Diese Seite erklärt, wie wir Ihre persönlichen Daten schützen.
Your privacy matters to us!
At Wild Mail, we care about your privacy and are committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, and the steps we take to keep it safe. We’ve done our best to keep things clear and straightforward, but if you have any questions, feel free to reach out via support@wildmail.io - we’re happy to help!
Definitions:
For the purposes of the provisions of this privacy policy, the following expressions in the form in which they are written shall have the meanings set forth below.
Personal Data: means any information about an identified or identifiable natural person.
Data Subject: a natural person who can be identified directly or indirectly, location, an online identifier or one or more elements of the physical, physiological, genetic, psychological, economic, cultural or social identity of that person.
Processing: means any operation or set of operations performed on personal data or sets of personal data, whether or not by automated procedures.
Data Controller: means the person who determines the purposes and means for the Processing of Personal Data.
Data Processor or Processor: means the person who processes Personal Data on behalf of a Controller following his/her instructions.
Wild Mail: a tool designed for professionals and businesses to create email marketing campaigns and manage sales using a CRM (Customer Relationship Management). It is powered by ActiveCampaign, for which Wild Audience is an official reseller. Depending on the plan you choose, we also offer additional services to enhance your experience. You can find more details on our website: https://www.wildmail.io/.
Plan/s: pre-established set of Wild Mail functionalities and/or services that the Customer can contract according to the price and other associated conditions.
WILD AUDIENCE: company owner of Wild Mail whose full details are given below.
Customer: professional or company that contracts a Wild Mail Plan.
Contact/s: natural or legal person/s included by the Customer in its database in Wild Mail for the use of this tool for the indicated purposes.
User/s: users authorized by the Customer to use his/her Wild Mail account according to the contracted Plan.
Processed Data: Personal Data under the responsibility of the Data Controller that WILD AUDIENCE may process in order to provide the services included in the Wild Mail Plan contracted by the Data Controller.
A) Processing of Personal Data by WILD AUDIENCE as Data Controller:
1. Information of WILD AUDIENCE as Data Controller:
If you request information or if you contract Wild Mail as a Customer to create e-mail marketing campaigns or to use the sales CRM and/or the rest of the services included in your Plan, the Data Controller of your Personal Data is the company WILD AUDIENCE, S.L., with registered office at Ronda Sant Pere, 52, 08010, Barcelona (Spain), with NIF number: B67376772 (VAT number: ESB67376772), duly registered in the Commercial Register of Barcelona, in volume 46.777, folio 25, section 8, page B-530.564, hereinafter, WILD AUDIENCE.
WILD AUDIENCE can be contacted directly and effectively at the e-mail address: support@wildmail.io.
2. Processing of Personal Data by WILD AUDIENCE as Data Controller, purpose and legal basis:
2.1. On the occasion of Wild Mail's engagement as a Customer:
2.1.1. Personal Data processed:
If you sign up for Wild Mail as a Customer, WILD AUDIENCE will process the following personal data:
Admin e-mail: e-mail address of the Customer's administrator
Customer's administrator's name (first and last name)
Customer ID
Customer's IP address
Billing/payment details (via Stripe account) after the trial period if you wish to continue using the Wild Mail service: address, VAT number and last four digits of the credit/debit card to be used for payments
In addition, WILD AUDIENCE will have access to the ActiveCampaign API URL and API Key and the encrypted password to access Wild Mail
2.1.2. Purpose:
Your data is collected as a Customer in Wild Mail to enable the provision of the contracted service, to send notifications related to the service, as well as to manage billing and payment.
WILD AUDIENCE may also process your data to send commercial communications about its services, if you have not objected to it, both at the time of collecting your data and at any time thereafter.
We remind you that you have the right to oppose the sending of commercial communications at any time.
2.1.3. Legal basis:
The legal basis for the processing of your data for the provision of the service, billing management, payment and sending notifications about the service, is the execution of a contract or pre-contract in which you are a party as a Data Subject.
The legal basis for sending commercial communications about WILD AUDIENCE services, if you have contracted any of its services, is the legitimate interest of WILD AUDIENCE for direct marketing purposes.
2.2. On the occasion of the request for information:
2.2.1. Personal Data processed:
If you contact WILD AUDIENCE through the e-mail support@wildmail.io to request information, we will have access to your IP address, the e-mail address you use and the data you provide us through that communication.
2.2.2. Purpose:
In case you request information through any of the means that Wild Mail makes available to you (chat, forms, etc.), identifying data such as your name, telephone number and/or e-mail address will be collected in order to attend your request, based on the legitimate interest of WILD AUDIENCE.
We will send you commercial communications, as long as you have consented to such purpose in an informed, free, unequivocal and specific manner.
2.2.3 Basis of standing:
In order to respond to any request for information, the legal basis is the legitimate interest of WILD AUDIENCE to respond to such request.
For the sending of commercial communications, the legal basis is the provision of informed, free, specific and unequivocal consent by means of a clear affirmative action, such as checking a box or checkbox.
2.3. In connection with the application for participation in the Wild Mail Partner Program:
2.3.1. Personal Data processed:
If you sign up as a Partner in the Wild Mail Partner Program, WILD AUDIENCE will process the following personal data:
Admin e-mail: e-mail address of the Customer's administrator
Customer's administrator name (first and last name)
ID
IP Address
Billing/payment data
API URL and ActiveCampaign API Key and encrypted Wild Mail access password
2.3.2. Purpose:
Enable participation in the Wild Mail Partner Program, for the forwarding of notifications related to the same, as well as to manage the billing and payment of Commissions.
2.3.3. Legal basis:
The legal basis for the Processing of the PARTNER's data is the execution of a contract or pre-contract to which the PARTNER is a party as a Data Subject.
2.4. On the occasion of the subscription to the Wild Mail Newsletter:
2.4.1. Personal Data processed:
If you subscribe to the Wild Mail Newsletter, WILD AUDIENCE will process the following personal data:
Name or nickname indicated by the Interested Party
IP address
2.4.2. Purpose:
Sending communications with relevant information, promotions, offers, news related to Wild Mail.
2.4.3. Basis of standing:
The legal basis for the Processing is the consent given by the Data Subject.
3. Time period for the conservation of Personal Data:
The Personal Data provided will be kept as long as there is a mutual interest to maintain the purpose of the Processing and for the term for which legal liabilities may arise for the services rendered to the Customer as a Data Subject.
When the Processing is no longer necessary for the stated purposes, the Personal Data will be deleted with appropriate security measures.
4. Recipients:
Recipient means the natural or legal person, public authority, service or other body to whom personal data is communicated, whether or not it is a third party.
Your data will not be communicated to any other third party outside WILD AUDIENCE, unless there is a legal obligation, or you have expressly authorized it.
5. Data Processors:
There are data processors, understood as entities that process the personal data under the responsibility of WILD AUDIENCE, following its instructions, as service providers necessary for the provision of the service requested by the Data Subject, with whom WILD AUDIENCE has signed a data processing contract in accordance with the provisions of the applicable regulations on data protection.
6. International Transfers:
International data transfers involve a flow of personal data from Spanish territory to recipients established in countries outside the European Economic Area (European Union countries plus Liechtenstein, Iceland and Norway).
WILD AUDIENCE makes international transfers of data to the United States but only to entities adhering to the Data Privacy Framework.
7. Rights:
As a data subject you are entitled to exercise the following rights that the data protection regulations recognize you, as provided therein:
- The right to withdraw at any time the consent given for the processing of such data, when this is the legal basis.
- Right of access to personal data processed by WILD AUDIENCE.
- The right to request the rectification of inaccurate data processed by WILD AUDIENCE.
- The right to request the erasure of data when, among other reasons, the data is no longer necessary for the purposes for which it was collected by WILD AUDIENCE.
- In certain circumstances, you may request the restriction of data processing, in which case WILD AUDIENCE will only keep the data for the exercise or defense of claims.
- In certain circumstances and for reasons related to your particular situation as a data subject, you may exercise your right to object to the processing of your data. In this case, WILD AUDIENCE will stop processing the data, except for compelling legitimate reasons, or the exercise or defense of possible claims.
- In certain circumstances and for reasons related to your particular situation as a Data Subject, you may request the right to data portability. This is a complementary right to the right of access, since it allows you to obtain the data provided to WILD AUDIENCE in a structured, commonly used and machine-readable format, which can be transmitted directly to another entity upon request of the Data Subject.
You may exercise such rights by any means that provides proof of sending and receipt, clearly expressing your wishes in this regard and enclosing a copy of your ID card and/or any other documentation proving your identity, by writing to the e-mail or postal address indicated above.
In addition, if you consider that any of your data protection rights have been violated, you are entitled to file a complaint with the Spanish Data Protection Agency (AEPD), located at C/ Jorge Juan, 6, 28001-Madrid https://www.aepd.es/ or through the electronic headquarters of the AEPD: https://sedeagpd.gob.es/sede-electronica-web/.
8. Safety:
In order to safeguard the security of the personal data of the Interested Parties, WILD AUDIENCE has adopted all the necessary technical and organizational measures to guarantee the security of the personal data provided.
All this to avoid its alteration, loss, and/or unauthorized processing or access, as required by law, although absolute security does not exist.
9. Updating of personal data:
In order to keep your personal data as a Data Subject up to date, you have the possibility to modify or rectify them through your Wild Mail Customer Account or by contacting WILD AUDIENCE at the following e-mail address: support@wildmail.io.
10. Confidentiality:
Personal Data will be processed with the utmost care and confidentiality by all personnel involved in any of the phases of the Processing.
B) Processing of Personal Data by WILD AUDIENCE as Data Processor:
1. Object and Duration of the Processing:
1.1. Object:
By contracting a Wild Mail Plan, WILD AUDIENCE provides the Customer with access to a tool for the creation of e-mail marketing campaigns and/or sales management through a CRM and/or additional services depending on the contracted Plan.
By reason of said contracting, WILD AUDIENCE is authorized to process on behalf of the Customer, the personal data under the responsibility of the Customer (as Data Controller) necessary to provide the services of Wild Mail, exclusively for that purpose and in its capacity as Data Processor.
1.2. Duration of Processing:
The Customer will have access to the services provided by WILD AUDIENCE as long as the Customer is up to date with payments during the contracted term.
The Customer may cancel the subscription to the paid service at any time and may continue to use the service until the end of the contracted period and without the Customer being charged for the next billing cycle.
Access to the Processed Data will occur for as long as the Wild Mail services contract is in effect.
2. Nature and purpose of the processing
2.1. Nature of Processing:
The nature of the processing of the Processed Data is automated through digital media and systems in which Wild Mail is hosted.
The processing of the data by WILD AUDIENCE as Data Processor will be carried out on its own premises through Wild Mail's digital systems.
2.2. Purpose of Processing:
The purpose of the Processing of the Data Processed by the Data Processor and on behalf of the Data Controller is exclusively the provision of the services of the Wild Mail Plan contracted by the Customer.
3. Type of Personal Data and category of Data Subjects:
For the performance of the Services, the Customer makes available to WILD AUDIENCE the information relating to the personal data of the Contacts managed through Wild Mail and, if applicable, of the Customer's team members (Users) who have access to the Customer's account on Wild Mail.
3.1. Contact Information provided by the Customer to which WILD AUDIENCE may have access in its capacity as Data Processor:
- Name and surname
- E-mail address
- ActiveCampaign Contact ID
- Contact IP Address
- Location (country and city)
- Any additional personalized information indicated by the Customer from his Contacts
- Information on the content of e-mails sent to Contacts by the Customer.
3.2. Information of the Users or members of the Customer's team with access to Wild Mail:
- Name
- E-mail address
- Phone
4. Authorized Processing Operations:
The Customer authorizes only those Processings strictly necessary for the provision of the contracted services, including the collection, recording, organization, structuring, conservation, adaptation or modification, extraction, consultation or communication by transmission and the possible access to the processed data in the event that the Customer requires technical support from WILD AUDIENCE.
5. Obligations and rights of the Data Controller:
The duty to inform the Data Subjects (Contacts and Users) of the processing will be the sole responsibility of the Customer as Data Controller.
The Customer guarantees that the data provided to the Processor have been obtained in a lawful manner and that they are adequate, relevant and limited to the purposes of the Processing.
The Customer shall make available to the Data Processor all the information necessary for the provision of the contracted services through Wild Mail.
6. Obligations and rights of the Data Processor:
WILD AUDIENCE undertakes to respect all the obligations that correspond to it as Data Processor in accordance with the provisions of the legislation in force and any other provision or regulation that also applies to it.
WILD AUDIENCE will not use the processed data for purposes other than the provision of Wild Mail services.
WILD AUDIENCE shall make available to the Customer the information necessary to demonstrate compliance with the contract, allowing the inspections and audits necessary to evaluate the processing.
7. Authorized personnel to carry out the Processing:
WILD AUDIENCE guarantees that the persons authorized to process the processed data have expressly undertaken in writing to respect the confidentiality of the data and that they are subject to a legal obligation of confidentiality.
WILD AUDIENCE will take steps to ensure that any person acting under its authority who has access to personal data may only process it in accordance with the instructions of the Controller and is obliged to do so under applicable law.
WILD AUDIENCE guarantees that the persons authorized to process the data have received the necessary training to ensure that the protection of personal data will not be compromised.
8. Security measures:
WILD AUDIENCE declares to be aware of the obligations arising from the regulations on data protection, especially with regard to the implementation of security measures for the different categories of data and processing established in Article 32 of the RGPD, including, among others:
a) Pseudonymization and encryption of personal data
b) The ability to ensure the continued confidentiality, integrity, availability and resilience of the processing systems and services.
c) The ability to restore availability and access to personal data quickly in the event of a physical or technical incident.
d) a process of regular verification, evaluation and assessment of the effectiveness of technical and organizational measures to ensure the security of the processing.
WILD AUDIENCE guarantees that these security measures will be adequately implemented and that they will help the Controller to comply with the obligations set forth in the GDPR, taking into account the nature and the information available to the Data Controller.
The Data Controller shall conduct an analysis of the potential risks arising from the Processing to determine the appropriate security measures to ensure the security of the processed information and the rights of the Data Subject and, if the Data Controller determines that risks exist, shall send to the Processor a report with the Impact Assessment so that the Processor can proceed to implement appropriate measures to avoid or mitigate the risks.
WILD AUDIENCE shall analyze the possible risks and other circumstances that may have an impact on security and that may be attributable to it, and, where appropriate, shall inform the Data Controller in order to assess their impact.
9. Security breaches:
Security breaches of which WILD AUDIENCE becomes aware shall be notified without undue delay to the Customer for his/her/its knowledge and implementation of measures to remedy and mitigate the effects caused.
The security breach notification shall contain at least the following information:
- Description of the nature of the noncompliance.
- Categories and approximate number of affected Data Subjects.
- Categories and approximate number of data records affected.
- Possible consequences.
- Measures taken or proposed to remedy or mitigate the effects.
- Contact information where you can obtain more information.
10. Communication of Data to third parties:
WILD AUDIENCE may not communicate data to other recipients, unless they have obtained prior written authorization from the Customer, which, if any, shall be attached to this agreement.
The transmission of data to public authorities in the exercise of their public service does not require the authorization of the Customer if such transmissions are necessary to achieve the purpose of the processing.
11. Sub-processors:
WILD AUDIENCE undertakes to fully respect the applicable Data Protection Laws with reference to the hiring of Sub-processors, including the conditions referred to in Article 28 of the GDPR, where applicable.
WILD AUDIENCE will have general authorization to hire the sub-processors, which it currently uses, tha you can check here.
WILD AUDIENCE will have a general authorization for the hiring of new Sub-processors.
WILD AUDIENCE will specifically inform the Customer in writing of any changes it intends to make to the roster, either by expanding it or by replacing one Subscriber with another, at least 30 days in advance, thus giving the Customer sufficient time to object to such changes prior to the hiring of the Sub-processors in question.
WILD AUDIENCE will provide the Customer with the necessary information so that he/she can exercise his/her right of opposition. If the Customer does not oppose within the mentioned term of 30 days, it will be considered granted the authorization to designate the Sub-processor.
WILD AUDIENCE will observe where appropriate safeguards are in place, including, but not limited to, the use of Standard Contractual Clauses (SCC) and/or other applicable measures.
WILD AUDIENCE must include in any agreement with Sub-Processsors receiving Confidential Information, a provision that the Sub-Processsor shall be subject to the same confidentiality, data protection and data security obligations to which the Entrant is bound under the Agreement and this DPA.
In any event, WILD AUDIENCE shall remain fully liable for any negligence and/or damage caused to the Controller and/or his/her Processed Data and for any violation of the Data Protection Laws or of the Rights of the Data Subjects, by its Sub-Processors.
12. International Data Transfers:
Notwithstanding the foregoing - if the Processor intends to process the Personal Data outside the territory of the EEA, including through the use of Sub-processors or transfer data to any third country or international organization without a decision pursuant to Article 45.3 of the GDPR, or any other existing legal requirements/limitation under applicable data protection laws with respect to transfers of Personal Data - WILD AUDIENCE will only do so subject to the prior written approval of the Controller and subject to the implementation of appropriate safeguards, including but not limited to the use of Standard Contractual Clauses (SCC), which will automatically apply where necessary, and/or other applicable measures, to ensure sufficient safeguards for compliance with such requirements and any applicable data protection laws. Notwithstanding the foregoing, if Personal Data is transferred between the Data Controller and its Sub-Processors, the Data Controller shall conduct and document an appropriate risk assessment in connection with such transfer of Personal Data.
13. Rights of Data Subjects:
The Data Controller shall create, whenever possible, and taking into account the nature of the processing, the technical and organizational conditions necessary to assist the Customer in his/her obligation to respond to requests about his/her rights from the Data Subjects (Contacts and Users).
In the event that the Data Processor receives a request for the exercise of such rights, he/she shall notify the Customer immediately, and in no case later than the business day following receipt of the request, together with other information that may be relevant to the resolution of the request.
14. Liability:
Pursuant to Article 82 of the GDPR, the Customer shall be liable for damages caused by any processing operation in which he/she is involved and does not comply with the provisions of the GDPR and only the Processor shall be liable for damages and losses caused by the processing where the Processor has not complied with the obligations of the GDPR specifically addressed to the Processor or has acted outside or contrary to the lawful instructions of the Controller. Likewise, the Data Processor shall be exempt from liability if he/she can prove that he/she was in no way responsible for the event that caused the damage or loss.
15. End of Service:
Upon termination of the contracted services for any reason, if the Data Processor has stored personal data, or any other documents and/or media provided to him/her by any means, he/she shall return them, or delete them, at the discretion of the Customer, including any existing copies.
The data will not be deleted when its conservation is required by a legal obligation, in which case the Data Processor will continue to keep it, blocking the data and limiting its processing to the extent that liabilities may arise from its relationship with the Data Controller.
The Data Processor shall maintain the obligation of secrecy and confidentiality of the data even after the end of the relationship that is the object of the contracting of services.
16. Obtaining a copy of the Data Processing Agreement (DPA):
In the event that the Customer wishes to have a signed copy of the Data Processing Agreement (DPA), he/she may request it by sending an e-mail to support@wildmail.io.
Updated October 10, 2024