Online Privacy and Data Protection Policy
Last Update: 1/23/2019
MassTransit takes seriously the privacy of individuals who use our website and our online services. We also understand that our customers, who use us to provide industry-leading mobile marketing management, trust us with information about their customers and potential customers, and we honor that trust.
What information does this privacy policy cover?
This privacy policy covers information collected from visitors to any MassTransit website, including www.masstransit.systems, any MassTransit internet accessed portals and individuals using any MassTransit online services, including platforms and APIs (collectively, “visitors”). This policy does not cover information that may be collected when visitors view or use a website or online service operated by a third party. It also does not cover information collected by MassTransit through means other than visitors’ use of MassTransit websites and online services.
What information does MassTransit collect through its websites and online services?
MassTransit gathers several types of information from visitors. It may gather “personal information,” which is information that identifies visitors or can reasonably be linked to a visitor. Examples of personal information include the name, username, address, email address, telephone number, and IP address of a visitor. Some of this information, such as IP address, is gathered automatically when a visitor uses a MassTransit website or online service. A visitor may also voluntarily submit personal information through an online contact form, client log-in, and elsewhere on a MassTransit website or in MassTransit online services. MassTransit does not gather biometric information from visitors.
MassTransit may also gather “non-personal information” about visitors, which is information that cannot reasonably be linked to you.
MassTransit may also gather “customer-provided information,” or information that customers provide to MassTransit about third parties, through a MassTransit website or online service. For example, a MassTransit customer may provide MassTransit with information about individuals who have signed up to receive text messages from the MassTransit customer by entering that information into platforms operated by MassTransit.
Can third parties collect information through MassTransit websites?
Yes. Third-party companies that offer website analytics, application monitoring, and communications-management tools to MassTransit may gather personal and non-personal information from visitors, including by using cookies. These companies may use information collected from visitors over time and across third-party websites and online services. For more information, see our Cookie Policy.
How does MassTransit use personal information?
MassTransit may use personal information to provide and manage any services requested by a visitor; respond to visitor inquiries; contact visitors with offers and information about MassTransit services and services offered by our partners; understand visitors’ business needs; improve MassTransit products, services, and marketing efforts; respond to an emergency; and protect the legal rights of MassTransit or any third party.
How does MassTransit use customer-provided information?
MassTransit uses customer-provided information to provide mobile marketing management services to its clients. From time to time, MassTransit may also access customer-provided information to respond to client inquiries, to analyze and improve MassTransit products and services, for system maintenance, for administrative purposes, in the event of an emergency requiring the use of customer-provided information, and to protect the legal rights of MassTransit or any third party. MassTransit may otherwise use customer-provided information as directed by the customer who provides the relevant information.
How does MassTransit use non-personal information?
MassTransit uses non-personal information for a variety of purposes. For example, it may use anonymous non-personal information to improve its website, understand its visitors’ business needs, and administer its websites and online services. MassTransit reserves the right to use non-personal information for any lawful purpose.
Does MassTransit share personal information with third parties?
MassTransit may share personal information with third parties as follows:
-
with MassTransit affiliates, subsidiaries, contractors, and agents, subject to their agreement to follow this policy,
-
as required by law, such as to comply with a subpoena, warrant, or similar legal process,
-
when MassTransit believes in good faith that such disclosure is necessary to protect its legal rights,
-
in an emergency where MassTransit believes that such disclosure is necessary to protect public or individual safety,
-
where necessary to investigate fraud or respond to a government request, and
-
to a successor in interest if MassTransit is involved in a merger, acquisition, or sale of all or a portion of assets.
Does MassTransit share customer-provided information with third parties?
MassTransit does not sell customer-provided information to third parties. However, MassTransit may share customer-provided information with third parties as follows:
-
at the request of the customer who provided the information to MassTransit,
-
when such disclosure is necessary to fulfill client requests, fulfill MassTransit contractual obligations to a client, or maintain or administer MassTransit systems,
-
as required by law, such as to comply with a subpoena, warrant, or similar legal process,
-
when MassTransit believes in good faith that such disclosure is necessary to protect its legal rights,
-
in an emergency where MassTransit believes that such disclosure is necessary to protect public or individual safety,
-
where necessary to investigate fraud or respond to a government request, and
-
to a successor in interest if MassTransit is involved in a merger, acquisition, or sale of all or a portion of assets.
MassTransit does not share customer-provided information with third parties for third parties’ direct marketing purposes.
Does MassTransit share non-personal information with third parties?
MassTransit may share non-personal information for a variety of purposes. For example, it may share anonymous non-personal information with its partners to improve the MassTransit website, understand its visitors’ business needs, and administer MassTransit websites and online services. MassTransit reserves the right to disclose non-personal information to third parties in any manner allowed by law.
What rights do visitors have with respect to personal information in MassTransit’ possession?
Some visitors may have the right to:
-
request information about processing of your personal information
-
object to or withdraw consent for the continued processing of personal information
-
request erasure or correction of personal information
-
request that MassTransit provide personal information in a portable form.
Visitors should contact dpo@masstransit.systems with any such request.
Note that individuals who receive mobile messages from a MassTransit client should contact the MassTransit client directly with any request for information about processing, objections, withdrawal of consent, erasure, correction, or data portability.
Are children welcome to use MassTransit websites or online services?
MassTransit websites and online services may not be used by children under the age of 16. We do not knowingly collect information from children under the age of 16 through our website or online services. If a parent or guardian becomes aware that his or her child has provided us with personal information through our website or online services, please contact us at hello@masstransit.systems. We will remove such personal information from our files within a reasonable time.
What steps does MassTransit take to protect personal and customer-provided information?
MassTransit implements and continually updates reasonable physical, technical, and organizational measures designed to secure personal and customer-provided information from unauthorized access, use, alteration, or disclosure and from accidental loss or corruption. MassTransit uses reasonable security measures on all of its websites and online services, as well as on the servers, equipment, and MassTransit-run networks used to store and process personal and customer-provided information. It also maintains internal policies and practices designed to promote information security. However, no security system can guarantee absolute security. Should MassTransit discover a breach involving visitors’ personal information, it will notify affected visitors as required by law.
How will visitors be notified of changes to this policy?
The most up-to-date version will be accessible through our website. If we make changes that may result in personal information being processed in a manner not covered by this version of our privacy and data protection policy, we will alert visitors and other affected individuals in a reasonably prominent manner before changes go into effect.
How does this privacy policy relate to a MassTransit service contract?
If you have purchased services from MassTransit, this policy should be read in conjunction with your service contract (including any data protection addenda). In the event of any direct conflict between this policy and your service contract with MassTransit, the service contract governs.
How can visitors ask a question or make a complaint?
The best way to get in touch is via email. Visitors with general questions about MassTransit can email hello@masstransit.systems. Visitors with questions or complaints about MassTransit privacy and data protection policies and practices can email dpo@masstransit.systems.
Individuals located in the European Union, Switzerland, or the United Kingdom have a right to lodge a complaint about MassTransit data protection policies or practices with the data protection supervisory authority in their country of habitual residence. Contact information for EU data protection authorities is located here. Individuals located in other nations may have similar rights to lodge a complaint with their own local authorities.
Data Storage and Retention
Visitors’ personal data and customer-provided personal data are stored on our systems and servers, which are located both in the United States and in the European Union. We will retain this data for the period necessary to fulfill the purposes that have been stated in this Privacy Statement, except if a longer retention period is required or permitted by law. Factors which will determine our retention period, include, but are not limited to the following criteria:
-
The length of an ongoing relationship with us.
-
If there is a legal obligation to retain personal data. For example, government regulations may require certain records such as financial transactions to be held for a minimum period of time.
-
Whether retention promotes a legitimate business purpose or legal interest, such as responding to regulator requests, engaging in dispute resolution, or preserving records in response to or anticipation of litigation.
If the person to whom the data relates has requested that MassTransit delete the data. Note, however, that MassTransit evaluates such requests for deletion on a case-by-case basis.