Privacy Policy Personal Data Protection

In the course of its activity and for the purposes of providing the Services, SendinBlue is required to collect and process the personal data of its users (hereafter the “Users”).

This privacy policy, implemented by SendinBlue, is intended to provide the Users with a summary and an overview of the processing of personal data carried out by SendinBlue.

SendinBlue attaches particular importance to the respect for the privacy of the Users and of the confidentiality of their personal data, and is thus committed to processing the data in compliance with the applicable laws and regulations, and in particular Law No. 78-17 of 6 January 1978 relating to Information Technology, Data Files and Civil Liberties (hereafter the « Data Protection Act »), and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereafter the « GDPR »).

Definitions

Personal data: any information relating to an identified or identifiable natural person, that is, a person who can be identified, directly or indirectly, by reference to an identification number or to one or more elements specific to that person.

Processing of personal data: any operation or any set of operations relating to personal data, whatever the process used, and in particular the collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, as well as locking, erasure or destruction.

Cookie : a cookie is a piece of information placed on the hard drive of Internet users by the server of the site they visit. It contains several pieces of data: the name of the server which installed it, an identifier in the form of a unique number, and possibly an expiry date. This information is sometimes stored on the computer in a simple text file that a server accesses to read and save pieces of information.

Data Controller – DPO

The data controller for the processing of the personal data referred to herein is SendinBlue, a simplified joint stock company with a share capital of 137,531 Euros, registered with the Paris Trade and Companies Register under number 498 019 298 and whose registered office is located at 55 rue d’Amsterdam, 75008 Paris, France.

SendinBlue has appointed a Data Protection Officer who can be contacted at the following address: [email protected].

Data collected

SendinBlue collects data from Users in order to make the services for which they have subscribed to the platform available to them.

The mandatory or optional nature of the data provided (in order to be able to complete the Users’ registration and to provide them with the SendinBlue services) is indicated at the time of collection by an asterisk.

In addition, certain data is collected automatically as a result of the User’s actions on the site (see the paragraph on cookies).

Purposes

The personal data collected by SendinBlue during the provision of the services is necessary for the performance of the contracts concluded with the Users, or to allow SendinBlue to pursue its legitimate interests while respecting the rights of the Users. Certain data may also be processed based on the Users’ consent.

The purposes for which SendinBlue processes data are the following:

  • commercial and accounting management of the contract;
  • management of marketing activation and organisation;
  • detection of malicious behaviour (fraud, phishing, spam, etc.);
  • the improvement of the users path on the site;
  • more generally any purpose referred to in Article 2 of Deliberation No. 2012-209 of 21 June 2012 creating a simplified standard for the automated processing of personal data relating to the management of users and prospects.

Recipients of the data

The personal data collected is intended for SendinBlue’s commercial and accounting departments. It can be transmitted to SendinBlue’s subsidiaries, or to third parties data processors which SendinBlue can use within the context of the performance of its services.

In this context, personal data may be transferred to an EU or non-EU country. SendinBlue implements guarantees ensuring the protection and security of this data, in compliance with applicable rules.

SendinBlue does not transfer or rent personal data to third parties for marketing purposes without the express consent of the Users of SendinBlue.

Apart from these cases, personal data may only be disclosed to third parties in the following cases:

  • with their authorisation;
  • at the request of the competent legal authorities, on judicial request, or in the context of a legal dispute.

Durée de conservation des données

To satisfy its legal obligations or in order to have the necessary elements to assert its rights, SendinBlue will be able to retain the data under the conditions envisaged by applicable rules.

Thus, personal data collected by SendinBlue relating to the identity and contact details of its Users is retained for a maximum period of two years after the termination of the contractual relationship for Users that are customers, or from their collection by the data controller or the last contact from the Users that are prospects, for the data relating to the latter.

The termination of the contractual relationship is understood as the express termination of the contract by the User, or the non-use of SendinBlue services for a period of five years.

Rights of Users

In accordance with applicable rules, the Users have the right to access and rectify their personal data, which enables them to rectify, complete, update or delete data that is inaccurate, incomplete, ambiguous or outdated, or whose collection, use, communication or storage is prohibited.

The Users also have the right to request the limitation of the processing, and to oppose on legitimate grounds the processing of their personal data. The User may also communicate instructions on the fate of their personal data in the event of death.

Where applicable, the User may request the portability of their personal data or, where the legal basis for the processing is consent, withdraw their consent at any time.

The Users may exercise their rights by sending an email to [email protected] or a letter to:


SendinBlue SAS – Politique de confidentialité
55, rue d’Amsterdam 75008 Paris, France

These requests will be processed within a maximum of 30 days.

The Users may also at any time modify the data concerning them by logging on to http://www.sendinblue.com and clicking on “edit my profile” or by contacting the customer relations department at [email protected]

L’Utilisateur peut se désinscrire de la newsletter de SendinBlue ou des emails marketing en suivant les liens de désinscription figurant dans chacun de ces emails.

In the event of a dispute, the Users may file a complaint with the CNIL, which contact details can be found at http://www.cnil.fr.

The Users may access detailed information on the use of their personal data, in particular concerning the purposes of the processing, the legal bases enabling SendinBlue to process the data, its storage periods, its recipients and, where applicable, its transfers to a country outside the European Union as well as the guarantees put in place. To do so, the User can send their request by email to [email protected].

Cookies

The SendinBlue site uses cookies whose purpose is to facilitate navigation on the site, to execute the service provided by SendinBlue, to measure the site’s audience or to allow pages on the site to be shared.

Types of cookies used

The cookies necessary for navigation on the site

These cookies are necessary for the functioning of the sendinblue.com. site. They allow the main features of the site to be used.

Without these cookies, Users cannot use the site normally.

Functional cookies

These cookies make it possible to personalise the User experience.

Analytical cookies

These cookies make it possible to examine the use and the performance of the site and to improve its operation by carrying out analyses of visits to the information pages, by monitoring the open rates, the click rates and the bounce rates at the individual level.

Sharing button cookies

These social cookies allow users to share pages and content on third-party social networks via social sharing buttons.

Cookie management

Users can accept or reject cookies on the site or refuse them once and for all through their browser settings.

If the User chooses to refuse all cookies, navigation onto certain pages of the site will be reduced.

Depending on the browser used by Users, the methods for deleting cookies are as follows:

On Internet Explorer

  • Click the Tools button, then Internet Options.
  • Under the General tab, under Navigation History, click Settings.
  • Click the Show Files button.
  • Select the cookies to refuse and click on delete.

On Firefox

  • Click on the Browser Tools icon, select the Options menu.
  • In the window that appears, choose “Privacy” and click on “Display cookies”.
  • Select the cookies to refuse and click on delete.

On Safari

  • Click the Edit icon, select the Preferences menu.
  • Click on Security and then on Show cookies.
  • Select the cookies to refuse and click on delete.

On Google Chrome

  • Click on the Tools icon, select the Options menu then click the Advanced Options tab.
  • And access the “Confidentiality” section.
  • Click on the “Show Cookies” button.
  • Select the cookies to refuse and click on delete.

Duration of cookies
Cookies are placed on the User’s terminal for a maximum period of 13 months from the date of the User’s consent.

After this period, consent will be re-obtained.

Security

SendinBlue has taken all necessary precautions to preserve the security of personal data and, in particular, to prevent it from being distorted or damaged or from unauthorised third parties having access to it.

These measures include the following:

  • Multi-level firewall.
  • Proven anti-virus and detection of intrusion attempts.
  • Encrypted data transmission using SSL/https/VPN technology.
  • Tier 3 and PCI DSS certified data centres.

In addition, access to processing by the SendinBlue recipient services requires authentication of the persons accessing the data, by means of an individual access code and password, sufficiently robust and regularly renewed.

Data transmitted over unsecured communication channels is subject to technical measures designed to make such data incomprehensible to any unauthorised person.

Any questions about the security of the SendinBlue website can be directed to [email protected].

Modification of the Privacy Policy

SendinBlue reserves the right to change this Privacy Policy to comply with changes in the applicable laws and regulations.

Changes made will be notified via our website or by email, as far as possible, at least thirty days before their entry into force.

Contact

Any questions about SendinBlue’s Privacy Policy can be directed by email to [email protected] or by mail to:

SendinBlue SAS – Politique de confidentialité
55, rue d’Amsterdam 75008 Paris, France

 

Try our free plan and send up to 300 emails/day.

No credit card. No commitment.

Sign Up for Free