Privacy Policy

Effective Date: 04/01/2023

This Privacy Policy explains how Viinem LLC ("Viinem," "we," "us," or "our") collects, uses, discloses, and protects information in connection with the Viinem software-as-a-service platform, including the Notify Us communication management system, APIs, admin dashboard, client portal, billing features, SMS services, email services, reports, documentation, and related services (collectively, the "Service").

1. Scope

This Privacy Policy applies to information we collect when:

Customers use the Service.
Customer users log in to the client portal.
Viinem employees use the admin dashboard.
Customers configure SMS, email, API, billing, and subscription features.
Customers or their systems send SMS or email communications through the Service.
Visitors or Customers contact us for support, sales, billing, or Enterprise plan inquiries.

This Privacy Policy does not apply to third-party websites, applications, services, or platforms that we do not control.

2. Our Role

Depending on the context, we may act as:

A controller or business for account, billing, support, sales, payment, website, and administrative data.
A processor or service provider for Customer Content processed on behalf of Customers, including recipient data and message content submitted by Customers through the Service.

Customers are responsible for providing any legally required notices and obtaining any required consents from their End Users before using the Service to send SMS messages, emails, or other communications.

3. Information We Collect

Account and Profile Information

We may collect:

Business name.
Business alias.
Contact name.
Contact email.
Contact phone number.
Billing name.
Billing email.
Billing phone number.
Billing address.
Tax ID or tax-related information where applicable.
User role and account status.

Login and Credential Information

We may collect or process:

Email addresses.
Password hashes.
Login timestamps.
Credential creation and revocation records.

We do not intentionally store plain-text API secrets after initial creation, and client API secrets should only be shown once.

SMS and Email Service Data

When Customers use the Service, we may process:

Recipient phone numbers.
Recipient email addresses.
Sender phone numbers.
Sender email aliases.
Email subjects.
Message body previews.
Message content submitted for sending.
Provider message IDs.
Delivery or test status.
Failed delivery reasons.
Message timestamps.

Usage and Billing Data

We may collect:

Plan name and tier.
Subscription status.
Billing interval.
Usage quantities.
Rates.
Total cost.
Daily and monthly limits.
Overage rates.
Invoice metadata.
Payment processor customer IDs.
Payment processor subscription IDs.
Payment processor event IDs.
Hosted invoice links, where available.

Payment Information

We use third-party payment processors, such as Stripe, to process payments. We do not intentionally store full payment card numbers, CVC codes, or bank account credentials on our servers.

Payment processors may collect payment method details, billing details, fraud signals, transaction data, and related information under their own terms and privacy policies.

Support, Sales, and Enterprise Inquiry Information

We may collect:

Names.
Email addresses.
Phone numbers.
Company details.
Messages submitted through support, sales, or Enterprise inquiry workflows.
Notes related to support or sales interactions.

Technical and Log Information

We may collect:

IP address.
Device and browser information.
Request timestamps.
URLs and routes accessed.
Error logs.
Security logs.
Audit logs.
API usage logs.

Cookies and Similar Technologies

The Service may use browser storage, cookies, or similar technologies for login sessions, security, preferences, and application functionality.

4. How We Use Information

We use information to:

Provide, operate, maintain, and secure the Service.
Authenticate users and manage sessions.
Create and manage client accounts.
Send SMS and email communications requested by Customers.
Assign and manage phone numbers, email aliases, API keys, and service access.
Track usage, limits, billing, subscriptions, and invoices.
Process payments and manage subscriptions through payment processors.
Provide customer support.
Respond to sales and Enterprise inquiries.
Monitor, debug, improve, and develop the Service.
Detect, prevent, and investigate fraud, abuse, security incidents, spam, and illegal activity.
Enforce our Terms and policies.
Comply with legal, regulatory, provider, carrier, tax, accounting, and payment obligations.

5. How We Disclose Information

We may disclose information to:

Service Providers and Subprocessors

We may use vendors and service providers to host, process, secure, support, and deliver the Service. These may include:

Cloud hosting providers.
Database providers.
SMS providers such as Twilio.
Email providers such as AWS SES, Zoho, or any other SMTP providers.
Payment processors such as Stripe, PayPal, or other payment processing services.
Logging, monitoring, security, and support providers.

Payment Processors

Payment data may be disclosed to payment processors to process transactions, manage subscriptions, prevent fraud, handle disputes, issue invoices, and comply with financial obligations.

Communications Providers

SMS and email-related data may be disclosed to SMS providers, email providers, carriers, mailbox providers, and related infrastructure providers as needed to send, route, deliver, filter, troubleshoot, or report on communications.

Legal, Safety, and Compliance

We may disclose information if we believe it is necessary to:

Comply with law, legal process, court orders, subpoenas, or government requests.
Enforce our Terms.
Protect rights, privacy, safety, security, or property.
Investigate fraud, abuse, spam, security incidents, or unlawful activity.
Comply with provider, carrier, or payment processor requirements.

Business Transfers

We may disclose or transfer information in connection with a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar business transaction.

With Customer Direction

We may disclose information when a Customer directs us to do so, including through integrations, APIs, exports, reports, and account configurations.

6. Customer Responsibilities for End User Data

Customers are responsible for:

Providing privacy notices to End Users where required.
Obtaining required consent for SMS, email, and other communications.
Maintaining opt-out and unsubscribe processes.
Ensuring message content and recipient lists are lawful.
Responding to End User privacy requests when Customer controls the relevant data.

If we receive a request from an End User about data controlled by a Customer, we may direct the End User to the Customer or assist the Customer as required by applicable agreement or law.

7. Data Retention

We retain information for as long as reasonably necessary to:

Provide the Service.
Maintain accounts and subscriptions.
Keep usage, billing, invoice, message, and audit records.
Comply with legal, tax, accounting, carrier, provider, and payment obligations.
Resolve disputes.
Enforce agreements.
Protect against fraud, abuse, and security threats.

Retention periods may vary by data type, Customer configuration, legal requirements, and operational needs.

8. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information. These may include credential hashing, access controls, audit logs, provider security controls, and operational monitoring.

No system is perfectly secure. Customers are responsible for securing their own accounts, API credentials, devices, networks, integrations, and authorized users.

9. International Data Transfers

We and our service providers may process information in the United States and other countries. Data protection laws in these countries may differ from the laws where you are located.

Where required, Customers and Viinem should enter into appropriate data processing terms or transfer mechanisms.

10. Privacy Rights

Depending on your location and relationship with us, you may have rights to:

Access personal information.
Correct personal information.
Delete personal information.
Object to or restrict certain processing.
Request portability.
Withdraw consent where processing is based on consent.
Opt out of certain sales, sharing, or targeted advertising if applicable.

To exercise rights, contact us using the information below. We may need to verify your identity and authority before responding.

If your request relates to data controlled by one of our Customers, we may refer your request to that Customer.

11. Marketing Communications

If we send marketing emails, you may opt out by following the unsubscribe instructions in those emails or contacting us. Even if you opt out of marketing communications, we may still send transactional, administrative, billing, security, and service-related messages.

12. SMS Communications

If we or a Customer sends SMS communications, message frequency, consent, opt-out, and carrier charges may depend on the specific program and Customer use case. End Users should follow opt-out instructions provided in the message or contact the relevant Customer.

13. Children's Privacy

The Service is not intended for children under 13 years old, and we do not knowingly collect personal information from children under 13. Customers must not use the Service to knowingly collect or process children's personal information unless they have all required legal authority and consent.

14. Third-Party Links and Services

The Service may link to or integrate with third-party services. We are not responsible for the privacy practices of third parties. You should review their privacy policies and terms.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will update the effective date when changes are made. Continued use of the Service after changes become effective means you acknowledge the updated Privacy Policy.

16. Contact

Viinem LLC
[email protected]
+1 (908) 529-6733