Messangi Privacy Notice

Last Updated: September 5, 2023 

Contents of this Notice

What can you find there?

How Messangi processes your personal information

Messangi collects personal information such as Customer Account Data directly from you — as a customer or a visitor — when you visit Messangi’s website, request a product, service or access to an event, or when you contact a member of the Messangi team or sign up for a Messangi account to use our products and services. Messangi also indirectly collects the personal information of your end users called Customer Usage Data (e.g., communications metadata) and Customer Content (e.g., communications content).

Data about our customers

We process customer contact details such as your name, email, and phone number directly from you when you make a request, contact a member of our team, or sign-up for a Messangi account. Read this section to learn more about the types of data we collect about you, why we collect it, and how we store it.

Data about our customers’ end users

We process your end users’ communications-related data such as phone numbers, email addresses, friendly names that you create for your end users. We also process the content of communications sent by you or your end users to provide services to you and to carry out necessary functions of our business as a communications service provider. Please read this section to learn more about the types of data we collect about your end users, why we collect it, and how we store it.

How Messangi shares personal information

First things first: we do not sell your personal information, or the personal information of your end users. We also do not allow any personal information to be used by third parties for their own marketing purposes (except in cases where you explicitly request or provide consent for us to do so, such as at a conference when you direct us to share your information with a sponsor).

However, we do need to share it in some circumstances. These may be to provide you services (e.g., to route a call or send an email), or when necessary for our suppliers to provide services to us, or for another reason listed here, or share personal information for cross-context behavioral advertising.

How to make choices about your data

Messangi provides you with many ways to make choices about your data and your end users’ data, such as accessing it, correcting it, deleting it, or updating your choices about how it is used.

Cookies and tracking technology

Messangi uses common information-gathering tools such as cookies, web beacons, pixels and other similar tracking technologies to automatically collect information as you navigate our websites, our services or when you interact with emails we sent to you. You can manage these technologies easily on our websites.

Global privacy compliance at Messangi

Messangi is a global company that is committed to complying with privacy laws around the world. Read this section to learn more about our global privacy compliance and how we protect the personal information of specific groups, such as employees and employee applicants.

International data transfers

Our customer engagement platform securely transfers personal data across jurisdictions in compliance with Data Privacy Framework principles. We use encryption and pseudonymization and collaborate with trusted third-party providers. Contractual safeguards, such as standard data protection clauses, are in place to ensure lawful data handling.

Security information

While there is no such thing as perfect security, we are committed to maintaining reasonable and appropriate security measures to ensure that your personal information is protected both online and offline. Read this section to learn more about our security measures and how you can better protect your account.

Handling disputes

In the event of disputes we are committed to resolving them promptly and fairly. We encourage users to first contact us directly to address concerns. If unresolved, disputes can be escalated to an independent, third-party mediator or a data protection authority to facilitate a fair and timely resolution.

Other information you may find useful

Here you’ll find other useful information about our data protection practices and about this notice. Our use of automated decision making is minimal; we use it primarily for anti-fraud purposes. Finally, we may update our Privacy Notice from time to time, and we will notify our customers in advance of material changes.

How Messangi Processes Your Personal Information

When we talk about “personal information” or “personal data,” we’re talking about a broad range of information. Data protection laws around the world define this concept in different ways, but in general, we mean any information that relates to an identifiable, living individual person. In other words, a person’s phone number is personal information, while a business’s phone number is not.

In addition, some data protection laws and privacy laws in certain jurisdictions differentiate between “controllers” and “processors” of personal information. A controller decides why and how to process personal information. A processor does not make decisions about personal information; it only processes personal information on behalf of a controller based on the controller’s instructions.

With this background, let’s take a high level look at the personal information Messangi collects and how we process it.

If you are a customer of ours, Messangi processes personal information in different ways when you use our products and services.

We process your personal information as a customer (or potential customer) of Messangi’s services — information that we refer to as Customer Account Data (e.g., your contact information) — when you visit a Messangi public-facing website like messangi.com; sign up for a Messangi event; reach out to our Sales team; or sign up for a Messangi account and use our products and services.
We process the personal information of your end users who use or interact with your application that you’ve built on Messangi’s platform, like the people you communicate with by way of that application. This includes information we use to route messages and metadata about messages — we refer to this information as Customer Usage Data — and it also includes the contents of communications, which we refer to as your Customer Content. 

Messangi processes these categories of personal information differently because the direct relationship we have with you, our customer, is different from the indirect relationship we have with your end users.

When Messangi processes your Customer Account Data and your Customer Usage Data, Messangi is acting as a controller. We are also a controller for our employees’ personal data. When Messangi processes your Customer Content, we are acting as a processor.

If you are a visitor to our website (by which we mean any website that links back to this Privacy Notice in its footer, such as to messangi.com), or if you are not a Messangi user and you are attending one of our events, we collect a minimal amount of data about you (depending on how much you’ve chosen to share with us). This might be as little as an IP address or a cookie, and it might be your contact information. We also consider this Customer Account Data. You can read below about how we process visitors’ Customer Account Data.

If you are an applicant to a job at Messangi, or you are a Messangi employee, you can read below about how we process employee and applicant data. You can also read our Employee Privacy Notice, which we extend to job applicants.

If you are an end user of a Messangi customer, this Privacy Notice does not apply to the services that our customers provide to their end users. Our customers have their own policies regarding the collection, use, and disclosure of the personal information of their end users. If you are an end user of one of our customers and want to learn about how that customer handles your personal information, we encourage you to read the customer’s privacy policy. Only the customer can assist you with requests for access or deletion.

Data about our customers

In short, Messangi requires the minimal amount of data necessary to provide services to you, and the amount or type of data we collect depends on the product or service you choose or how you use it. If you choose to share additional information with us so that we can better customize your account and our services, we’ll process that with the same care and respect. We do not sell your personal information and we do not share your information with third parties for those third parties’ own business interests. This Privacy Notice describes the data we collect from our customers at a high level, but you can always learn more by reading our API documentation.

We use the information we collect and share it with our service providers primarily to provide the services you’ve requested from us, and as needed for our operational purposes (e.g., to do the things we need to do to function as a business, such as to collect payment). In addition, we may use data about our customers to detect, prevent, or investigate security incidents, fraud, or abuse and misuse of our platform and services.

Data we process during account creation and account usage

When you sign up for an account with us, we ask for certain information like your contact details and billing information to facilitate payment and communication. We also collect some information automatically, like your IP address, when you log in to your account or when your software application built on Messangi makes requests to our APIs. We use this to understand who is using our services and how, and to detect, prevent, and investigate fraud, abuse, or security incidents.

Information You Share Directly:

• Name and contact information. When you sign up for a Messangi account, we will ask you to give us your name, email address, and optionally, your company name, and to create a password. We collect this information so we know who you are — this helps us communicate with you about your account(s), recognize you when you communicate with us through the account portal or otherwise, bill you correctly, and provide other services.
• Telephone number. When you first sign up for an account, we may also ask you for a telephone number (where it’s relevant to the service you’re using) so we can communicate a verification code to that telephone number and have you enter the code into our website. This helps us verify that you’re actually a human being. A Messangi team member may also contact you at this number to help you with onboarding unless you choose not to be contacted.
• When you set up two-factor authentication for your account, we may ask you to enter a telephone number to set up the process. You have the option to use that telephone number as the method for us to communicate verification codes to you to verify that it is you logging into your account.
• Payment information. When you upgrade your trial account, we’ll ask you to provide our payment processor with your payment method information like a credit card or your Paypal account and your billing address. Our payment processor, acting on our behalf, gathers this so we can bill you for your use of our products and services. Our payment processor will share your billing address with Messangi. We’ll also use your billing address for tax calculation and audit purposes.
• Subscriber records. For some products, we may also obtain proof of identity from you that includes a proof of address, name, physical address, or other identification information. We may also need proof of identity and physical service address. We call these “subscriber records.”
• We may have to share subscriber records with local government authorities or with the local telecommunications carrier that provides connectivity services. We may also use this physical service address for tax purposes. However, we don’t share subscriber records for purposes other than this, and we treat these records with our highest confidentiality.
• Personalization details. Some of our products, such as our short code service, may require you to complete an application form by providing details about your company and your intended use of the product. We’ll use this information for the purpose of determining eligibility for these products. We may also use it in connection with improving our own internal processes and services or to train our team members.

Information We Generate or Collect Automatically:

SIDs. When you sign up for an account with Messangi, we’ll automatically assign you and each of your accounts a unique ID — a SID — and we’ll automatically generate an API token for each of your accounts. These are used like a username and password to make API requests. We keep a record of these credentials so we know it is you making the requests when your application makes requests to our API using these credentials.

Device information and IP addresses. When you use our account portal, we collect your IP address and other data through tracking technologies like cookies, web beacons, and similar technologies. We also collect IP addresses when you make requests to our APIs and in our server logs. We use this information to understand how customers are using our platform, who those customers are (if they are a company and the IP address is associated with that company), what country they are logging in from (for analytics and export control purposes), and to help improve the navigation experience. You can learn more about cookies in the section titled “Cookies and Tracking Technologies” below.

When you use our account portal, we also collect information about your device, such as your computer or mobile device operating system type and version number, manufacturer and model, browser type, screen resolution, unique identifiers, and general location information such as city or town. We do not collect precise geographical information.

Data we process from our website, events, and interactions

When you visit our website, sign up for a Messangi event or request more information about Messangi, we collect information automatically using tracking technologies, like cookies, and through web forms where you type in your information. We collect this information to provide you with what you request through the web form, to learn more about who is interested in our products and services, and to improve navigation experience on our pages. You can learn more about cookies in the section titled “Cookies and Tracking Technologies” below.

Information You Share Directly:

In some places on Messangi’s public-facing websites, you can fill out web forms to ask to be contacted by our Sales Team, sign up for a newsletter, register for a Messangi event, or take a survey. The specific personal information requested on these forms will vary based on the purpose of the form. We will ask you for information necessary for us to provide you with what you request through the form (for example, we will ask you for your email address if you want to sign up for an email newsletter and for your phone number if you want a member of our Sales Team to call you). We may also ask you for additional information to help us understand you better as a customer, such as your Messangi use case, your company name, or your role at your company. If you sign up to receive ongoing marketing communications from Messangi, like a newsletter, you can always choose to opt out of further communications through a preferences page which will be linked from any marketing email you receive from Messangi. You can also contact our Customer Support Team to communicate your choice to opt out.

If you contact our Sales or Customer Support Teams, those teams keep a record of that communication, including your contact details and other information you share during the course of the communication. We store this information to help us keep track of the inquiries we receive from you and from customers generally so we can improve our products and services and provide training to team members. This information also helps our teams manage our ongoing relationships with our customers. Because we store a record of these communications, please be thoughtful about what information you share with our Sales and Customer Support Teams. While we will take appropriate measures to protect any sensitive information you share with us, it is best to avoid sharing any personal or other sensitive information in these communications not necessary for these teams to assist you.

Information We Collect Automatically:

When you visit Messangi websites, including our web forms, we and our service providers acting on our behalf automatically collect certain information using tracking technologies like cookies, web beacons, and similar technologies. We use this information to understand how visitors to our websites are using them and which pages and features of the websites are most popular. This helps us understand how we can improve our websites and track performance of our advertisements. In addition, we use tracking technologies to help improve the navigation experience on Messangi websites. We don’t sell this information to third parties. For more details on our use of cookies and other tracking technologies, please read the below section titled “Cookies and Tracking Technologies.”

Marketing information

We use your email address to send you information about other Messangi products, services or events in which we think you may be interested. You can opt out of receiving marketing communications from us at any time through your marketing preferences page by clicking the “unsubscribe” link at the bottom of any marketing email you receive from Messangi. You can also contact our Customer Support Team to communicate your choice to opt out. Please note that it may take up to three days to remove your contact information from our marketing communications lists, so you may receive correspondence from us for a short time after you make your request. You will not be able to opt out of service emails from us, such as password reset emails, billing emails, or notifications of updates to our terms, unless you deactivate your account.

We may also use publicly-available information about you that we have gathered through services like LinkedIn, or we may obtain information about you or your company from third party providers. We use this information to help us understand our customer base better, such as your industry, the size of your company, and your company’s website URL. We also use this information to reach out to potential candidates for roles at Messangi.

How Long We Store Your Customer Account Data

Messangi will store your Customer Account Data as long as needed to provide you with our services and to operate our business. If you ask Messangi to delete specific personal information from your Customer Account Data (see ‘Choices About Your Customer Account Data’ below), we will honor this request unless deleting that information prevents us from carrying out necessary business functions, such as billing for our services, calculating taxes, or conducting required audits.

More specifically, within 60 days following closure of your account, we will either delete other Customer Account Data or transform it such that it can no longer be used to identify you, with the following exceptions, depending on and in accordance with applicable law:

• Customer Account Data is stored for up to seven years following closure of your account. However, we may retain invoice records, including their digital equivalent, for longer periods for accounting, tax, and audit purposes.
• Where we collect subscriber records, we will retain this data for such time as needed for legal, security and anti-fraud purposes.
• We may retain your communications with Messangi Customer Support Teams for up to three years after your account is closed.
• We may need to retain data due to special circumstances (such as due to an open investigation, audit, or other legal matter).

Data about our customers’ end users

What Customer Usage Data and Customer Content Messangi Processes and Why

We use Customer Usage Data and Customer Content to provide services to you and to carry out necessary functions of our business as a communications service provider. We do not sell your end users’ personal information and we do not share your end users’ information with third parties for those third parties’ own business interests or cross-context behavioral advertising.

The particular end user personal information Messangi processes when you, our customer, use our products and services, and the reasons Messangi processes end user personal information, depends on how you use our products and services and which Messangi products and services you use. For that reason, our Documentation for each of our products and services are the best place to find information about our processing of personal information when you use that Messangi product and service. In many cases, you can opt to store records of your communications or other activities in your Messangi account, and these records may include your end users’ personal information. You may also have the option to use additional features or tools within Messangi’s products or services that allow you to do things such as analyze the records, including end user personal information, in your Messangi account. In those cases, Messangi will process this information to provide you with the service you request.

How Long We Store Customer Usage Data and Customer Content

Details regarding how long your end user personal information may be stored on Messangi systems will depend on which Messangi products and services you are using and how you are using them. For that reason, our Documentation for each of our products and services are the best place to find more detailed information about managing end user data collected and stored in connection with your use of our products and services. We also provide an overview of our retention periods in our support documentation.

As a Messangi customer, if the Messangi product or service you use enables you to store records of your usage on Messangi, including personal information contained within those records, and you choose to do so, then Messangi will retain these records for as long as you instruct, up until termination of your account. In some cases, use of extended storage may cost more. If you later instruct us to delete those records (please see below for information on how to delete your records), we will do so. Please note that it may take up to 30 days for the data to be completely removed from all systems.

How Messangi shares personal information

We do not sell your personal information or the personal information of your end users. We also do not allow any personal information to be used by third parties for their own marketing purposes (except in cases where you explicitly request or provide consent for us to do so, such as at a conference when you direct us to share your information with a sponsor) or share personal information for cross-context behavioral advertising. However, we do need to share personal data in order to provide our products and services to you, such as to route a call you send through us or to store data you ask us to store. Below are the different scenarios under which we may share your data with third parties.

Telephony operators as necessary for proper routing and connectivity.

Messangi provides an easier way for developers to build applications that make use of the publicly switched telephone network (PSTN) to send communications. Therefore, communications-related data is shared with and received from telephony operators as necessary to route and connect those communications from the sender to the intended recipient. How those telephony operators handle this data is generally determined by those operators’ own policies and local regulations.

Other communications service providers for proper routing and connectivity.

Messangi also enables sending or receiving communications through communications service providers that do not use the PSTN, such as WhatsApp and RCS (referred to as Over-the-Top (OTT) communications service providers). If you choose to use Messangi to send or receive communications by way of these providers, Messangi will share communications data with these providers as necessary to route and connect those communications from the sender to the intended recipient. How those OTT communications service providers handle this data is determined by their own policies.

Third-party service providers or consultants.

Messangi engages certain third-party vendors and service providers to carry out certain data processing functions on our behalf. These providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances they will appropriately safeguard the data.

Sub-processors.

A sub-processor is a vendor that is permitted to process data for which we are a processor — in other words, Customer Content. We share Customer Content with sub-processors who assist in providing the Messangi services, like our infrastructure provider, or as necessary to provide optional functionality like transcriptions. An up-to-date list of Messangi sub-processors is located in the Data Processing Addendum.

Compliance with Legal Obligations.

We may disclose your or your end users’ personal information to a third party if (i) we reasonably believe that disclosure is compelled by applicable law, regulation, legal process, or a government request (including to meet national security, emergency services, or law enforcement requirements), (ii) to enforce our agreements and policies, (iii) to protect the security or integrity of our services and products, (iv) to protect ourselves, our other customers, or the public from harm or illegal activities, or (v) to respond to an emergency which we believe in good faith requires us to disclose data to assist in preventing a death or serious bodily injury. 

If Messangi is required by law to disclose any personal information of you or your end user, we will notify you of the disclosure requirement, unless we are prohibited by law. Further, we object to requests we do not believe were issued properly.

Business transfers.

If we go through a corporate sale, merger, reorganization, dissolution or similar event, data we gather from you may be part of the assets transferred or shared in connection with the due diligence for any such transaction. In that situation, and that situation only, we might transfer your data in a way that constitutes a sale under applicable law. If we do, we’ll let you know ahead of time, and we will require any acquirer or successor of Messangi to continue to process data consistent with this Privacy Notice.

Aggregated or de-identified data.

We might also share data about our customers with third parties if the data has been de-identified or aggregated in a way so it cannot be used to identify you or your end users.

How to make choices about your data

Choices About Your Customer Account Data

Accessing and Controlling Account Data. As part of the services we provide to our customers, we provide you with a number of self-service features at no additional cost within the Messangi console itself, including the ability to access your data, update any incorrect data, download a copy of your data, delete your data, or restrict the use of your data. You can make various choices about your Customer Account Data through the account portal when you log into your messangi account or through the marketing preferences center. Any other requests about your data you cannot make through these self-service tools, you can request by emailing support@messangi.com or contacting Customer Support.

Closing Your Account and Deletion. To request closure or deletion of your Messangi account, you can email us at support@messangi.com or contact Customer Support. Please be aware that closure or deletion of your TwiMessangilio account will result in you permanently losing access to your account and the data in the account. After closure of your account, certain information associated with your account may remain on Messangi’s servers in an aggregated form that does not identify you or your end users. Similarly, after you close your account, we will retain data — including personal information — associated with your account that we are required to maintain for legal purposes or for necessary business operations until it’s no longer needed.

Choices About Your End Users’ Data

We also offer you the ability to delete, access, or exercise other choices about end user data, namely Customer Usage Data and Customer Content. Your ability to make choices about this data depends on the Messangi product or service you use and how you use the product or service. For that reason, our Documentation for each of our products and services are the best place to find more detailed information about managing end user data collected and stored in connection with your use of our products and services.

In some cases, we may retain a copy of your usage records, including the personal information contained in them, to carry out necessary functions like billing, invoice reconciliation, troubleshooting, along with detecting, preventing, and investigating spam, fraudulent activity, and network exploits and abuse. Sometimes legal matters arise that also require us to preserve records, including those containing personal information. These matters include litigation, law enforcement requests, or government investigations. If we have to do this, we will delete the impacted records when we are no longer legally obligated to retain them. We may, however, retain or use records after they have been anonymized, if the law allows.

Cookies and Tracking Technologies

Messangi uses common information-gathering tools such as cookies, web beacons, pixels and other similar tracking technologies to automatically collect information as you navigate our websites, your account or when you interact with emails we sent to you.

Cookies

A cookie is a piece of data contained in a very small text file that is stored in your browser or elsewhere on your hard drive. Cookies allow Messangi to identify your device as you navigate our websites or your account. This makes navigating and interacting with our websites or your account more efficient, easy and meaningful for you.

By themselves, cookies do not identify you specifically. Rather, they recognize your web browser. So, unless you identify yourself specifically to Messangi, like signing into your account, we don’t know who you are just because you visited our website.

Messangi uses both session and persistent cookies. Session cookies are cookies that disappear from your computer or browser when you turn off your computer. Persistent cookies stay on your computer even after you’ve turned it off. Additionally, the cookies on our websites fall into three categories: (1) Required Cookies, (2) Functional Cookies, and (3) Advertising Cookies. To learn more about each category of cookie, you can visit our cookie consent tool by clicking on the “Cookie Preferences” link on the bottom right of the Messangi website you are visiting.

How to Control & Delete Cookies

Hubspot Consent Tool. Messangi uses “Hubspot” as our cookie consent tool, which you can utilize to customize your cookie preferences. When you visit our website for the first time, a cookie consent banner will pop up and ask you to customize your cookie preferences. If you decide to change your preferences at a later date, you can easily do so by clicking on the “Cookie Preferences” link on the bottom right of the Messangi website you are visiting. Please note that Required Cookies cannot be disabled and if you decide to opt-out of Functional Cookies, certain functionality of our websites or your account may be impacted.

Using Your Browser. 

Do Not Track. Some browsers allow a “do not track” (DNT) setting that requests that a web application disable its tracking of an individual user. When you choose to turn on the DNT setting in your browser, your browser will send a special signal to websites, analytics companies, ad networks, plug-in providers, and other web services you encounter while browsing and stop tracking your activity. To set up DNT, you can visit the All About DNT page. If you do choose to set up DNT, we will automatically turn off all non-required cookies on Meessangi’s websites for you. Please note that this may impact the functionality of our websites or your account.

Opting out of Advertising Cookies. To learn more about how to opt out of targeting and advertising cookies, you can go to the Your Online Choices page, the Network Advertising Initiative page, and the Digital Advertising Alliance’s Consumer Choice page. These opt-out tools are provided by third parties, not Messangi. We do not control or operate these tools or the choices that advertisers and others provide through these tools.

Web Beacons

Messangi also uses web beacons to gather data about your use of our websites, your account, and how you interact with emails we have sent to you. Web beacons are clear electronic images that can recognize certain types of data on your computer, like when you view a particular website tied to the web beacon, and a description of a website tied to the web beacon. Additionally, we may put web beacons in marketing emails that notify us when you click on a link in the email that directs you to a Messangi website. We use web beacons to operate and improve our websites and email communications to you.

Global Privacy Compliance at Messangi

Messangi is a global company with customers and offices all around the world. As such, our approach to privacy compliance is a global one. No matter where you are located, whether in the United States, the European Economic Area (EEA), the United Kingdom (UK), Latin America, or the Asia-Pacific region, we remain committed to abiding by all applicable data protection laws.

Regions Requiring a Legal Basis for Processing Personal Information

If you are from a region that requires a legal basis for processing personal data (such as the EEA or the UK), our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect personal information from you only where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms, or where we have your consent to do so. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person, such as in the case where we request personal information from you in the context of a government audit or in response to a request from law enforcement.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact information provided below.

Broadly speaking, we use Customer Account Data to further our legitimate interests to:

• understand who our customers and potential customers are and their interests in Messangi’s products and services;
• manage our relationship with you and other customers;
• carry out core business operations such as accounting, filing taxes, and fulfilling regulatory obligations; and
• help detect, prevent, or investigate security incidents, fraud and other abuse or misuse of our products and services.

United States

State Consumer Access and Deletion Rights

For those customers that would like more information about our use of Customer Account Data or Customer Usage Data, you have the ability to request:

• that we provide details about the categories of personal information that we collect about you, including how we collect and share it;
• that we provide you access to, and a copy of, the personal information we collect about you;
• that we update or correct any inaccurate personal information we have about you; and
• that we delete the personal information we have about you.

Please scroll up to our section above on How to make choices about your data for more information about how to make a request.

Please be aware that when you ask us for these things, we will take steps to verify that you are authorized to make the request. You do not have to be from any specific state, such as California, Colorado, Utah, or Virginia, to make this request. We won’t discriminate against you or change the price of our services if you make a request, but if you ask us to delete your data, it may affect your ability to use our service.

If you’re a Californian interested in what personal information we have shared lately for our business purposes, here’s a list:

• Identifiers
• Commercial information
• Financial information
• Internet or other electronic activity information
• Geolocation information
• Professional or employment information

By “our business purposes,” we mean that we only share personal information as we describe in the section above (in other words, with telephony operators, communications providers, and so on).

Other regions

If you are in a region other than the EEA, the UK, or the United States, we aren’t forgetting you! There are just some specific requirements those regions ask us to put in our Privacy Notice. Some countries, like Brazil, also have specific privacy notice requirements, and we address those requirements in our general privacy sections above. If there are specific changes we need to make to our legal language to comply with a country’s privacy or data protection laws, you can find those changes in our Data Processing Addendum.

Privacy Compliance for Specific Individuals

Employee Applicant and Employee Data. Whether you are applying for a position at Messangi or are a current or former employee, we remain committed to practicing a “no shenanigans” approach to your personal information. For up to date information on the types of data we process about you and how we protect it, please see our Employee Privacy Notice.

Information from Children. We do not knowingly permit children (under the age of 13 in the US and UK or 16, if you live in the EEA) to sign up for a Messangi account. If we discover someone who is underage has signed up for a Messangi account, we will take reasonable steps to promptly remove that person’s personal information from our records. If you believe a person who is underage has signed up for a Messangi account, please contact us at privacy@messangi.com.

International data transfers

Your information, including Personal Data, is processed at Messangi’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.

Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.

Messangi will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

Messangi complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Messangi has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Messangi has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/

Messangi is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. In connection with onward transfers, Messangi has responsibility for the processing of Personal Data that it receives under the Data Privacy Framework and subsequently transfers to any third party who is acting as an agent on Messangi’s behalf. Messangi will remain responsible under the Data Privacy Framework Principles if any such agent processes such Personal Data in a manner that is inconsistent with those Principles, unless Messangi can provide evidence that it is not responsible for the event giving rise to the damage. In compliance with the Data Privacy Framework Principles, Messangi commits to resolve complaints about our collection or use of your Personal Data. EU, UK and Swiss individuals with inquiries or complaints regarding our Data Privacy Framework policy should first contact Messangi at:

privacy@messangi.com

Messangi Privacy Policy Issues

5798 SW 68th St

Miami, FL 33143

USA

Messangi has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Data Privacy Framework complaints regarding Personal Data transferred from the EU, the United Kingdom and Switzerland. Under certain circumstances, individuals may be able to invoke binding arbitration, in accordance with the Data Privacy Framework requirements. In addition, as a U.S.-based company, Messangi may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Security Information

How We Secure Personal Information

Our security measures. We use appropriate security measures to protect the security of your personal information both online and offline. These measures vary based on the sensitivity of the personal information we collect, process and store and the current state of technology. We also take measures to ensure service providers that process personal data on our behalf also have appropriate security controls in place. When we transfer data across borders, we also take supplementary measures to ensure that data is protected. You may read more about our security measures in our Security Overview, and if you are located in a country that requires you to obtain information about our supplemental measures.

Please note that no service is completely secure. While we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.

Security measures you can take. To protect the confidentiality of your account and protect against unauthorized use of your account, we recommend enabling two-factor authentication for your account. Additionally, you must keep your account password confidential and not disclose them publicly or to unauthorized individuals — this includes accidentally distributing them in a binary or checking them into source control.

Similarly, if you provision an API Key, you should keep your secret, well… secret. You should store your API Key, and secret in a secure location. 

How we use personal information for security purposes

We may collect and use Customer Account Data or Customer Usage Data to detect, prevent, or investigate security incidents, fraud, or abuse and misuse of our platform and services. In addition, we also use records containing end user personal information to debug, troubleshoot, or investigate security incidents; to detect and prevent spam or fraudulent activity; and to detect and prevent network exploits and abuse. Specifically, we monitor text message content to detect spam, fraudulent activity, and violations of our Acceptable Use Policy. We may anonymize personal information and use it for our legitimate business needs, and, where allowed by law, this may include records containing end user personal information.

Disputes

At Messangi, we prioritize our commitment to safeguarding your personal data. If you have concerns or disputes regarding our data protection practices, we encourage direct communication to resolve the matter. Nonetheless, should there be unresolved issues, please be assured that we adhere to the guidelines set by the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.

Individuals from the EU, UK, or Switzerland with inquiries or complaints regarding our data handling practices in accordance with these frameworks should initiate contact with our Data Protection Officer. We are dedicated to addressing and resolving any DPF Principles-related concerns about the collection and use of your personal information.

Contact Information:
Email: privacy@messangi.com
Mailing Address:
Messangi Corporation
5798 SW 68th St
Miami, FL 33143.

In line with the EU-U.S. DPF, its UK Extension, and the Swiss-U.S. DPF, Messangi is committed to addressing any unresolved complaints regarding our personal data practices under these frameworks. If you live in the European Union or Switzerland and are unhappy with how we’ve managed your privacy concerns, or if you believe your DPF Principles-related complaint wasn’t acknowledged in a timely manner or addressed sufficiently, you have the right to seek further assistance.

You can escalate the matter to American Arbitration Association / International Centre for Dispute Resolution, a recognized dispute resolution provider based in the United States. For more details or to lodge a complaint, please visit https://www.icdr.org/. Availing the services of American Arbitration Association will be at no expense to you.

Residents of the European Union or Switzerland may elect to invoke binding arbitration for unresolved complaints, but prior to initiating such arbitration, you must: (1) contact Messangi and afford us the opportunity to resolve the issue; (2) seek assistance from Messangi’s designated independent recourse mechanism above; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority or the Swiss Federal Data Protection and Information Commissioner) and afford the Department of Commerce time to attempt to resolve the issue. Each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Data Privacy Framework, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Data Privacy Framework Principles with respect to the individual. Messangi is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

For individuals in the EEA, the UK, or Switzerland, you have additional rights to make a complaint to a competent data protection authority or commence proceedings in a court of competent jurisdiction in accordance with applicable data protection laws. 

If you are a resident of the European Union or the UK, you also have the right to lodge a complaint with your local data protection authority or the Information Commissioner’s Office in the UK.

Messangi has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Data Privacy Framework complaints regarding human resources data transferred from the EU and Switzerland in the context of the employment relationship. Under certain circumstances, individuals may be able to invoke binding arbitration, in accordance with the Data Privacy Framework requirements. In addition, as a U.S.-based company, Messangi may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Other information you may find useful

Automated decision-making and machine learning

Messangi may use automated decision making leveraging a variety of signals derived from records we collect to help monitor, identify, and suspend accounts sending spam or engaging in other abusive or fraudulent activity. Holders of accounts suspended under these circumstances are notified of the suspension and given an opportunity to request human review of the suspension decision.

Changes to our Privacy Notice

We may change this Privacy Notice from time to time, and if we do, the most current version will be available at https://www.messangi.com/privacy-policy/ with the date indicating when it was last updated. These changes might be minor, such as updating an address or fixing a typo, or they might be material, such as making a change that affects your rights. If we make changes that affect your rights, we will provide advance notice to you, such as by posting a message in the Messangi console, or we’ll send an email via the address we have on file for you. We will comply with applicable law with respect to any changes we make to this notice and seek your consent to any material changes if this is required by applicable law.