using the Services You acknowledge that Your personal information may be transferred to countries outside of Your country of residence, including the United States, which may have different data protection rules to those of Your country. Where We do so, Our collection, storage and use of Your personal information will be in accordance with the purposes set out in this Policy.
For personal information We receive from the EEA and Switzerland, SendGrid, Inc. participates and complies with the EU-US and Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce. You can find out more about Our commitment to the Privacy Shield Principles in Our Notice of Privacy Shield Certification. If there is any conflict between the terms of this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
We will ensure that where other non-EEA affiliates or third party service providers have access to personal information outside of the EEA, that they too commit to provide the same level of protection as the Privacy Shield Principles.
If Your use of the Services requires SendGrid to process personal data falling within the scope of GDPR, SendGrid’s Data Processing Addendum is available for e-signature here. Additionally, more information about EU data protection laws is available by visiting our GDPR page.
Also, all opt out requests can be made by emailing Us at firstname.lastname@example.org. Please note that it may take up to 3 days to remove Your contact information from Our marketing communications lists, so You may receive correspondence from Us for a short time after You make Your request.
Please note that some communications (such as service messages, account notifications, billing information) are considered transactional and necessary for account management and You cannot opt out of these messages unless You request to deactivate Your SendGrid account.
If You are from certain territories (such as the European Union), You may have additional data protection rights, such as broader rights to access and deleted Your personal information, as well as rights to:
If You would like to exercise the above rights, please write to Us using the contact details in Section 14 below and We will consider Your request in accordance with applicable data protection laws. We may ask You to verify Your identity in order to help Us respond to Your request.
You also have the right to raise questions or complaints with Your data protection authority at any time.
Please note that if We are processing Your personal information on behalf of Our Customers as a data processor (see Section 1(c) above “Information We Process on Behalf of Our Customers”), then You should direct any data rights requests to Our Customer who holds the SendGrid account. We will not be able to respond directly to such requests and will refer any such requests to the relevant Customer.
SendGrid has adopted a policy of allowing You to opt-out of the disclosure of Your personally identifiable information to third parties for their direct marketing purposes and thus falls within this exception. Instructions for opting out can be found in the section entitled found in the Choice and Opt-Out section above.
Where We have no ongoing legitimate business need to process Your personal information, We will either delete or anonymize it or, if this is not possible (for example, because Your personal information has been stored in backup archives), then We will securely store Your personal information and isolate it from any further processing until deletion is possible.
Any personal information that We process on behalf of Our Customers is retained in accordance with the timeframes set out in the relevant Customer agreements.
Almost there! We just sent you an email to confirm your subscription.
We respect your privacy. Learn more here.