Privacy Policy Mailup Platform
The protection of personal data is a core value of our business. Starting on this page, we provide you with information that can help you understand how we protect your privacy and monitor how your data are used.
This policy covers the processing of your personal data through the TeamSystem platform.
- in connection with the purchase of our products and services, or when you contact us to request information (including as part of promotions, demos, and trials)
We process your data in accordance with Regulation (EU) No. 2016/679 (General Data Protection Regulation, “GDPR”) and provide you with this information in accordance with Articles 13 and 14 of the GDPR.
In this information sheet, we tell you in a simple and detailed manner:
1. About us and how to contact us
In this section we point you to the individuals to whom you can refer to exercise your rights:
- Data Controller
- Data Protection Officer
Data Controller
The entity that decides why and how your personal information is processed and sets up the organizational security measures to protect your privacy.
The data controller is TeamSystem SpA, which can be contacted at:
TeamSystem S.p.A. – Via Sandro Pertini, 88 Pesaro – privacy@mailup.com
Remember to include your name, email/postal address, and/or phone number(s) so that your request can be properly handled.
Data Protection Officer
The TeamSystem Group has appointed a Data Protection Officer (DPO): this is the person in charge of overseeing that the regulations regarding the processing of personal data are observed and of responding to your requests for clarification on how we process your data.
The DPO is also the person appointed by the group to respond to your requests to exercise your right of access and other rights under the GDPR. You can contact him/her by writing to the TeamSystem office or at the email address provided here:
TeamSystem S.p.A. – Via Sandro Pertini, 88 Pesaro – dpo@teamsystem.com
Remember to include your name, email/postal address, and/or phone number(s) so that your request can be properly handled.
2. What Personal Data We Process
Personal data is any information by which you can be identified, directly or indirectly.
We collect and use your personal information in order to conclude and perform your contract with TeamSystem and when you use the MailUp Platform.
Types of data we collect:
- Contact and access identification data
Such as first name, last name, username, email address, mailing address, phone number, TeamSystem ID and password, any profile picture you have set up. - Product data
Such as data related to products licensed to you and/or services subscribed to by you, including information contained in documents managed through the product or service. - Data collected independently when sending emails or communications
Such as tracking data collected, upon consent, to detect the opening of a message, clicks made on hyperlinks contained within the email, from which IP address or with which type of browser the email is opened, and other similar details through tools such as pixels or web beacons. - Billing and payment information
Such as any VAT number, tax identification number, address, and possibly the company name. - Browsing Data
Such as connection data, IP address, domain names and other browser-related parameters and the operating system you use. - Usage Data
That is, information generated in the context of the use of the products or services you purchased, either in “on premises” mode (i.e., in the case of the product installed on your systems or machines) both in ”in the cloud” mode (i.e., while using TeamSystem services online), such as logdata, licensing, installation and configuration data, data related to registrations made, interaction and transaction processes, performance indicators, data related to navigation flows and page views, usage, and feature counts.
The TeamSystem ID You can access TeamSystem products and services using your TeamSystem ID credentials, subject to the relevant contractual conditions and limitations. Creating the TeamSystem ID also enables a feature to collect and store log data related to access and usage activity of management platforms. In this way, it is possible to verify that these management platforms are operating within the security requirements of the GDPR. Collection occurs only if this feature is enabled in relation to the products/services you have access to via TeamSystem ID. If the feature is activated, TeamSystem – in order to provide the requested service, in accordance with the contractual conditions of the service – will process the data related to its services and will also process the data on behalf of the Owner of the management platform as data processor. |
3. For what purposes we collect your data and for how long
In this section we explain the purposes for which we use your data, that is, the purposes of processing data. We also tell you whether you have an obligation to provide the data to us, what happens if you do not intend to provide the data, and how long we keep the data.
These are the purposes for which we process your data:
- Contractual and legal purposes
- Service improvement and other non-consent-based purposes
- Marketing Purposes
1. Contractual and legal purposes
Here we describe in more detail the different contractual and statutory purposes:
THE PURPOSE IN BRIEF:
|
- Registering and managing the account (including any account verification and credential retrieval) and using account-related features.
- Performing activities necessary for entering into and performing the contract so as to provide the service/product you requested or purchased, including through the Website.
- Managing any complaints and requests to send service communications and product updates, both through traditional communication tools such as paper mail, and through remote communication tools such as email, chat, telephone, SMS, chatbots, banners, notification systems, and other remote communication tools.
- isting, supporting, and training those who use our services and products.Product Usage Data may also be processed for support activities. For example, by examining a user’s browsing flows, it is possible to understand the reasons for any critical issues in the use of certain product features
- Complying with obligations arising from national or EU regulations or legislation (e.g., tax and accounting obligations) or managing or responding to requests from judicial authorities or administrative and tax authorities.
2. Service improvement and other non-consent-based purposes
Here we describe in more detail the different service improvement purposes and other non-consent-based purposes:
THE PURPOSE IN BRIEF:
|
- Conducting analysis and research with respect to the products and services provided and your use of them, to improve and develop our products and services. In accordance with the principle of minimization these activities will be performed using your personal data only as necessary to ensure the reliability and propriety of the activities; if possible, we will also anonymize or aggregate the data before using them.
- Assessing your satisfaction with the products purchased and services provided by TeamSystem or to resolve any issues related to their use: for example, initiatives aimed at helping you make the best use of the product or service, including to prevent any cancellations and to improve user and customer experience.
- Asserting and defending the rights of TeamSystem, including in the context of debt collection procedures and the assignment of receivables to authorized companies, to assess the status and reliability of customers, and to carry out checks for the purpose of preventing and/or suppressing fraudulent or harmful actions.
- Completing a potential merger, asset sale, business sale, business unit sale, or financial transaction by disclosing and transferring data to the third parties involved.
- Performing customer segmentation activities based on non-intrusive categories, such as, among others, the professional category you belong to, the city/province/region in which you are based, the type of product or service you purchased or for which you requested information through the Website. This segmentation activity could also be done on third-party vendor platforms via interconnection activities with the third-party platform’s own data. In any case, communications for Marketing Purposes will be sent in compliance with the consents you have given and in accordance with what is stated in this policy. In this context, data could also be used to detect similar customer profiles.
- Managing TeamSystem’s IT resources, including infrastructure, websites, and technology equipment, to ensure service continuity and IT security (e.g., to prevent cyber-attacks or perform audits in case of attacks).
3. Marketing Purposes
Here we describe the different Marketing Purposes in more detail:
THE PURPOSE IN BRIEF:
|
- To send you updates on news and commercial offers of TeamSystem products and services, including after interconnecting your Usage and Browsing Data and analyzing your behavior with respect to both browsing the Website and, more generally, your use of TeamSystem services and products (subject to the consents you have given to acquire these data); Or to invite you to participate in events, conduct market research, or other commercial initiatives. All of this may be done either through traditional communication channels such as paper mail or a phone call from an operator or through automated communication tools such as email, chat, messaging (texting and other instant messages), chatbots, and other remote communication tools.
- Disclose your personal information to other TeamSystem Group companies and/or its network of business partners, for the purpose of sending you marketing communications and other promotional initiatives in accordance with the methods of communication and the purposes set forth in letter n) above.
- Send marketing communications via email about services or products similar to those covered by the contract concluded with TeamSystem. At any time, you will have the opportunity to object to the sending of these communications.
4. With Whom We Share Your Data
We may disclose your information to other parties that carry out activities that are functional to those of our products or services. In sharing your data, we respect the principle of purpose and minimization established by the GDPR. The person to whom we disclose your data process them, as applicable, as autonomous data controllers or data processors. To obtain a complete list of those who process data as data controllers, write to us at privacy@mailup.com.
These are the parties to whom we disclose your data:
-
- Third-party providers of support and advisory services with reference to activities in the technology, accounting, administrative, legal, and insurance sectors (by way of example only).
- TeamSystem Group company.
- In cases where the contractual relationship involves business partners, we may share some of your personal data with their distributors, resellers and partners who are part of the distribution chain of TeamSystem Group products and services.
- Banks and lending institutions.
- Debt collection companies.
- Subjects and public authorities whose right of access to your personal data is expressly recognized by law, regulations or measures issued by the competent authorities.
- Potential purchasers and entities resulting from merger or any other form of corporate transformation.
- Public databases and credit information systems.
For Marketing Purposes, and with your specific consent, we may also communicate your data to other third parties and business partners in charge of marketing campaigns carried out on our behalf.
Do we transfer your data abroad? Your personal data may be freely transferred within the European Union. |
5. How we handle your data
Your personal data are processed by TeamSystem with electronic and manual systems according to the principles of fairness, loyalty and transparency and protecting your confidentiality through technical and organizational security measures to ensure an adequate level of security.
These processing operations take place at TeamSystem’s headquarters and/or at the offices of external data processors who perform processing on behalf of TeamSystem.
With regard to Usage and Browsing Data, in compliance with the purposes described and, where necessary, with your express consent, analysis activities may be done, including by interconnecting your data related to the different products and services purchased by you from TeamSystem Group companies, with the acquisition of Usage and Browsing Data, both with regard to products installed at customer machines ( on premises), as well as for those “in the cloud,” that is, during online use of the services themselves.
For usage statistics, we make use of tools that enable the collection of Usage Data.
These tools may involve the collection of locally generated information in the product you use through communication with or access to your systems.
With specific reference to the “cloud-based” collection of Usage Data, among others, TeamSystem uses analytical tools to collect, measure, and analyze Usage Data and Navigational Data for the purpose of understanding, optimizing, and improving the use of the Website and our products (e.g., Web and customer analytics tools, querying, and dashboarding).
In addition, for the purposes described above, again subject to the consents you have given, we may interconnect data about your browsing on the Website with data that you have provided to us by filling out a form on the Website.
For more information about cookies and tracking tools used on the Website and the related processing of your Browsing data, you can consult our cookie policy at this address: https://www.teamsystem.com/gestione_cookie.
The CRM in the Cloud application uses and shares with other user-selected applications information received from the Google API in compliance with the Google API Services User Data Policy (Google API Services User Data Policy) including Limited Use requirements.
6. Your rights and how can you exercise them
You have control over your data. Here we list the rights you have with respect to the processing of your personal data:
- Right of access
You may receive confirmation of the existence of your personal data and to access their content. - Right of rectification
You may update, amend and/or correct your personal data. - Right to be forgotten and right to limitation
You may to request the erasure or the limitation of your personal data processed in violation of law, including data whose retention is unnecessary given the purposes for which they were originally collected or otherwise processed.This is subject to an overriding public interest or our legal obligation to retain the data. - Right of opposition
You can object to processing, including profiling. This is the case unless there is an overriding legitimate reason for TeamSystem to continue processing. - Right to withdraw consent
You can withdraw your consent to marketing activities if you have previously given it. - Right to complain
You can file a complaint with a supervisory authority, either in the member state where you usually reside, work, or of the place where the alleged violation occurred. In Italy, the supervisory authority is the Garante per la protezione dei dati personali. This is without prejudice to any other administrative or judicial recourse. - Right to data portability
You can receive an electronic copy of personal data about you. You have the right to transmit this data to a different service provider if TeamSystem processes the data on the basis of your consent or on the basis that the processing is necessary to provide you with the requested services and if the data is processed by automated means.
To exercise your data protection rights stated above at any time and free of charge you can contact the Data Protection Officer, who can be contacted by sending a request to dpo@teamsystem.com.
When contacting us, be sure to include your name, email, mailing address and/or phone number to be sure your request can be handled properly.
What happens in the event of your death? In the event of your death, Article 2-terdecies of the Privacy Code applies: the rights referring to your personal data may be exercised by those who have an interest of their own, or are acting on your behalf as an agent, or for family reasons deserving protection. |
7. Cookies
Definitions, characteristics, and implementation of regulations
Cookies are small text files that sites you visit send and store on your computer or mobile device, only to be transmitted back to the same sites on your next visit. It is precisely because of cookies that a website remembers a user’s actions and preferences (such as, for example, login data, language choice, font size, other display settings, etc.) so that they do not have to be indicated again when the user returns to said Website or navigates from one page to another of it. Cookies, therefore, are used to perform computer authentication, session tracking, and storage of information regarding the activities of users accessing a website and may also contain a unique identifier code that allows tracking of the user’s browsing within the MailUp platform for statistical or advertising purposes. When browsing a website, you may also receive cookies on your computer from sites or web servers other than the one you are visiting (“third-party” cookies).
Some operations could not be accomplished without the use of cookies, which in some cases are therefore technically necessary for the very operation of the MailUp platform.
There are various types of cookies, depending on their characteristics and functions, and these can remain on the user’s computer for different periods of time: so-called session cookies, which are automatically deleted when the browser is closed; so-called persistent cookies, which remain on the user’s equipment until a predetermined expiration date.
Under applicable law, express user consent is not always required for the use of cookies. In particular, “technical cookies,” i.e., those used for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary to provide a service explicitly requested by the user, usually do not require such consent. These are, in other words, cookies that are essential for the operation of the MailUp platform or necessary to perform activities requested by the user.
For “profiling cookies“, vice versa, i.e., those aimed at creating profiles related to the user and used for the purpose of sending advertising messages in line with the preferences expressed by the user in the context of web browsing, prior consent of the user is usually required, as far as it depends on the applicable legislation.
Types of cookies used by the MailUp Platform and options for (de-)selection
The MailUp platform uses the following cookies, which can be de-selected, except for third-party cookies for which you should refer directly to the respective cookie selection and de-selection methods, indicated by links:
- Browsing or session technical cookies, strictly necessary for the operation of the MailUp Platform or to enable you to take advantage of the content and services requested.
- Analytical cookies, which make it possible to understand how the MailUp Platform is used. No information about your identity or any personal data is collected with these cookies. Information is processed in aggregate and anonymous form.
- Functionality cookies, i.e., used to enable specific MailUp Platform features and a selected set of criteria (e.g., language) in order to improve the service rendered.
- Profiling cookies, used for the purpose of sending advertising messages in line with the preferences you expressed as part of your web browsing.
TeamSystem also forwards third-party cookies, that is, cookies from sites or web servers other than TeamSystem’s for purposes specific to those third parties, including profiling cookies. Please note that these third parties, listed below with links to their privacy policies, are typically either autonomous data controllers of the data collected through the cookies they provide, or they act as Data Processors for TeamSystem (i.e. they process personal data on behalf of TeamSystem).
In detail, the cookies sent by TeamSystem via the MailUp Platform are shown below:
Owner | Cookie technical name | Type of cookie | Operation and purpose | Persistence | Privacy Policy link |
---|---|---|---|---|---|
Pendo .pendo.io |
ei_client_id | third party | These cookies are used by Pendo for user analysis. They analyze audience usage to improve Web Website design and provide in-app guidance. | 2 years | https://www.pendo.io/data-privacy-security/ |
.pendo.io Third party |
OptanonConsent | third party | Stores information about the categories of cookies used by the Website and whether visitors have given or revoked consent for the use of each category. | Annual | https://www.pendo.io/data-privacy-security/ |
Pendo .pendo.io |
_pendo_visitorId. | third party | The agent uses this cookie to identify and record information about visitors so that the information is used in Pendo’s analysis and delivery of the Guide. | 100 days | https://www.pendo.io/data-privacy-security/ |
Pendo .pendo.io |
_pendo_meta | third party | Written and read in the agent. This cookie stores a hash of the current metadata so that Pendo can see when it is changed and update it. | 100 days | https://www.pendo.io/data-privacy-security/ |
Pendo .pendo.io |
_pendo_accountId | third party | The agent uses this cookie to identify and record the visitor’s account ID that will be used in Pendo such as guide delivery and analysis. | 100 days | https://www.pendo.io/data-privacy-security/ |
TeamSystem .mailup.com |
_fbp | third party | Targeting/Advertising Used by Facebook to provide a variety of advertising products such as real-time bidding from third-party advertisers |
2020-10-28T14:36:48.000Z | |
Pendo .pendo.io |
_ga | third party | Tracking These cookies monitor and analyze traffic data and are used to track user behavior in order to improve the user experience. |
2 years | https://www.pendo.io/data-privacy-security/ |
Pendo .pendo.io |
OptanonAlertBoxClosed | third party | It is set after visitors have viewed a cookie information notice and, in some cases, only when they actively close the notice. Allows the Website not to show the message more than once to a user. | 1 year | https://www.pendo.io/data-privacy-security/ |
Pendo .pendo.io |
pendo.sess.jwt | third party | Daily Authentication | https://www.pendo.io/data-privacy-security/ |
|
TeamSystem e.mailup.com |
_pk_id.255873.977f | Prima parte | Heatmap and session recording | 2 years | |
Pendo .pendo.io |
__ft_referrer | third party | UTM parameters code your links to evaluate the effectiveness of your campaigns and identify the best ways to attract more visitors to your website. | 2 years | https://www.pendo.io/data-privacy-security/ |
TeamSystem e.mailup.com |
TeamSystem_System | first party | It is the cookie that contains the encrypted data that the.NET solution needs (idUser, idList…). | daily | |
Pendo .pendo.io |
_fbp | third party | Targeting/Advertising Used by Facebook to provide a variety of advertising products such as real-time bidding from third-party advertisers |
2020-12-15T07:03:30.000Z | https://www.pendo.io/data-privacy-security/ |
TeamSystem .mailup.com |
_hjid (HotJar) | third party | This cookie is set when the client first accesses a page with the Hotjar script. It is used to make the random user ID persistent, unique to that Website on the browser. This ensures that behavior on subsequent visits to the same Website is attributed to the same user. | Session | https://www.hotjar.com/legal/policies/privacy/ |
.gstatic.com | CONSENT | third party | Targeting/Advertising | 20 years | https://policies.google.com/privacy |
e.mailup.com | BIGipServerfront_contenuti_statici | first party | BIGipServer prefix cookies help route internal traffic efficiently and contain encoded addresses of internal Jive servers. These addresses are strictly internal and cannot be used to connect to internal servers from the Internet. | Session | |
Pendo .pendo.io |
__mr_referrer | third party | These cookies are used by Pendo for user analysis. They analyze audience usage to improve Web Website design and provide in-app guidance. | 2 years | https://www.pendo.io/data-privacy-security/ |
TeamSystem .mailup.com |
_gcl_au | first party | Targeting/ Advertising Used by Google AdSense for experimenting with advertisement efficiency across websites using their services |
3 months | |
TeamSystem .mailup.com |
_ga | first party | Tracking These cookies monitor and analyze traffic data and are used to track user behavior in order to improve the user experience. |
2 years | |
Pendo .pendo.io |
_gcl_au | third party | Targeting/ Advertising Used by Google AdSense for experimenting with advertisement efficiency across websites using their services |
3 months | https://www.pendo.io/data-privacy-security/ |
TeamSystem e.mailup.com |
_pk_ses.255873.977f | first party | Heatmap and session recording | daily | |
BEE .getbee.io |
_ga | third party | Tracking These cookies monitor and analyze traffic data and are used to track user behavior in order to improve the user experience. |
2 years | https://beefree.io/cookies-policy/ |
.filepicker.io | session | third party | Session | https://www.filestack.com/privacy/ |
|
dialog.filepicker.io | third party | Session | https://www.filestack.com/privacy/ |
Cookie settings
Cookie-related settings
You can block or delete (in whole or in part) technical and functionality cookies through the specific features of your Browser. Please be advised, however, that not authorizing technical cookies may result in your inability to use the MailUp platform, view its contents, and take advantage of its services. Inhibiting functionality cookies may result in some services or certain features of the MailUp platform not being available or not working properly, and you may have to change or manually enter certain information or preferences each time you visit the MailUp platform.
The choices made in reference to the MailUp platform’s cookies will in turn be recorded in a specific cookie. Such a cookie may, however, not work properly in some circumstances: in such cases, we recommend that you delete unwelcome cookies and inhibit their use through the functionality of your Browsers as well.
Your cookie preferences will need to be reset if you use different devices or Browsers to access the MailUp platform.
How to view and change cookies through the Browser
You can authorize, block, or delete (all or part of) cookies through specific features in your Browser. For more information on how to set preferences on the use of cookies through the Browser, you can consult the relevant instructions:
If you do not use any of the Browsers listed above, select “cookies” in the relevant section of the guide to find out where your cookie folder is located.
You can also manage your choices with respect to third-party cookies using online platforms such as AdChoice or All about cookies.
WARNING: Disabling technical and/or functionality cookies may result in the MailUp platform being unavailable or certain services or features of the MailUp platform not working properly, and you may have to change or manually enter certain information or preferences each time you visit the MailUp platform.
Deleting Flash cookies
Click the link below to change your Flash cookie settings.
Third-party Websites
The MailUp platform contains links to other Websites that have their own privacy policies. These privacy policies may differ from that adopted by TeamSystem, which is therefore not liable for third-party sites.
8. Modifications and updates
We may also change this policy as a result of regulatory changes. We will notify you in advance of any changes in the policy. The updated policy text will be available on the Website at the following address: https://www.teamsystem.com/privacy-policy. You can consult all previous versions of privacy policies at this link: https://www.teamsystem.com/privacy-policy-revs
9. Privacy contacts
For all inquiries regarding this privacy policy, you may contact the Data Controller at the following contact details:
Data Controller: TeamSystem S.p.A. – Via Sandro Pertini, 88 Pesaro – privacy@mailup.com
Remember to include your name, email/postal address, and/or phone number(s) so that your request can be properly handled.
10. Glossary articles cited
Below you can find the articles mentioned in the document with their simplification:
- Art.2 terdieces Privacy Code | Right of access concerning deceased persons
Establishes who has the right to request access to a deceased person’s data and defines all the information that can be shared, along with costs, limits, and exceptions. - Art. 6(1)(f) GDPR | Lawfulness of processing based on legitimate interest
The processing of personal data is lawful if it is necessary for the pursuit of the legitimate interest of the data controller or a third party, provided that this interest is not overridden by the interests or fundamental rights and freedoms of the data subject. - Art. 13 GDPR | Information to be provided to the data subject
Establishes the information that the data controller must provide to the data subject, i.e., the person to whom the data relate, when obtaining his or her data - Art. 14 GDPR | Information to be provided to the data subject
Establishes the information that the data controller must provide to the data subject, that is, the person to whom the data relate, if the data controller has obtained these data from a source other than the data subject. - Art. 21 GDPR | Right to object
The data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of his or her personal data when it is based on the pursuit of a legitimate interest. In the event of an objection, the data controller must refrain from further processing of personal data unless it can demonstrate compelling legitimate grounds that override the interests, rights, and freedoms of the data subject or for the exercise or defense of a legal claim. - Art. 45 GDPR | Transfer on the basis of an adequacy decision
Establishes that personal data can be transferred to foreign states or international organizations if there is an adequate level of data protection, as decided by the European Commission. This article also defines the requirements under which this decision is made. - Art. 46 GDPR | Transfer subject to adequate safeguards
Personal data may be transferred to foreign states or international organizations if the data controller has established certain appropriate safeguards to protect the data. - Art.130 paragraph 4 Italian Law Decree 196/2003 (“Privacy Code”) | Promotional communications without the consent of the data subject.
If the data subject has provided the holder with his or her email address as part of the sale of a service or product, then the holder may send promotional or market research communications to the data subject even without his or her consent. Communications must relate to products or services similar to those sold, and the data subject always has the right to object to these communications.