Marigold’s Privacy Notices
Site Privacy Notice
We recommend that you read this entire Notice to ensure you are fully informed. However, to make it easier for you to review those parts of this Notice which apply to you, we have divided up the document into the following sections:
OVERVIEW
Iris Holdings L.P. and its subsidiaries (collectively d/b/a “Marigold”, “we,” or “us”) is a provider of Software-as-a-Service (SaaS) marketing technologies (our “Services”) to our customers and clients (“Customers”). While each of our product offerings is unique, we are one organization. This Privacy Notice (“Notice”) applies to the Processing of Personal Data by Marigold and explains who we are, how we collect, use and share information that identifies you (directly or indirectly) (“Personal Data”), and how you can exercise your privacy rights. Marigold’s current product offerings include the following:
- Marigold Engage +
- Marigold Engage
- Marigold Loyalty
- Campaign Monitor by Marigold
- Emma by Marigold
- Marigold Liveclicker
- Marigold Engage by Sailthru
- Marigold Engage by Vuture
For information about how our Services Process Personal Data, please visit the Services Privacy Notice.
SUMMARY OF THIS NOTICE
It’s important that any individual to whom this Notice applies is able to understand how we Process Personal Data related to the operation of our business. The most complete way to do this is to read the Notice in its entirety. However, here’s a quick summary of the information provided in this notice.
- What is Marigold? Marigold is headquartered in Nashville, TN. We provide SaaS marketing software products and services that allow our Customers to engage with their customers through email, SMS, loyalty programs, and other online experiences.
- What does “process” mean, and whose Personal Data is processed? The simplest way to encapsulate what is meant by process/processed/processing is to say that it’s any action taken which involves Personal Data. This covers everything from the initial collection, observation, and storage of Personal Data, to the eventual deletion or anonymisation of the Personal Data. The types of data subjects impacted by this Notice are described below.
- What Personal Data is Processed and for what purpose(s)? At minimum, we will typically process your email, name, and other information submitted by you through forms on this site. We may also collect and store information using cookies. You can control this at any time by visiting the cookie preference center located in the footer of this site. Our primary purposes for collecting your personal data are to market our services to you as a Website Visitor, to consider Applicants for employment by a Marigold entity, and to support our own business purposes and legal obligations. If it is necessary to collect sensitive Personal Data, we will only Process that Personal Data in compliance with applicable data protection laws.
- How long do you retain Personal Data? The retention period for Personal Data depends on the purpose(s) for its Processing. We retain Personal Data we collect from you only for as long as reasonably necessary to achieve that purpose. In some cases, we may retain Personal Data for a specific time period based on a legal obligation, contractual obligation, or other operational factors. On the other hand, we may have a variable data retention period where we rely on our legitimate interest and several factors determine the completion of our purpose for Processing the Personal Data. Regardless, when the purpose is achieved, we will delete or anonymize the Personal Data.
- Do you transfer my personal data outside the EEA,Switzerland, or UK? In most cases, yes. Marigold is a global organization, with Processing occurring in many jurisdictions, including the United States, United Kingdom, European Union, and Australia.
- What are my privacy rights? An increasing number of global privacy laws are providing individuals with privacy rights. Notable among these laws are the GDPR and its various implementing laws, UK GDPR, and CPRA. Please review the “Data Protection Rights for EEA,Switzerland, and UK Residents” or “California Privacy Rights” sections of this Notice to learn more about your specific rights and how to exercise them.
- Selling and Sharing under the California Privacy Rights Act. … Marigold does not sell Personal Data covered by this Notice. Marigold may share your Personal Data via cookies. To opt out of sharing, navigate to the cookie preference center and turn off “Advertising Cookies.”
- How can I contact you with questions about my privacy? … dpo@meetmarigold.com.
CATEGORIES OF DATA SUBJECTS
This Notice applies to the following categories of individuals:
- Customers of Marigold. …
- Website Visitors. …
- Prospects. …
- Applicants for employment. …
If you are resident in the EEA or California, please review the section headed “Controlling Your Personal Data” for further information about the privacy rights available to you.
PROCESSING DETAILS
CUSTOMERS
Collection of Personal Data
Information You Provide To Us. You may provide Personal Data to us through the Services – for example, when you are assigned or create credentials to access the Services, consult with our customer success or support teams, send us an email or communicate with us in any other way. We will usually let you know prior to collection whether the provision of Personal Data we are collecting is compulsory or may be provided on a voluntary basis and the consequences, if any, of not providing the information. The information you provide to us, may include:
- Account Information. As a Customer, we may collect information such as your name, email address, title, phone number, and other information related to establishing and maintaining a relationship between you and us.
- Billing Information. If you purchase our Services, you may also need to provide us with payment and billing information such as your credit card details and billing address. We will also maintain a record of your purchases, transactional information, your Services history and usage, and any communications and responses.
- User Surveys. …
Information Collected Automatically. …
Information We Obtain From Third Party Sources. …
Purposes for Processing your Personal Data. …
Disclosures. …
Lawful Basis. …
Data Retention. …
WEBSITE VISITORS and PROSPECTS
Collection of Personal Data
Information You Provide To Us. …
Information Collected Automatically. …
Cookies and tracking technologies. …
Information We Obtain From Third Party Sources. …
Purposes for Processing Your Personal Data. …
Disclosures. …
Lawful Basis. …
Data Retention. …
APPLICANTS FOR EMPLOYMENT
Information We Process
Information You Provide To Us. …
Information Collected Automatically. …
Device Information. …
Information We Obtain From Third Party Sources. …
Purposes for Processing Your Personal Data. …
Disclosures. …
Lawful Basis. …
Data Retention. …
COOKIES
What are cookies?
Cookies are small data files that are placed on your computer or mobile device when you visit a website. …
Managing cookies deployed by this site.
To control the cookies placed on your device by this site, please visit the Cookie Preferences center located in the footer of any page. …
Controlling Your Personal Data
Maintaining the privacy and security of Personal Data processed by Marigold subject to this privacy notice is one of our core values …
Data Protection Rights for EEA, Switzerland and UK Residents.
Marigold is an organization which operates marketing technology companies across the globe and is established within the EU by its control of Selligent SA …
- You can access, review, change, update or delete your Personal Data …
- To remove your Personal Data from a Website testimonial …
- In addition, you can object to processing of your Personal Data …
- You can opt out of receiving marketing communication …
- If we have Processed your Personal Data with your consent …
- You have the right to complain to a data protection authority …
Data Protection Officer
HewardMills
77 Farringdon Road
London EC1M 3JU
dpo@meetmarigold.com
California Residents Privacy.
Please note that this Notice uses the term Personal Data, but for the purpose of this section, the term “personal information” will be used to align with the California Privacy Rights Act (“CPRA”). …
GENERAL INFORMATION
Children
Our Website is not intended for and may not be used by minors. …
Third-Party Websites And Apps
This Notice only applies to the Website. …
How Do We Keep Your Personal Data Secure?
We use appropriate technical and organizational security measures …
International Data Transfers
Marigold is established in the United States and may Process Personal Data in the United States. …
Changes To This Privacy Notice
We may revise this Notice from time to time …
CONTACT US
Thanks for taking the time to learn about our Site Privacy Notice. We hope it was clear and reassuring. If you have any questions, please contact us:Marigold
ATTN: VP of Global Data Privacy
11 Lea Ave
Nashville, TN 37210
Email: privacy@meetmarigold.com
Important Note: If you are resident in the EEA or UK, the “data controller” of the Personal Data described in this Privacy Notice is Marigold.
Services Privacy Notice
OVERVIEW
This Services Privacy Notice exists to provide details regarding the Processing of Personal Data Related to Services provided by Marigold entities (“Marigold,” “we,” or “us”), as governed by the Services Agreement. Marigold also provides a Site Privacy Notice …
This Notice serves two purposes:
- It supplements our Services Agreement by providing details of how our Services Process Personal Data on behalf of our Customers.
- It provides notice and transparency regarding our Processing of Personal Data pertaining to our Customer’s Data Subjects …
To execute a Data Protection Agreement … privacy@meetmarigold.com.
Further Information for Customer Data Subjects: …
SUMMARY OF THIS NOTICE
- What are the Services? …
- What does “Process” mean, and whose Personal Data is Processed? …
- What Personal Data is processed and for what purpose(s)? …
- For how long is Personal Data retained? …
- Do you transfer my personal data outside the EEA, Switzerland, or UK? …
- What are my privacy rights? …
- Selling and Sharing under California law. … Marigold and Marigold entities do not sell or share your Personal Data in the provision of their Services.
CATEGORIES OF DATA SUBJECTS
- Users of the Services. …
- Customer Data Subjects. …
PROCESSING DETAILS
USERS
Collection of Personal Data
Information You Provide To Us. …
Information Collected Automatically. …
Device Information. …
Log data. …
Information relating to your use of the Services. …
Purposes for Processing your Personal Data …
Disclosures. …
Lawful Basis. …
Data Retention. …
CUSTOMER DATA SUBJECTS
ELECTRONIC MESSAGES SENT USING THE SERVICES. …
Collection of Personal Data. …
Purposes for Processing your Personal Data. …
TRACKING TECHNOLOGIES DEPLOYED BY THE SERVICES
Collection of Personal Data. …
Purposes for Processing your Personal Data. …
DATA COLLECTION
Collection of Personal Data. …
Purposes for Processing your Personal Data. …
Disclosures of Customer Data Subject Personal Data. …
Lawful Basis. …
Data Retention. …
Marigold Entities as Data Controllers
The Services described in this notice are provided within Processing environments controlled by each Marigold entity. …
What are Service Logs? …
Our Collection of Personal Data. …
Our purposes for Processing your Personal Data. …
Disclosures. …
Lawful Basis …
Data Retention …
To exercise your privacy rights, please follow the instructions in this notice here.
GENERAL
Children
Our Services are not intended for and may not be used by minors. …
Third-Party Websites And Apps
This Notice only applies to the Services. …
Product-Specific Notices
Liveclicker uses the Youtube API services, which are governed by Google’s privacy policy, available at http://www.google.com/policies/privacy.
Marigold Engage + receives information from Google APIs and its use or transfer that information will adhere to Google APIs Services User Data Policy, including the Limited Use Requirements.
How Do We Keep Your Personal Information Secure?
We use appropriate technical and organizational security measures …
International Data Transfers
Subject to the Service Agreement and any applicable Ordering Document(s), the Services may be provided, supported, and hosted in the United States. …
- Implementing the European Commission’s Standard Contractual Clauses (“EU SCCs”) …
- US-based Marigold affiliates may adhere to the EU-US and Swiss Data Privacy Frameworks …
Changes To This Privacy Notice
We may revise this Notice from time to time …
CONTACT
For general data privacy questions related to the Campaign Monitor Services, please email privacy@meetmarigold.com. To communicate with our Data Protection Officer, please email dpo@meetmarigold.com.
MarigoldATTN: VP of Global Data Privacy
11 Lea Ave, Nashville, TN 37210
Email: privacy@meetmarigold.com
Data Privacy Framework
EU, UK, and Swiss Data Protection Framework
This section of Marigold’s privacy notices is relevant to both the Site and Services Privacy Notices (the “Notices”) above. …
Where eligible, Marigold’s US Affiliates (hereafter “us” or “we”) participate in and have certified their compliance with the EU-U.S. Data Privacy Framework, the UK extension to the EU-US Data Privacy Framework, and the Swiss-US Data Privacy Framework (altogether “the Framework”). …
Marigold Group Inc. and its subsidiaries (Emma Inc., Sailthru Inc., Liveclicker Inc., and Vuture Inc.)
If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and the Swiss-U.S. DPF Principles, the Principles shall govern.
Data Privacy Framework Principles
- We are responsible for the Processing of Personal Information we receive under the Framework …
- We comply with the Framework Principles for all onward transfers …
- The description of Personal Information processed, purposes …
- With respect to Personal Information received or transferred pursuant to the Framework, Marigold is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. …
- Where we determine the purposes of processing Personal Information originating in the EU, UK, or Switzerland, the data subject … privacy@meetmarigold.com …
- Marigold agrees to cooperate with the EU Data Protection Authorities (“EU DPAs”), or as applicable the UK Information Commissioner’s Office (“ICO”) or the Swiss Data Protection Authorities …
- Further, individuals may, under certain conditions, invoke binding arbitration, as allowed and defined by the Framework. …
Back to top
OVERVIEW
Iris Holdings L.P. and its subsidiaries (collectively d/b/a “Marigold”, “we,” or “us”) is a provider of Software-as-a-Service (SaaS) marketing technologies (our “Services”) to our customers and clients (“Customers”). While each of our product offerings is unique, we are one organization. This Privacy Notice (“Notice”) applies to the Processing of Personal Data by Marigold and explains who we are, how we collect, use and share information that identifies you (directly or indirectly) (“Personal Data”), and how you can exercise your privacy rights. Marigold’s current product offerings include the following:
- Marigold Engage +
- Marigold Engage
- Marigold Loyalty
- Campaign Monitor by Marigold
- Emma by Marigold
- Marigold Liveclicker
- Marigold Engage by Sailthru
- Marigold Engage by Vuture
For information about how our Services Process Personal Data, please visit the Services Privacy Notice.
SUMMARY OF THIS NOTICE
It’s important that any individual to whom this Notice applies is able to understand how we Process Personal Data related to the operation of our business. The most complete way to do this is to read the Notice in its entirety. However, here’s a quick summary:
- What is Marigold? Marigold is headquartered in Nashville, TN. We provide SaaS marketing software products and services that allow our Customers to engage with their customers through email, SMS, loyalty programs, and other online experiences.
- What does “process” mean, and whose Personal Data is processed? “Processing” includes any action involving Personal Data, from collection and observation to storage, use, and deletion. The categories of individuals covered by this Notice appear below.
- What Personal Data is Processed and for what purpose(s)? We typically process your name, email, and information you submit via forms on this site. We may also collect information using cookies (you can manage preferences in the site footer). Main purposes: marketing our services to Website Visitors and Prospects, evaluating Applicants, and meeting our own business/legal obligations. If sensitive Personal Data is collected, we process it only in compliance with applicable laws.
- How long is Personal Data retained? Only as long as reasonably necessary for the applicable purpose (or as required by law/contract). When the purpose ends, we delete or anonymize the data.
- International transfers. Marigold is global; Processing may occur in the United States, United Kingdom, European Union, and Australia.
- Your privacy rights. Depending on your location (e.g., EEA/UK under GDPR or California under CPRA), you may have rights to access, correct, delete, object, restrict, or opt-out. See “Data Protection Rights for EEA/UK Residents” and “California Residents Privacy.”
- Selling/Sharing under CPRA. Marigold does not sell Personal Data covered by this Notice. We may “share” data via cookies for advertising; to opt out, use the cookie preference center and disable “Advertising Cookies.”
- Questions? Contact our DPO at dpo@meetmarigold.com.
CATEGORIES OF DATA SUBJECTS
This Notice applies to:
- Customers using our Services (including former users whose data we retain for purposes allowed by this Notice).
- Website Visitors who interact with meetmarigold.com (including Prospects and Applicants).
- Prospects who express interest in our Services but are not yet Customers.
- Applicants for employment with a Marigold entity.
If you are resident in the EEA or California, see Controlling Your Personal Data for rights information.
PROCESSING DETAILS
CUSTOMERS
Collection of Personal Data
Information You Provide To Us. You may provide Personal Data through the Services—for example, when you create credentials to access the Services, work with customer success/support, email us, or otherwise communicate. We’ll usually indicate if information is required or optional and any consequences of not providing it. This may include:
- Account Information. Name, email address, title, phone number, and other relationship/admin details.
- Billing Information. Payment details (e.g., credit card), billing address, purchase history, transactional details, usage history, and related communications.
- User Surveys. Opinions on our Services and future features.
Information Collected Automatically. When you use the Website/Services or receive our marketing emails, we automatically collect certain device and interaction information (often via cookies and similar technologies), such as IP address; device attributes (hardware model, OS, browser/version, unique IDs); connection info (ISP/carrier, language, time zone); device location (IP/Wi-Fi); and interactions with emails.
Information We Obtain From Third Parties. We may supplement records with information from public sources or trusted providers (e.g., name, employer, job title, email, phone, and other company/contact/employment data) to update, expand, analyze, and tailor marketing.
Purposes for Processing your Personal Data
- To Provide Information You Requested. Respond to inquiries, fulfill information requests, and support privacy-right requests.
- To Market To You. Send marketing/promotions (subject to preferences), advertise on third-party sites based on Website browsing, and share partner information. Purchased marketing data may be combined to tailor outreach.
- Business Analytics. Infer coarse location from IP; analyze aggregate/anonymous behavior; conduct internal analytics on usage, adoption, and forecasting.
- Legal Records & Compliance. Identify/authenticate, perform and enforce contracts (including billing/collections), respond to legal requests, and prevent fraud.
Disclosures
- To contractors/service providers and other third parties performing processing for us (e.g., billing, data hosting/analysis, support, marketing operations).
- As required by law or to protect rights/safety, investigate fraud, or respond to government/regulatory requests.
- To enforce our contractual rights and for billing/collection.
- To Marigold personnel for customer support, marketing, technical operations, and account management.
- To a buyer/successor in a merger, sale, or other asset transfer.
Lawful Basis (EEA/Switzerland/UK). Where we process for our own purposes, we generally rely on legitimate interests (balanced against your rights). In some cases, we rely on consent, legal obligation, or vital interests. If relying on consent, we obtain it per applicable law.
Data Retention. We retain Personal Data while we have an ongoing legitimate business need (e.g., fulfill requests, comply with legal/tax/accounting requirements). When no longer needed, we delete or anonymize it; if deletion isn’t feasible (e.g., backups), we securely store and isolate it until deletion is possible.
WEBSITE VISITORS and PROSPECTS
Collection of Personal Data
Information You Provide To Us. Certain parts of our site may ask you to provide Personal Data (e.g., name, contact details, company) when you request info, download content, request a demo, or otherwise contact us. We may also collect contact/professional details and feedback at events, surveys, or other interactions. We keep records of such communications.
Information Collected Automatically. When you visit the Website or receive our marketing emails, we automatically collect device/interaction information and may use cookies and similar tech.
When you receive marketing emails from us. We collect IP address, device attributes, connection info (ISP, browser, language, time zone, phone), and device location (IP/Wi-Fi).
Cookies and tracking technologies. We may collect device type, browser, broad geo (country/city), referrer, pages visited, and visit time. We (and providers) use cookies, pixel tags, and similar tech. See cookie details below.
Information From Third Parties. We may enrich our records using public sources and trusted providers (e.g., name, employer, title, email, phone, and other company/contact/employment info) to update, analyze, and tailor services.
Purposes for Processing Your Personal Data
- To Provide Information You Requested. Respond to requests, support privacy rights, and provide product/Service information.
- To Market To You. Send marketing/promotions (per preferences), advertise on third-party sites based on Website browsing, and send info about Marigold and partners.
- Business Analytics. Coarse geo from IP; analyze aggregate behavior; internal analytics on usage/adoption/forecasting.
- Legal Records & Compliance. Identify/authenticate, perform/enforce contracts, respond to legal requests, and prevent fraud.
Disclosures
- To processors supporting billing, data hosting/analysis, support, and marketing operations.
- As required by law or to protect rights/safety, investigate fraud, or respond to regulators.
- To enforce contracts and for billing/collection.
- To Marigold personnel for support, marketing, technical ops, and account management.
- To a buyer/successor in M&A/asset transfer.
Lawful Basis (EEA/UK). Generally legitimate interests for our own purposes (balanced against your rights). In some cases: consent, legal obligation, or vital interests.
Data Retention. Retained while we have an ongoing legitimate business need (e.g., provide requested info or meet legal/tax/accounting duties). Otherwise deleted/anonymized or securely stored in isolation until deletion is possible.
APPLICANTS FOR EMPLOYMENT
Information We Process
Information You Provide To Us. When you apply, proceed through hiring, or contact us, you may provide name, email, phone, résumé/CV, and similar details. We indicate required vs optional data and consequences of not providing it.
Information Collected Automatically. When you browse the Website, we automatically collect certain device information and may use cookies and similar tech.
Device Information. IP address, device attributes (hardware/OS/browser), connection info (ISP, browser, language, time zone, phone), and device location (IP/Wi-Fi).
Information From Third Parties. We may receive data from agencies acting on our behalf and combine it with what you provide (e.g., name, employer, title, email, phone, and other company/contact/employment info) to evaluate Applicants.
Purposes for Processing Your Personal Data
- Evaluate Applications. Understand qualifications and fit.
- Improve Hiring. Assess job descriptions and hiring effectiveness.
- Legal Records & Compliance. Identify/authenticate, perform/enforce agreements, respond to legal requests, and prevent fraud.
Disclosures — as described for Customers/Visitors (processors, legal, enforcement, internal access on need-to-know, and M&A).
Lawful Basis (EEA/CH/UK). Generally legitimate interests, with possible reliance on consent, legal obligation, or vital interests as applicable.
Data Retention. Retained while there’s an ongoing legitimate need (e.g., future opportunities or compliance). Otherwise deleted/anonymized; if not feasible, securely stored/isolated until deletion is possible.
COOKIES
What are cookies?
Cookies are small data files placed on your device when you visit a website. They help sites function, operate more efficiently, and provide reporting. A full list of our cookies is available via the Cookie Preferences center in the footer.
We set first-party cookies; third parties may set third-party cookies for features like advertising, interactive content, and analytics. These parties may recognize your device across sites.
Managing cookies deployed by this site
To control cookies on this site, open the Cookie Preferences center (footer). Device and app settings may also let you block ads. Removing or blocking cookies may affect site functionality.
Ad networks often provide opt-outs: aboutads.info/choices or youronlinechoices.com.
Controlling Your Personal Data
We extend the ability to retrieve, access, amend, or delete Personal Data processed under this Notice to any individual covered by it. US-based Marigold affiliates may adhere to the EU-US and Swiss Data Privacy Frameworks and the UK Extension. See the Data Privacy Framework section.
Data Protection Rights for EEA, Switzerland and UK Residents.
Marigold operates globally and is established in the EU via Selligent SA (Belgium). If needed, contact our EU entity at privacy@selligent.com.
- Access, review, change, update, or delete Personal Data via the support form in this section.
- Request removal of Personal Data from testimonials/blog/community via the support form (we’ll explain if we cannot remove something and why).
- Object to Processing, request restriction, or data portability via the support form.
- Opt out of marketing at any time using the “unsubscribe” link or email marketing@meetmarigold.com (for postal/phone, contact the same address). For privacy concerns, see Contact Us.
- If Processing is based on consent, you may withdraw consent at any time (without affecting prior lawful Processing).
- Complain to a supervisory authority (EEA DPAs list available online; UK residents may contact the ICO).
Data Protection Officer
HewardMills, 77 Farringdon Road, London EC1M 3JU — dpo@meetmarigold.com.
California Residents Privacy.
This section uses CPRA terminology (“personal information”). California consumers have the following rights:
- The right to know what personal information is collected.
- The right to know whether it is sold, shared, or disclosed—and to whom.
- The right to opt out of sale or sharing.
- The right to access their personal information.
- The right to equal service/price and freedom from discrimination for exercising privacy rights.
- The right to correct inaccurate personal information.
- The right to limit use/disclosure of sensitive personal information (as defined in Section 7027 CPRA regs).
Notice. Category descriptions, practices, and recipient types are provided throughout this Notice for each data-subject category.
Access/Correction/Deletion. California consumers may (twice in a 12-month period, free of charge) request a report of personal information collected, recipients, business/commercial purposes, and sources. Use the support form (or postal address below) to request access, correction, or deletion.
Choice. You may submit privacy-rights requests via the rights form and may revoke marketing consents using email unsubscribe or by contacting marketing@meetmarigold.com.
Selling/Sharing. We do not sell personal information under CPRA. We “share” for cross-context behavioral advertising via cookies. Opt out any time in the Cookie Preferences center by disabling “Advertising” cookies.
Partners. Where we partner with third parties for marketing, we will clearly identify partners and obtain any required consent before sharing.
Verification. We verify requests to the degree required by law (e.g., matching 2–3 data points depending on sensitivity/risk). Info provided for verification is used only for that purpose.
Authorized Agents. You may designate an agent with written authorization (or power of attorney). We may require identity verification of the consumer. Agents should use the same request channels.
Sensitive Personal Information. We do not collect, use, or disclose sensitive PI for purposes beyond those allowed by CPRA Section 7027(m).
GENERAL INFORMATION
Children
Our Website is not intended for and may not be used by minors (under 13, or higher where local law requires). We do not knowingly collect Personal Data from minors or allow them to register. If you believe we collected Personal Data from a minor, please contact support so we may delete it.
Third-Party Websites And Apps
This Notice applies only to our Website. Third-party sites/apps linked from our Website are governed by their own privacy policies and practices.
How Do We Keep Your Personal Data Secure?
We use appropriate technical and organizational measures to protect Personal Data against unauthorized access, disclosure, alteration, and destruction. No internet transmission is 100% secure; please use care online and consider tools such as firewalls and secure email.
International Data Transfers
We may process Personal Data in the United States and other countries that may have different data-protection laws from yours. We implement appropriate safeguards (e.g., Standard Contractual Clauses) and require equivalent protections from our providers. Details available upon request.
Changes To This Privacy Notice
We may update this Notice to reflect legal, technical, or business changes. The most current version governs our use of your Personal Data. Where required, we will seek your consent to material changes. See the “last updated” date at the top of this page.
CONTACT US
Thanks for taking the time to learn about our Site Privacy Notice. If you have any questions, please contact us:
Marigold
ATTN: VP of Global Data Privacy
11 Lea Ave
Nashville, TN 37210
Email: privacy@meetmarigold.com
Important: If you are resident in the EEA or UK, the “data controller” for the Personal Data described in this Notice is Marigold.
Services Privacy Notice
LAST UPDATED: May 23, 2024
OVERVIEW
This Services Privacy Notice provides details regarding the Processing of Personal Data related to Services provided by Marigold entities (“Marigold,” “we,” or “us”), as governed by the Services Agreement. Marigold also provides a Site Privacy Notice covering our Processing of Personal Data pertaining to Customers, Website Visitors and Prospects, and Applicants for employment, which you can find here.
This Notice serves two purposes:
- It supplements our Services Agreement by explaining how our Services Process Personal Data on behalf of our Customers.
- It provides notice and transparency for Customer Data Subjects whose Personal Data may be processed by the Services.
To execute a Data Protection Agreement (often a “DPA”), email privacy@meetmarigold.com with your legal entity name and the Marigold entity you contract with.
Further Information for Customer Data Subjects: In most cases, when your Personal Data is processed by our Services, we act as a Processor on behalf of our Customers. If you want to exercise privacy rights or have questions about how your Personal Data is handled by Marigold as a Processor, please contact the relevant Customer and refer to their privacy policy. If you cannot locate the Customer, you may write to privacy@meetmarigold.com.
SUMMARY OF THIS NOTICE
- What are the Services? Software-as-a-Service marketing products that help our Customers engage individuals via email/SMS and digital experiences (websites, landing pages, etc.), with analytics and insights.
- What does “Process” mean, and whose Personal Data is processed? Any action involving Personal Data (collection, observation, storage, use, deletion). The categories covered are listed below. Typically, Users are our Customers’ staff; Customer Data Subjects are the individuals our Customers engage.
- What Personal Data and for what purpose(s)? At minimum, Services process email, name, and IP address; Users provide more to access the Services. Other data is determined by our Customer (controller or processor under law).
- How long is Personal Data retained? As set by the Agreement with the Customer (and to support privacy requests).
- International transfers. Processing may occur in jurisdictions where Marigold is established (e.g., US, UK, EU, AU) and where sub-processors operate. Locations depend on each Customer’s implementation. Service Logs may be processed in all listed jurisdictions.
- Your privacy rights. Rights vary by law (e.g., GDPR/UK GDPR/CPRA). See the relevant rights sections to learn more.
- Selling/Sharing under California law. Marigold entities do not sell or share your Personal Data in providing the Services.
CATEGORIES OF DATA SUBJECTS
- Users of the Services. Any person accessing/using the Services through a Customer’s account (including individual/sole-proprietor users).
- Customer Data Subjects. Individuals whose Personal Data our Customers process via the Services (e.g., newsletter recipients, SMS recipients, site/app users).
PROCESSING DETAILS
USERS
Collection of Personal Data
Information You Provide To Us. When you create an account, interact with support, or otherwise communicate, you may provide: name, email, password, phone, job title, and organization.
Information Collected Automatically. We automatically collect certain device and usage information when you use the Services (often via cookies and similar technologies). Manage cookies via the cookie preference center.
- Device Information. IP address; device attributes (hardware, OS, browser/version, unique IDs); connection info (ISP/carrier, language, time zone, phone); device locations (IP/Wi-Fi).
- Log data. Server logs for each access, including originating IP and event metadata; metadata for uploaded files (e.g., images).
- Service usage. Dates/times, page views, features, crash logs, storage settings, device technical data, and performance metrics.
Purposes for Processing your Personal Data
- Provide the Services. Identify/authenticate users, enable login and account access, respond to inquiries, provide support, send service info and account notices.
- Customize the experience. Tailor features and recommendations to help you use the Services effectively.
- Improve the Services. Develop new features/content, fix bugs, and troubleshoot.
- Business Analytics. Coarse geolocation from IP; analyze aggregate behavior; forecast and measure adoption.
- Prevent Abuse/Illegal Activities. Screen for phishing/spam/fraud and other misuse.
- Legal Records & Compliance. Perform/enforce contracts (including billing/collection), respond to legal requests, and protect rights/safety.
Disclosures
- To contractors/service providers who process data for us (billing, hosting/analysis, support, marketing operations).
- As required by law or to protect rights/safety, investigate fraud, or respond to regulators.
- To enforce contracts and for billing/collection.
- To Marigold personnel (support, marketing, technical operations, account management).
- To a buyer/successor in a merger, sale, or asset transfer.
Lawful Basis (EEA/CH/UK). Generally our legitimate interests (balanced against your rights). In some cases, consent, legal obligation, or vital interests. If we rely on consent, we obtain it per law.
Data Retention. Retained while we have an ongoing legitimate business need (e.g., to provide requested Services or comply with legal/tax/accounting duties). Otherwise deleted/anonymized, or securely stored and isolated until deletion is possible. For Processor-role data, we follow Customer instructions.
CUSTOMER DATA SUBJECTS
ELECTRONIC MESSAGES SENT USING THE SERVICES
When Customers send emails, SMS/MMS, or other messages via the Services, Personal Data is processed.
Information provided to us as a service provider. Customers provide email addresses, phone numbers, and other identifiers; they may add Personal Data for personalization, records maintenance, and other Customer-defined purposes.
Information collected automatically. During message delivery, logs capture IP address, device attributes, connection info (ISP/carrier, browser, language, time zone, phone), and device location (IP/Wi-Fi).
Purpose. We act as Processor and carry out the Customer’s instructions to deliver and report on messages (subject to the Services Agreement and Acceptable Use Policy).
TRACKING TECHNOLOGIES DEPLOYED BY THE SERVICES
Cookies. Customers may use cookies to collect IP, browser, email client type, and interaction details.
Other technologies. Web beacons/pixels can track opens and clicks and collect IP, browser, client type, and similar details. Link clicks are tracked per recipient.
Purpose. Used by Customers to measure performance, target ads/marketing, and other controller-defined purposes (subject to Customer’s privacy notices and our Acceptable Use Policy).
DATA COLLECTION
Information you provide. Customers may collect Personal Data directly through landing pages, apps, forms, surveys, loyalty programs, and other experiences (e.g., name, email, and additional fields the Customer defines consistent with our AUP).
Observed information. Customers may collect interaction data to inform future communications and processing.
Purpose. Identify/segment Customer Data Subjects, target advertisements, analyze trends, and other controller-defined purposes.
Disclosures of Customer Data Subject Personal Data (limited circumstances):
- To our processors (billing, hosting/analysis, support, marketing ops).
- As required by law or to protect rights/safety, investigate fraud, or respond to regulators.
- To enforce contracts and for billing/collection.
- To Marigold personnel (support, marketing, technical operations, account management).
- To a buyer/successor in a merger, sale, or asset transfer.
Lawful Basis. In providing Services, Marigold acts as Processor/service provider, relying on the Customer’s instructions (and intervening only to enforce our Agreement/AUP or as required by law).
Data Retention. Personal Data processed for Customers is retained per Customer instructions—typically for the Agreement’s duration or until valid deletion requests are received. If you’re a Customer Data Subject seeking deletion, please contact the Customer directly.
Marigold Entities as Data Controllers
The Services run in environments controlled by each Marigold entity (cloud or physical, single or multi-tenant) and typically involve sub-processors. These systems generate Service Logs, which may include Personal Data that a Marigold entity processes as a data controller.
What are Service Logs? Factual records of system events created when Users access the Services, Customer Data Subjects receive/interact with messages, or Users modify/access Customer Data Subject data.
Why are Service Logs created? To monitor proper function/diagnostics, provide an auditable security record, allocate resources, and meet legal/industry best practices.
Our Collection of Personal Data.
- Security/threat detection. Logs from hardware/software designed to prevent unauthorized access (unique system IDs, IP, browser/OS info, and other connection data).
- Transactional server logs. Logins, user actions, API calls, and system events (unique IDs, IP, browser/OS info, and connection data).
- Message transmission. Standard delivery logs (email address, IP, ISP/carrier info, and message metadata).
Our purposes for Processing. Improve Services; business analytics; prevent abuse/illegal activities (phishing/spam/fraud); and legal records (identify/authenticate, perform/enforce contracts, respond to legal requests).
Disclosures. Limited to processors, legal obligations, enforcement/billing, internal personnel with need-to-know, and M&A successors.
Lawful Basis (EEA/CH/UK). Generally legitimate interests; sometimes legal obligation or vital interests.
Data Retention. Kept while we have an ongoing legitimate business need (e.g., prevent abuse, maintain legal records, or comply with law). Otherwise deleted/anonymized, or securely stored and isolated until deletion is possible. To exercise rights, follow the instructions here.
GENERAL
Children
Our Services are not intended for minors (under 13, or higher if local law requires). We do not knowingly collect Personal Data from minors. Customers/Users must ensure their use complies with children’s privacy laws (e.g., COPPA), including obtaining parental consent when required.
Third-Party Websites And Apps
This Notice applies to the Services only. Links to third-party sites/apps are governed by those parties’ privacy policies.
Product-Specific Notices
- Liveclicker uses the YouTube API services (governed by Google’s privacy policy).
- Marigold Engage + receives information from Google APIs and adheres to the Google API Services User Data Policy, including Limited Use requirements.
How Do We Keep Your Personal Information Secure?
We apply appropriate technical and organizational measures to protect Personal Data. No internet transmission is 100% secure; please use care online and consider tools such as firewalls and secure email.
Individual Privacy Rights
We act as a data processor/service provider and provide measures to help Customers honor individual rights. If you’re a User with questions on fulfilling rights for Customer Data Subjects, see resources here. If you believe a Marigold entity acts as Controller of your Personal Data, see the Marigold Privacy Notice here.
International Data Transfers
Subject to the Services Agreement/Ordering Documents, Services may be hosted or supported in the United States. We implement safeguards (e.g., EU Standard Contractual Clauses) for EEA/UK data; US-based affiliates may also participate in the EU-US/Swiss-US DPF and the UK Extension (see the Data Privacy Framework section). Similar safeguards apply to our providers and partners.
Changes To This Privacy Notice
We may update this Notice to reflect legal, technical, or business changes. The most current version governs. Where required, we’ll seek consent to material changes.
CONTACT
For Campaign Monitor Services privacy questions: privacy@meetmarigold.com. DPO: dpo@meetmarigold.com.
MarigoldATTN: VP of Global Data Privacy
11 Lea Ave
Nashville, TN 37210
Email: privacy@meetmarigold.com
Data Privacy Framework
EU, UK, and Swiss Data Protection Framework
This section applies to both the Site and Services Privacy Notices. For how we process Personal Data, your rights, and who to contact, see the Notices above.
Where eligible, Marigold’s US Affiliates (“we”) participate in and have certified compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF (collectively, the “Framework”). We commit to applying the Framework Principles to Personal Information received from the EU, UK, and Switzerland. Learn more at the U.S. Department of Commerce website and see the participant list there.
Participants: Marigold Group Inc. and subsidiaries (Emma Inc., Sailthru Inc., Liveclicker Inc., and Vuture Inc.). Each affiliate acts independently and agrees to the following Principles:
Data Privacy Framework Principles
- Accountability for Onward Transfer. We are responsible for Personal Information received under the Framework and any onward transfers to third parties acting as agents on our behalf, in line with the Principles.
- Onward Transfer Liability. We comply with onward-transfer requirements for data from the EU/UK/Switzerland.
- Access & Choice. For rights under the Principles (access, choice, and recourse), see Controlling Your Personal Data.
- Processing Details. Categories of Personal Information, purposes, and recipient types are described in the Notices.
- Regulatory Oversight. With respect to Personal Information under the Framework, Marigold is subject to U.S. Federal Trade Commission enforcement. We may disclose Personal Information in response to lawful requests by public authorities, including national security or law enforcement.
- Individual Access. Where we determine processing purposes, data subjects may request access by emailing privacy@meetmarigold.com. We may request reasonable identity verification and will work with any involved Customer(s) to correct, edit, or remove data as appropriate.
Independent Recourse Mechanism
Marigold agrees to cooperate with the EU Data Protection Authorities (EU DPAs), or as applicable the UK Information Commissioner’s Office (ICO) or the Swiss data protection authorities, to investigate and resolve complaints under the Framework, and to follow their advice (including remedial or compensatory measures) and confirm actions in writing.
Under certain conditions, individuals may invoke binding arbitration as defined by the Framework. These remedies are offered at no cost to the individual.
,