1. Websites and Operators of the Websites

1.1. The FLYING BITS LLC (hereinafter named “MESSENGEROS”) company develops and operates an E-mail marketing and SMS marketing platform or website – https://messengeros.com/ – hereinafter called “Data Controller offering intermediary services between the client’s company platform and messaging infrastructure companies in order to send e-mail & SMS marketing communications.

The Data Controller is MESSENGEROS owned by FLYING BITS LLC, duly registered according to the Romanian and European Union legislation, located in Bucharest, Romania, 4th Bozieni Street, Building 834, Ap. 65, 6th district, having the Fiscal Identification Number 18593164 and the National Trade Registry number J40/6414/17042006.

In this document, the term “platform” shall mean and refer the up-mentioned website and includes the email4platforms.com domain and the website’s subdomains or related domains and also includes the social platforms company pages.

1.2. Your legal relationship is with MESSENGEROS entity which operates the platform you are using and/or through which you conclude an online transaction, unless specifically stated otherwise elsewhere.

1.3. MESSENGEROS reserves the right to assign in the future the operation of the platform, partially of totally, to any other future registered company. Such change of operator will be reflected in our Terms of Service.

1.4. FLYING BITS LLC, and if the case, any of its affiliates, are individually and collectively referred to as “MESSENGEROS”. In case of doubt, the term “MESSENGEROS” or “we” refers to the operator of the website you are using.

1.5. FLYING BITS LLC is responsible (Data Controller) for the processing activities that involve your personal data according to the contractual relationship enclosed by you with MESSENGEROS.

2. Subject and Acceptance of Privacy Policy

2.1. This privacy policy, as amended from time to time (“Privacy Policy”) and our Terms of Service, all referenced below, sets out the basis on which any data, including personal data, we collect from you or which you provide to us, will be processed. Please read this Privacy Policy carefully. If you do not agree with it, please do not continue to use the platform, and do not provide us any personal data. By using the platform, you are deemed to have accepted our Terms of Service and Privacy Policy. Prior to providing us with personal data (including your e-mail address) through our website you will be specifically asked to accept our Privacy Policy and confirm you are a legal entity as we provide B2B (business to business) services only. By accepting our Privacy Policy, you acknowledge that we may collect and process any data you make available as described herein.

2.2. This Privacy Policy is applicable to legal persons (companies and other legal entities) only.   

2.3. We reserve the right to make changes at any time to our Privacy Policy by posting the changed terms on our website without any other notice, unless our changes significantly affect your legal status in relation to us (availability of the Plan you purchase, pricing changes, changes of our key partners, reimbursement of any amount, account restrictions or limitation of use we might impose in certain conditions, etc.). Significant changes will additionally be communicated in an adequate manner. Please ensure that you review the Privacy Policy regularly as by your access or use of the platform. After any changed Privacy Policy has been posted you will be deemed to have accepted the Privacy Policy in the version published on our platform at the time of your respective visit.

3. Cookies

3.1. The services of the MESSENGEROS platform use cookies as described below:

3.2. Information about Cookies, web analysis and social media

3.2.1. Use of cookies

Cookies are small text files or codes that contain information units. These text files are stored on your hard drive or in the memory of your browser when you visit our website. Thanks to cookies, the content of our website can be more easily built up and devices used to access our platform can be recognized. We use cookies to gain a better understanding of how applications and websites work and to analyze and optimize the user experience when using our website.

3.2.2. Cookie Categories

We reduced the cookie usage to the minimum. We primarily use business necessary cookies like Cookiebot cookies consent cookie, functional cookies, third-party Google Analytics 4 cookies or similar technologies from the beforementioned categories.

3.2.3. Business-necessary cookies

These files are necessary so that you can use our App or website as intended and all functions are available to you. Without these cookies, the requested services cannot be provided. These cookies might collect certain information about you and/or your device in order to deliver the services you want to access. Absolutely necessary cookies cannot be deactivated via our website. 

3.2.4. Functional cookies

These cookies are necessary for certain applications or functions of the website so that they can work properly. These can be cookies, for example, which save the settings made, such as the language setting of a visitor, or – with your prior consent – pre-filled forms. Moreover, for example, to consent to our cookie policy, a cookie will be installed on your device that allows us to remember your option next time you access our services.

Storage duration: In case of a session cookie the storage period is settled for the duration of that session or, in case of your prior consent, until you revoke your consent.

3.2.5. Google Analytics 4 cookies

Google Analytics 4 (GA4) is the latest Google analytics service that allows us to measure traffic and user’s engagement with our website. GA4 is more focused on data privacy and provides updated features which helps us as users to comply more easily with privacy data laws as more privacy features and controls are introduced.

You should recognize the Google Analytics 4 cookies by the following distinct information:

 

Name of cookie

Description of purpose

Duration of use

 

_ga

Used to distinguish users – persistent cookie.

2 years

_ga_6HZSPS6QTR

Used to sustain the current session – persistent cookie.

2 years

_gcl_au

Google Adsense cookie used to store and track website conversions, respectively what the user viewed on the website – persistent cookie.

90 days

_gid

Google Analytics service cookies used to store and count pageviews.

24 hours

 

The legal basis for the use of these services in the EU is Art. 6 paragraph 1 sentence 1 letter f from the GDPR – legitimate interest. You can object to the collection of your data use of cookies of similar technologies by contacting us via e-mail directly using our Contact form.

3.2.6 How long are cookies stored on my device?

The length of time a cookie remains on your device depends on whether it is a session based cookie, a persistent cookie or a third-party cookie. Session cookies only remain on your device until you browser session is ended. Persistent cookies remain stored on your end device, even after you have ended a browser session, until the pre-set duration of the cookie has expired or it is deleted. Third-party cookies have a lifespan which is settled by our web service partners.  

3.3. Social media

3.3.1.  Social media plugins

We have embedded content from external providers such as LinkedIn on our website to link you to MESSENGEROS social media pages. At the time we connected the platform to such external providers, no legal violations were recognizable to us. If we become aware of such an infringement, we will remove the link immediately and/or temporarily limit or restrict access to a specific service in connection to a third-party web service provider. In order to be able to recommend and share LinkedIn content and/or other social media platform content we may use in the future, appropriate links are and/or will be integrated into the platform.

These links only transfer data to external providers or other third parties when you, as a user, press the corresponding button. We have prevented the immediate transfer of data to external providers or other third parties when you simply visit our website. 

When you log into MESSENGEROS platform on a device through your LinkedIn account (profile), the device is associated with your LinkedIn profile.

3.3.2. Promotional events on social media

Insofar as personal data is collected from end-consumers in the context of a promotion event (campaign) you organized on your website or your social media pages, any data you make available to us is collected, processed, and used exclusively for the purpose of carrying out the services of the contract you enclose with us.

We will apply retention terms according to the Retention chapter below. At your specific request, we may delete or anonymize collected and processed data after the Post-storage Limitation Period (6 months after the termination of the contract) or the statutory limitation period in certain conditions (i.e. usually after three years has elapsed in case of a litigation or a specific court order). This also applies to any communication we may exchange with you via our social media accounts.

4. Terms of Service

You find the Terms of Service referred to above under the following link: https://messengeros.com/terms-and-conditions/.  

5. General provisions

5.1. We undertake that the data we receive and/or collect from you is processed in accordance with the applicable law (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation hereinafter named “GDPR”) and only for the purposes stated in this Privacy Policy.

We also take into consideration that any national (local) legislation of our clients may complete or clarify the data protection and data security provisions applicable to each of the countries in which the MESSENGEROS website is available. We comply with such applicable legislations.

5.2. Provision of any personal data is voluntary. However, without providing us certain data you may not be able to receive the full range of our services.

5.3. When you provide us with personal data and/or contact information you allow us to contact you for the purpose for which you have provided us such personal data or contact information as further described in this Privacy Policy. The main medium we will communicate with you is via the platform by means of our integrated services like chats, information messages we send to your profile. However, we may contact you also by e-mail and we may include short messages (SMS) via phone, especially for security authentication requests and confirmations and last but not least, for push notifications.

5.4. We do not entrust, sell, rent, license, transfer etc. any database containing personal data of our clients’ users, except for the specific purposes set out in this Privacy Policy.

6. Your data which we may collect or process

6.1. We collect and process the following data about you or about another person on behalf of which you choose to use our platform, subject to your right to revoke your consent or request deregistration, as further set out in the respective section of this Privacy Policy:

Data from our Clients’ representatives (legal persons): name, surname, company e-mail, company phone number, signatures:

  • information you provide to us before we conclude a contract or following the purchase of a plan-option;
  • information which you provide to us by filling in forms on our website or by posting material on our website or on our social media pages;
  • details of transactions you carry out with us following your plan-option purchase;
  • promotional or advertisement information you may receive from us in connection to our contractual relationship.

Data from data subjects (natural persons): telephone and e-mail as well as other personal data and information transferred by our Client (the principal data collector):

  • information provided when SMS or E-mail based communications need to be sent to end consumers, participants to various campaigns organised or hosted by the Client;
  • other marketing related data like administrative or operational based information the end consumer needs to be informed about via e-mail or phone in connection to specific campaigns or events;
  • information which our Client provides when it is contacting us by any means of communication;
  • information provided if our Client decides to send SMS or e-mails to end-consumers in order to participate and complete surveys our Client may propose.

6.2. Other data: In case we additionally collect and process other data in the future we will provide detailed information about our data processing activities in this Privacy Policy.

7. Purpose of processing your data and legal basis for processing  

7.1. We may use data held about you for the following purposes:

  • carry out our obligations arising from our service contracts;
  • protecting our Clients’ rights and interests and also our rights and interests;
  • complying with the ongoing privacy regulations;
  • offering our marketing related services;
  • detection of potential malicious behavior (fraud, phishing, spam, etc.);
  • ensure that content of our website is constantly updated and relevant;
  • making analysis and statistical research in order to constantly improve our business and to provide various reports and statistics to our Clients;
  • provide you with information, products or services that you request from us and innovate new solutions in connection with our commercial activity;
  • send you notifications, including regarding changes to our set of policies.

We process data, as described above, in the context of your use of the website. This includes the categories, (i) visiting the Website, (ii) integration of MESSENGEROS with our Clients’ platform API.

As a data processor, we also process data for our customers who use our services. The controller/customer is solely responsible for assessing the permissibility of the processing in accordance with the below mentioned legal basis and for safeguarding the rights of the data subjects in accordance with Articles 12 to 22 GDPR.

7.2. Legal basis

7.2.1. We rely our data protection process considering the above-mentioned purposes and scope, based on three legal grounds:

7.2.1.1. Your consent, according to article 6 align. 1, letter a) from the GDPR. Consent will be requested from you within the App, whenever certain processing activities of your personal data cannot be processed based on other legal grounds and/or consent is mandatory according to the law.

7.2.1.2. Legal requirement, according to article 6 align. 1, letter b) from the GDPR, when the processing activity is necessary for a legal obligation and other statutory provisions, such as national or European civil, commercial, online communication standards, information security laws, accounting related purposes, financial reporting or for the purpose of auditing.   

7.2.1.3. Performance of a contract, according to article 6 align. 1 letter b) from the GDPR, if the processing is necessary for the conclusion or the execution of a contract to which the data subject (end–user) is part of or to enter or perform a contract with the data subject. The Present Privacy Policy and Terms of Service represents the contract you virtually enclose with MESSENGEROS.

7.2.1.4. Legitimate interest according to article 6 align 1, letter f) from the GDPR, if the processing is necessary to protect the legitimate interest of our company according with the services rendered but only if the processing activity is mandatory for the function of our company and if the processing activity does not outweigh any risks to the rights and freedoms of our users.

7.2.2. We take no responsibility for the obligation our Client has according to the General Data Protection Regulation, or other similar applicable rules in direct relation to the end consumer. MESSENGEROS is an service intermediary and does not process personal data directly, but only if MESSENGEROS Client transfers such data for marketing, administrative and operational communication purposes only. 

8. Newsletters, messages and alerts

We may send commercial communications to our Clients to present our newest services, our innovations and how have improved our response to our Clients’ needs and we may develop at our Client’s request, newsletters or similar commercial communications in direct connection with data subjects we may interact with during our brand marketing services.  

9. Location of data storage and processing

9.1. The data that we collect from you may be processed in Romania where MESSENGEROS resides and is being transferred to, and/or stored at a location inside the European Economic Area (“EEA”), respectively in Frankfurt, Germany, were infrastructure companies have their servers.

9.2. Disclosure of your data in relation to various partners located outside the EEA may be necessary in order for us to make our products and services available to you, whenever we work for example with companies located in the United States of America according with the Standard Contractual Clauses, although, most of these companies have operational headquarters registered at European Union level in Ireland, Germany or Holland. The retention period of these personal data is established in relation to the duration of the partnership we have with our partners or by our partners according to the Privacy Policy available on their website. A link to the Privacy Policy of our partners is made available upon request, in order to make sure we provide an updated list at all times. If you restrict by means of a request sent to us or oppose to such processing activity, we will act according to the GDPR on each case basis.

9.3. In case the data we collect from you may also be processed and stored in the future at a location outside the European Economic Area (EEA), subject to us having taken all required steps by the applicable law of the EU, the EEA member states relating to the transfer of personal data abroad, we will notify you providing the necessary information, or you can write to us. Such steps may include but are not limited to compliance with the New published Standard Contractual Clauses and the Supplementary Measures recommended by the European Data Protection Board for transfers in the United States (or other non-adequate countries for data transfers outside of the EU) if such agreements can be enforced into all agreements relevant for or relating to the transfer of data outside the EU or the EEA countries.

9.4. The data that we collect from you may be processed by staff who works for us, by our affiliates, or by one of our affiliates’ third-party service providers. Such staff may be engaged in, among other things, the operation or maintenance of the App, the fulfilment of a contract or the provision of support services.

9.5. We may further disclose your data to third parties and subject to the provisions of the applicable law:

  • in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets and we will notify you before such data is actually being shared;
  • if we are under a duty to disclose or share information in order to comply with any legal, regulatory or court order;
  • to enforce or apply our Terms of Service and other agreements or to protect the rights, property or safety of our customers, professional partners or other interested parties, or
  • as otherwise provided in this Privacy Policy.

9.6. We may share non-personal information that is aggregated or de-identified so that it cannot reasonably be used to identify an individual. We may disclose such information publicly and to third parties, for example, in public reports about exercise and activity, to partners under agreement with us, or as part of the community benchmarking information we provide to users of our option-plan services.

9.7. If we are involved in a merger, acquisition, or sale of assets, we will continue to take measures to protect the confidentiality of personal information and give affected users notice before transferring any personal information to a new entity.

10. Links to or from other websites

Our platform may, from time to time, contain links to and from third party websites, for example, advertisers, payment service providers (if the case) or social media platforms such as, for example, LinkedIn. If you follow a link to any of these websites, please note that these providers have their own privacy policies, and we recommend that you read these terms. Please check those policies before you submit any data to those websites.

11. Complaints or other requests

Please address your request in writing (e-mail or signed and dated letter) using our Contact form, before you address to the competent Supervisory Authorities as we will try to solve any issue with undue delay.

12. Data Retention

12.1. Considering that MESSENGEROS acts as a Data Processor, we store personal data and other confidential information received from our Client, for as long as the contract signed with our Client is ongoing and until the latter orders us to delete, return or otherwise anonymize any data that we have received.

12.2. Our Client may request deregistration and deletion from our platform of any information we process in relation to the specific Contract we have with that Client at any time and at no charge, by contacting us in writing (e-mail is sufficient) using our Contact form. Such revocation of consent will not apply to existing transactions between us and/or to any previous commercial relation we had.

12.3. We therefore apply all retention terms of our Client if we are specifically instructed to do so. In case our Client does not provide such instructions, we rely any data processing on our internal retention policy. 

12.4. We may, in any case, keep the data for as long as we are required by applicable law or by our internal retention terms, including company law or tax law or otherwise, to keep transaction related information. We may hold on to some of your personal data for longer (typically for a period from six years to ten years) if reasonably needed for legal, regulatory or tax reasons, deal with disputes, prevent fraud or abuse and/or enforce our Terms of Service.

12.5. We store any information linked to your option-plan for a 6 (six) months period after the Contract is terminated for either reason – except for fraud, data theft, cyberattack – in case our Client requests such service and may opt to return to a contractual relation with MESSENGEROS during this term or may opt to pay for the storage of such data but limited to the 6 months term only. After the 6 months term is due, we will delete all data we have in store, except for financial and legal information linked to our past transactions.

12.6. Deletion of all information will be made after you send your request or after you delete such information directly from your account, in maximum 30 to 60 days term like data stored in our backup systems.

12.7. In general, personal data is only stored by us to the extent that is absolutely necessary and generally after expiry of the statutory limitation period of three years under civil law or other similar terms according to legislation applicable in different countries (e.g. for customer correspondence) or, in case of invoice-relevant data, after five to ten years depending on the jurisdiction (e.g. after you pay for an option plan) in accordance with the national applicable legislation. A longer retention period only takes place in justified individual cases, for example because of an ongoing civil or administrative dispute or a cybersecurity incident that involves your account information or personal data.

12.8. Inactive accounts: Except from the above-mentioned provision, if you have not interacted with the platform or the Services for more than 12 (twelve) months, we will inactivate your account and automatically delete all information and data related to that specific account within a period of 30 (thirty) days. During this period, you cand request that your account is being activated or you can access our Services and we automatically activate the account. The reason we take such measure is related to the data storage limitation principal from the GDPR.

13. Choice of Law and Jurisdiction

This Privacy Policy and all matters arising or relating to these terms and the purchase contract shall be governed by the laws of Romania and European Union, where MESSENGEROS platform is mainly operating according to our Terms of Service. The courts, mediation and data protection authorities of Romania shall have exclusive jurisdiction to settle any disputes which may arise out of or in connection with these Privacy Policy.

 

Last updated version: July 2023