Effective Date: June 1, 2020

Privacy policy

We, IMI Mobile North America, Inc., doing business as ExpressPigeon (the "Company" or "ExpressPigeon"), are strongly committed to privacy and believe that good privacy is good business. Therefore, we have adopted this Privacy Policy for the Company, its website and services. You can link to this Privacy Policy directly from the website or through our Terms of Service. This Privacy Policy covers only the information collected on our website. It does not apply to any information collected offline. Please note that you cannot register for our service if you are under 18 years of age, and we do not knowingly collect personal information relating to children.

For the purpose of the EU General Data 2016/679 (the GDPR) and any subsequent UK legislation on data protection, the data controller is ExpressPigeon. ExpressPigeon has appointed a company within the IMIMobile group of companies as its EU representative - [TEXTlocal/IMIMobile]

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions or you would like to make a request to exercise any of your legal rights, please contact the DPO using the details set out in the "Contact" section below.

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

This Privacy Policy is designed also for compliance with California Consumer Privacy Act of 2018 (the "CCPA"). The CCPA governs the Company's disclosures to consumers pursuant to this Privacy Policy, or otherwise at the time any personal data is collected from consumers who are California residents for federal income tax purposes. To the extent compliance with the CCPA is required herein, such compliance shall only relate to consumers as are defined pursuant to the CCPA and for personal information as defined under the CCPA. To the extent a consumer is not a consumer as defined under the CCPA, the provisions contained herein regarding compliance with the CCPA shall not be required or applicable.

1. Personal Information Collected From You

We request that you provide us with personal information when you subscribe to our services. This information will include:

your name, address, email, password, phone number, occupation
financial information (bank account or credit card details); and
for purposes of CCPA information that identifies, relates to, describes or is capable of being associated with or could reasonably be linked directly or indirectly with a particular consumer or household (as defined pursuant to the CCPA). For the purpose of the CCPA, personal information also includes unique personal identifiers which may be defined as device identifiers, online tracking technology, and probalistic identifiers. You have the right, upon written request to the Company to be informed exactly what personal information the Company has collected about you, or where it was sourced from, or is being used for, whether it is being disclosed or sold, and to whom it is being disclosed or sold.

With regard to each of your visits to our website we will automatically collect the following information:

IP address, type of browser and operating system; and
Full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.

We will also collect personal information from you when you voluntarily complete a customer survey or provide feedback via our customer service (including telephone, email or webform or messaging).

We do not presently share any personal information (whether provided to us or collected by us) with any third party.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

If you fail to provide personal data which we need to provide the service, then we may not be able to perform the contract we have with you.

2. Cookies

We use browser “cookies” to maintain session information and to allow for “remember me” function. None of the information in the cookies contains any personal or sensitive information about you. Please note that while most browsers will accept cookies by default, you may set your browser to reject cookies. However, disabling cookies in your browser will render our application inoperable. Specific details regarding our use of cookies can be found on the Cookie Policy page.

3. Uses made of the Information

We use information held about you in the following ways:

Information you give to Us. We will use this information:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and service that you request from us;
- to provide you with information of other services we offer that are similar to those that you have already purchased or enquired about;
- to provide you with information about services we feel may interest you. If you are an existing customer, and have consented or opted-in to our contacting you with marketing messages, we will contact you by electronic means (e-mail or SMS) with information about services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, we will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, for marketing purposes, please follow the ‘unsubscribe’ link on any of our marketing emails or send us an email to support@expresspigeon.com.
- to notify you about changes to the service;
- to ensure that content from our website is presented in the most effective manner for you and for your computer.
If you fail to provide personal data which we need to provide the service, then we may not be able to perform the contract we have with you. you are responsible for ensuring that the personal data which you give us is accurate and up to date.
Information we collect about you when you visit our website. We will use this information:
- to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our website to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of the Service, when you choose to do so;
- as part of our efforts to keep our website safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of our website about services that may interest you or them.
Information we receive from other sources. We may receive personal data about you from various third parties and public sources as set out below. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).

4. Financial Information

We collect your financial information so that we can be compensated for paid services. We store this information with an industry trusted third party financial institution. This prevents any potential theft of such information even in the unlikely event of a security breach. The security of your financial data while in transmission is assured through a 128-bit Secure Sockets Layer (SSL) connection between our Web server and a third party financial institution responsible for processing credit card transactions.

5. Contact List Information

You must comply with the Terms of Service and Use Agreement when you provide the contact details of your target audience to us. We reserve the right to monitor this information at any time in order to ensure your compliance with our Terms of Service. We also reserve the right to collect additional information about your contacts, including but not limited to IP address, browser type, email, client type and operating system. We do not presently nor will in the future share any contact information (whether provided to us or collected by us through subscription forms) with any Third Party. Contact list information is used strictly to fulfill the functionality of our systems.

6. Non-personally Identifiable Information

Our website may collect non-personally identifiable information. This may include, for example, collecting statistical information about the type of browsers people use to visit our website, domains from which our visitors come, or number of visits to our website, etc. This non-identifiable aggregate information may be used internally for quality control or for marketing purposes as well as provided to Third Parties.

7. Keeping personal information up to date

While we store your personal information in order to support the proper function of our applications, it is your responsibility to keep this information up to date. You may access your personal information at any time by logging into the website and navigating to My Account.

8. Email content

Please refer to Section 4 of the Terms of Service and Use Agreement to review the list of prohibited content. You may not use ExpressPigeon systems to send e-mails that include or link to any prohibited content. We reserve the right to monitor the content of your emails to ensure compliance with our Terms of Service, and freeze or even permanently close your account if we deem your content inappropriate, based solely on our opinion.

9. Exception from Coverage

This Privacy Policy places no duty upon us with respect to Confidential Information that (a) becomes generally known to the public without violation of this Policy; (b) is collected by us from a third party without a confidentiality obligation; (c) was independently developed by us without use of the Confidential Information; (d) is disclosed in response to a court or governmental order provided that we have given you prior written notice and opportunity to object; (e) to the extent that disclosure of such 0 Confidential Information is necessary to enforce our rights under the Terms of Service and Use Agreement in connection with any litigation, arbitration or other dispute resolution procedure.

9. Information Protection

This Privacy Policy places no duty upon us with respect to Confidential Information that (a) becomes generally known to the public without violation of this Policy; (b) is collected by us from a third party without a confidentiality obligation; (c) was independently developed by us without use of the Confidential Information; (d) is disclosed in response to a court or governmental order provided that we have given you prior written notice and opportunity to object; (e) to the extent that disclosure of such Confidential Information is necessary to enforce our rights under the Terms of Service and Use Agreement in connection with any litigation, arbitration or other dispute resolution procedure.

10. International transfers

We are based outside the EEA so processing of your personal data will involve a transfer of data outside the EEA.

We use providers based in the US, therefore we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

11. EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield

Express Pigeon participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Express Pigeon is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov/list.

Express Pigeon is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Express Pigeon complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Express Pigeon is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission and/or the U.S. Department of Transportation, as applicable. In certain situations, Express Pigeon may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request .

Under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov , you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

12. Information Protection

We represent that we will use commercially reasonable measures to maintain appropriate technical and organizational structure to protect any information, including personally-identifiable information that we collect, process or access against unauthorized or illegal processing or transfer and against accidental loss, access, or destruction.

We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

13. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. We reserve the right to eliminate, delete or destroy your personal data and information at any time, in our sole discretion, and you shall have no reliance upon our storage or access to any such personal data or information.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Your contact database as well as your account data may retain for as long as you keep it on your account. If you wish to delete it, you can freely do so at any time. If you have any questions, you can always contact us.

14. Your Rights

Where we are relying on your consent to process your personal data, you can withdraw your consent or opt-out of our processing your personal data at any time: you can do contact us. In certain circumstances, we can process your personal data without your consent in line with the lawful processing requirements in GDPR. These include (amongst other reasons) where processing is necessary to carry out a contractual obligation between us, to comply with a legal obligation, or to protect your vital interests.
Ask us to rectify inaccurate or incomplete personal data. We would seek to rectify the data as soon as possible and usually within one month unless the request is complex.
Ask Us to erase or delete your personal data. This is commonly referred to as the right to be forgotten. This right is only applicable where there is no compelling reason for the continued processing of your personal data. There are some circumstances where this right to erasure does not apply and in such cases we would notify you of the reason(s) why we need to retain your personal data (unless prevented to do so by law).
Restrict processing of your personal data where, for example, the data is inaccurate, being processed unlawfully or where the data is no longer relevant to the specific purpose for processing. In such cases, we would retain the data but we would not process it further without your consent, or if processing your data is for establishing, exercising or defending a legal claim, or for the protection of rights of other individuals, or for public interest reasons. In such circumstances, we would let you know that we intend to lift the restriction on processing your personal data.
Request access to your personal data via a subject access request. Your request should be made to us in writing by email to our support email and we may ask you for proof of your identity before providing you with the data. There is usually no fee for making such a request however, in limited circumstances, we may be able to charge an administrative fee (which will be based on the administrative cost of providing the information).
You have the right to ask us not to process your personal data for marketing purposes (including profiling). We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting at our support email.
Obtain and reuse your personal data for your own purposes across different services (right to data portability). This right is only applicable to data that you have provided to us, where we are processing the data based on your consent or for the performance of a contract and when the processing is carried out by automated means. Where this right applies, the data will be provided to you in a structured, commonly used and machine-readable format.
The right to receive equal service and pricing from the Company, even if privacy rights are exercised pursuant to the CCPA. This is defined that the Company cannot deny goods or services or charge different prices for goods or services or provide a different quality of goods or services to those consumers who exercise their privacy rights. The foregoing shall in no event prevent the Company from charging different prices, and providing different level of service, to consumers, “if that difference is reasonably related to the value provided to the consumer by the consumers data”.

Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

15. Changes to this policy

We reserve the right to make changes to this Privacy Policy from time to time. We may or may not send updates by email, but the last updated date can be found at the bottom of this policy. Please feel free to come back to review the latest version.

16. Survival

The ExpressPigeon, duty to protect Confidential Information shall survive the expiration or termination of the Terms of Service and Use Agreement for any reason and will extend for a period of 5(five) years from the date of disclosure by you or collection by us of Confidential Information.

17. Incorporation by Reference.

This Privacy Policy is incorporated by reference into the ExpressPigeon. Terms of Service and Use Agreement and, therefore, made part of the Agreement.

Contact us

In case you have questions or suggestions regarding this policy, feel free to contact us using our Support page, or write to:

IMImobile North America, Inc.
750 Park of Commerce Blvd, Suite 400
Boca Raton, Florida 33487

Data Protection Officer: DPO at imimobile.com

This Privacy Policy was last updated on May 31 2020