Privacy Policy

Last Updated: June 7, 2025

1. INTRODUCTION

Dealemailmarketing.com ("Company," "we," "us," or "our") is committed to protecting the privacy and security of personal data. This Privacy Policy ("Policy") explains how we collect, use, disclose, store, and protect personal data when you access our website at dealemailmarketing.com (the "Website") and use our email marketing services (the "Services").

This Policy applies to:

(a) Visitors to our Website;

(b) Clients who create accounts and use our Services ("Clients" or "Users");

(c) Individuals whose personal data is contained in email lists uploaded by our Clients ("Subscribers").

Dealemailmarketing.com is registered in Singapore and operates in compliance with the Personal Data Protection Act 2012 (PDPA) of Singapore. Where applicable, we also adhere to the General Data Protection Regulation (GDPR) for individuals located in the European Economic Area (EEA) and the United Kingdom.

By accessing our Website or using our Services, you acknowledge that you have read and understood this Privacy Policy.

2. DEFINITIONS

"Client Data" means all data, content, email lists, and materials uploaded, submitted, or transmitted by Clients through the Services.

"Data Controller" means the entity that determines the purposes and means of processing personal data. With respect to Client account information, we act as the Data Controller. With respect to Subscriber data, the Client acts as the Data Controller.

"Data Processor" means the entity that processes personal data on behalf of the Data Controller. With respect to Subscriber data contained in Client email lists, we act as the Data Processor.

"Personal Data" means any information that identifies or can be used to identify an individual, directly or indirectly.

"Processing" means any operation performed on personal data, including collection, recording, storage, retrieval, use, disclosure, transmission, and deletion.

"Subscriber" means any individual whose personal data is contained in a Client's email list.

3. DATA CONTROLLER AND DATA PROCESSOR ROLES

3.1 Our Role as Data Controller

We act as the Data Controller for the personal data we collect directly from:

  • Website visitors
  • Clients who create accounts and use our Services
  • Individuals who contact us for inquiries or support

As Data Controller, we determine the purposes and means of processing this personal data and are responsible for compliance with applicable data protection laws.

3.2 Our Role as Data Processor

We act as the Data Processor for personal data contained in email lists and other Client Data uploaded by our Clients. In this capacity:

  • The Client remains the Data Controller for Subscriber data
  • We process Subscriber data only in accordance with Client instructions
  • We implement appropriate technical and organizational security measures
  • We assist Clients in fulfilling their obligations under applicable data protection laws

Clients are solely responsible for ensuring they have obtained valid legal bases (such as consent) for collecting and processing Subscriber data and for providing appropriate privacy notices to their Subscribers.

4. PERSONAL DATA WE COLLECT

4.1 Information You Provide Directly

We collect personal data that you voluntarily provide to us, including:

Account Registration Data:

  • Full name
  • Business name
  • Email address
  • Telephone number
  • Billing address
  • Password (stored in encrypted form)

Payment Information:

  • Payment card details (processed and stored by Stripe; we do not store complete card numbers)
  • Billing history
  • Transaction records

Communication Data:

  • Correspondence via email, contact forms, or support tickets
  • Feedback and survey responses

Service Configuration Data:

  • Campaign preferences
  • Integration settings
  • Third-party tool authorizations

4.2 Information Collected Automatically

When you access our Website or use our Services, we automatically collect certain information, including:

Technical Data:

  • IP address
  • Browser type and version
  • Operating system
  • Device identifiers
  • Screen resolution

Usage Data:

  • Pages visited and features used
  • Time and date of access
  • Referring website addresses
  • Click patterns and navigation paths
  • Session duration

Cookie Data:

  • Information collected through cookies, pixels, and similar tracking technologies (see Section 10)

4.3 Client Data and Subscriber Information

Clients upload email lists and related data to use our Services. This Client Data may include:

  • Subscriber email addresses
  • Subscriber names
  • Demographic information
  • Purchase history
  • Engagement data (opens, clicks, preferences)
  • Custom fields defined by the Client

We process this data solely on behalf of and under the instructions of our Clients. Subscribers with questions about how their data is used should contact the Client (the business that sent them emails) directly.

4.4 Information from Third Parties

We may receive personal data from third-party sources, including:

  • Payment processors (transaction confirmations and fraud detection data)
  • Third-Party Tools integrated with our Services (as authorized by you)
  • Publicly available sources (for business verification purposes)

5. PURPOSES OF PROCESSING

5.1 Personal Data of Clients and Website Visitors

We process your personal data for the following purposes:

Service Delivery:

  • Creating and managing your account
  • Providing access to our email marketing Services
  • Processing and executing email campaigns
  • Delivering customer support and responding to inquiries

Payment Processing:

  • Processing subscription fees and service charges
  • Managing billing and invoicing
  • Detecting and preventing payment fraud

Communication:

  • Sending transactional emails (account confirmations, password resets, service notifications)
  • Providing product updates and service announcements
  • Responding to your requests and inquiries

Service Improvement:

  • Analyzing usage patterns to improve our Services
  • Developing new features and functionalities
  • Conducting internal research and analytics

Legal and Compliance:

  • Complying with applicable laws and regulations
  • Enforcing our Terms and Conditions
  • Protecting our rights, property, and safety
  • Responding to legal requests and preventing fraud

Marketing (with consent):

  • Sending promotional communications about our Services
  • Providing personalized recommendations

5.2 Subscriber Data (Processed on Behalf of Clients)

We process Subscriber data uploaded by Clients solely to:

  • Deliver email campaigns on behalf of Clients
  • Provide list management and segmentation features
  • Generate campaign analytics and performance reports
  • Process unsubscribe requests and bounce management
  • Comply with Client instructions

6. LEGAL BASES FOR PROCESSING

We process personal data based on the following legal grounds:

6.1 Contractual Necessity

We process personal data necessary to perform our contract with you, including providing access to your account and delivering the Services you have requested.

6.2 Legitimate Interests

We process personal data for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. Our legitimate interests include:

  • Operating and improving our Services
  • Ensuring network and information security
  • Preventing fraud and unauthorized access
  • Conducting business analytics
  • Marketing our Services to existing Clients

6.3 Legal Obligations

We process personal data to comply with legal obligations, including tax requirements, anti-money laundering laws, and responses to lawful requests from authorities.

6.4 Consent

Where required by law, we obtain your consent before processing personal data for specific purposes, such as sending marketing communications. You may withdraw consent at any time without affecting the lawfulness of processing performed prior to withdrawal.

7. DATA SHARING AND DISCLOSURE

7.1 Service Providers

We share personal data with trusted third-party service providers who assist us in operating our business and delivering the Services, including:

Payment Processing: Stripe processes all payment transactions on our behalf. Stripe's handling of your payment information is governed by their privacy policy, available at https://stripe.com/privacy.

Third-Party Email Delivery Tools: We integrate with Third-Party Tools selected and approved by Clients to send email campaigns. These tools process Subscriber data under Client instructions and their respective privacy policies.

Cloud Infrastructure Providers: We use cloud hosting services to store and process data securely.

Analytics Providers: We use analytics services to understand Website usage and improve our Services.

All service providers are contractually obligated to protect personal data and process it only for specified purposes.

7.2 Legal Requirements

We may disclose personal data if required to do so by law or in response to valid legal requests, including:

  • Court orders and subpoenas
  • Government or regulatory agency requests
  • Law enforcement inquiries

We will notify you of such requests where legally permitted.

7.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, personal data may be transferred to the acquiring entity. We will provide notice before personal data becomes subject to a different privacy policy.

7.4 Protection of Rights

We may disclose personal data when necessary to:

  • Enforce our Terms and Conditions
  • Protect our rights, property, or safety
  • Protect the rights, property, or safety of our Clients or others
  • Investigate potential violations of our policies

7.5 With Your Consent

We may share personal data with third parties when you have provided explicit consent to such disclosure.

7.6 No Sale of Personal Data

We do not sell, rent, or trade personal data to third parties for their marketing purposes.

8. INTERNATIONAL DATA TRANSFERS

8.1 Cross-Border Transfers

As a Singapore-based company serving international Clients, personal data may be transferred to and processed in countries outside your country of residence. These countries may have data protection laws that differ from those in your jurisdiction.

8.2 Safeguards for Transfers

When transferring personal data internationally, we implement appropriate safeguards, including:

  • Standard Contractual Clauses approved by relevant authorities
  • Data Processing Agreements with service providers
  • Transfers to countries recognized as providing adequate data protection
  • Certification mechanisms where applicable

8.3 EEA and UK Transfers

For transfers of personal data from the European Economic Area (EEA) or United Kingdom, we rely on:

  • Standard Contractual Clauses adopted by the European Commission
  • Adequacy decisions where applicable
  • Other lawful transfer mechanisms recognized under GDPR

9. DATA RETENTION

9.1 Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

Account Data: Retained for the duration of your account and for seven (7) years thereafter to comply with legal and regulatory requirements.

Transaction Records: Retained for seven (7) years to comply with tax and accounting obligations.

Communication Records: Retained for three (3) years from the date of communication.

Usage Data: Retained for two (2) years for analytics and service improvement purposes.

Client Data (including Subscriber information): Retained for the duration of the Client's account. Upon account termination, Client Data is retained for thirty (30) days to allow for data export, after which it is deleted unless retention is required by law or requested by the Client.

9.2 Deletion

When personal data is no longer required, we securely delete or anonymize it in accordance with our data retention and disposal procedures.

9.3 Backup Systems

Residual copies of personal data may remain in backup systems for a limited period. Such data is protected by the same security measures and is permanently deleted according to our backup rotation schedule.

10. COOKIES AND TRACKING TECHNOLOGIES

10.1 Types of Cookies We Use

Our Website uses cookies and similar tracking technologies to enhance your experience. We use the following categories of cookies:

Strictly Necessary Cookies: Essential for Website functionality, including authentication, security, and session management. These cookies cannot be disabled.

Performance Cookies: Collect information about how visitors use our Website, including pages visited, traffic sources, and error messages. This data is aggregated and anonymized.

Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences and settings.

Analytics Cookies: Help us understand Website usage patterns and improve our Services. We may use third-party analytics services that set their own cookies.

10.2 Cookie Management

You can manage cookie preferences through your browser settings. Most browsers allow you to:

  • View cookies stored on your device
  • Delete all or specific cookies
  • Block cookies from specific or all websites
  • Set preferences for first-party and third-party cookies

Please note that disabling certain cookies may affect Website functionality and your ability to use some features of our Services.

10.3 Do Not Track

Our Website does not currently respond to "Do Not Track" browser signals. However, you can manage tracking preferences through cookie settings as described above.

11. DATA SECURITY

11.1 Security Measures

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

Technical Safeguards:

  • Encryption of data in transit using TLS/SSL protocols
  • Encryption of sensitive data at rest
  • Secure password hashing
  • Regular security assessments and vulnerability testing
  • Intrusion detection and prevention systems
  • Access logging and monitoring

Organizational Safeguards:

  • Role-based access controls
  • Employee confidentiality obligations
  • Regular security awareness training
  • Incident response procedures
  • Vendor security assessments

11.2 Payment Security

All payment transactions are processed through Stripe, which is certified as a PCI Level 1 Service Provider, the highest level of payment card industry data security standards.

11.3 No Absolute Security

While we take reasonable measures to protect personal data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security of personal data.

11.4 Security Incident Response

In the event of a personal data breach that poses a risk to your rights and freedoms, we will:

  • Notify affected individuals without undue delay where required by law
  • Notify relevant supervisory authorities within required timeframes
  • Take immediate steps to contain and remediate the breach
  • Document the breach and our response measures

12. YOUR RIGHTS

12.1 Rights Under PDPA (Singapore)

If you are located in Singapore, you have the following rights under the Personal Data Protection Act 2012:

Right of Access: You may request access to your personal data held by us and information about how it has been used or disclosed within the past year.

Right to Correction: You may request correction of any personal data that is inaccurate or incomplete.

Right to Withdraw Consent: You may withdraw consent for the collection, use, or disclosure of your personal data at any time, subject to legal and contractual restrictions.

12.2 Rights Under GDPR (EEA and UK)

If you are located in the European Economic Area or United Kingdom, you have the following additional rights under the General Data Protection Regulation:

Right of Access: You may request confirmation of whether we process your personal data and obtain a copy of such data.

Right to Rectification: You may request correction of inaccurate personal data or completion of incomplete data.

Right to Erasure: You may request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes collected.

Right to Restriction: You may request restriction of processing in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability: You may request to receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.

Right to Object: You may object to processing based on legitimate interests, direct marketing, or processing for research or statistical purposes.

Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time.

Right to Lodge a Complaint: You may lodge a complaint with a supervisory authority in your country of residence.

12.3 Rights for Subscribers

Subscribers whose personal data is contained in Client email lists should direct requests regarding their data to the Client (the business that sent them emails). Clients are the Data Controllers for Subscriber data and are responsible for responding to such requests.

We will assist Clients in fulfilling Subscriber requests as required by our Data Processor obligations.

12.4 Exercising Your Rights

To exercise any of your rights, please contact us at:

Email: [email protected]

We will respond to your request within the timeframes required by applicable law:

  • PDPA: Within thirty (30) days of receiving your request
  • GDPR: Within one (1) month of receiving your request (extendable by two additional months for complex requests)

We may request verification of your identity before processing your request to protect against unauthorized access.

12.5 Fees

We generally do not charge fees for exercising your rights. However, we may charge a reasonable fee for manifestly unfounded or excessive requests, particularly repetitive requests, as permitted by applicable law.

13. MARKETING COMMUNICATIONS

13.1 Promotional Communications

With your consent, we may send you promotional communications about our Services, new features, special offers, and industry insights.

13.2 Opting Out

You may opt out of receiving marketing communications at any time by:

  • Clicking the "unsubscribe" link in any promotional email
  • Updating your communication preferences in your account settings
  • Contacting us at [email protected]

Please note that even if you opt out of marketing communications, we will continue to send you transactional and service-related messages necessary for the operation of your account.

13.3 Third-Party Marketing

We do not share your personal data with third parties for their direct marketing purposes without your explicit consent.

14. CHILDREN'S PRIVACY

Our Services are not directed to individuals under the age of eighteen (18) years. We do not knowingly collect personal data from children.

If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete such information promptly.

If you believe we have collected personal data from a child, please contact us immediately at [email protected].

15. THIRD-PARTY LINKS AND SERVICES

15.1 External Links

Our Website and Services may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to those third-party services.

We encourage you to review the privacy policies of any third-party services you access through our Website.

15.2 Third-Party Tools

Our Services integrate with Third-Party Tools selected by Clients for email delivery and related functions. The use of these Third-Party Tools is governed by their respective privacy policies and terms of service.

Clients are responsible for reviewing and accepting the privacy practices of Third-Party Tools they choose to integrate with our Services.

15.3 Disclaimer

We are not responsible for the privacy practices, content, or security of third-party websites or services.

16. CLIENT RESPONSIBILITIES

16.1 Subscriber Consent

Clients are solely responsible for:

  • Obtaining valid and documented consent from Subscribers before uploading their personal data to our Services
  • Providing appropriate privacy notices to Subscribers
  • Responding to Subscriber requests regarding their personal data
  • Ensuring their email marketing practices comply with applicable laws

16.2 Compliance

Clients must comply with all applicable data protection laws, including:

  • Personal Data Protection Act 2012 (Singapore)
  • General Data Protection Regulation (EU/UK)
  • CAN-SPAM Act (United States)
  • Canada's Anti-Spam Legislation (CASL)
  • Any other applicable anti-spam and data protection laws

16.3 Indemnification

Clients agree to indemnify us against any claims, damages, or liabilities arising from their failure to comply with data protection obligations regarding Subscriber data.

17. DATA PROCESSING AGREEMENT

17.1 Availability

For Clients who require a formal Data Processing Agreement (DPA) to comply with GDPR or other data protection regulations, we offer a DPA upon request.

17.2 Request

To request a Data Processing Agreement, please contact us at [email protected].

18. CHANGES TO THIS PRIVACY POLICY

18.1 Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

18.2 Notification

We will notify you of material changes by:

  • Posting the updated Policy on our Website with a revised "Last Updated" date
  • Sending notice to the email address associated with your account (for material changes)
  • Displaying a prominent notice on our Website

18.3 Review

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

18.4 Continued Use

Your continued use of the Website or Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

19. CONTACT INFORMATION

If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us at:

Email: [email protected]

Website: dealemailmarketing.com

Data Protection Inquiries: For data protection-specific inquiries or to exercise your rights under applicable data protection laws, please email [email protected] with the subject line "Data Protection Inquiry."

We will respond to all inquiries within a reasonable timeframe and in accordance with applicable legal requirements.

 

BY USING OUR WEBSITE OR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.