Privacy Policy

Effective as of April 24, 2020

This “Privacy Policy” describes the privacy practices of EngageSmart, LLC. (, “EngageSmart”, “we”, “us” or “our”) in connection with the www.engagesmart.com website, EngageSmart services portals, and any other website that we own or control and which posts or links to this Privacy Policy (collectively, the “Services”), and the rights and choices available to individuals with respect to their information.

Please note that this Privacy Policy does not apply to the information we process on behalf of our customers.  We provide cutting-edge security solutions to our customers, including platform and cloud-based security and intelligence subscription services and free community security tools.  Our processing of personal information on behalf of our customers is governed by agreements between us and our customers.  These agreements require our customers to comply with applicable privacy laws and, to the extent the customers are legally required, provide privacy notices to the individuals whose data our customers process using EngageSmart’s offerings.

Table of Contents

Personal Information We Collect

How We Use Your Personal Information

How We Share your Personal Information

Your Choices

Other Sites, Mobile Applications and Services

Security Practices

California Privacy Statement

International Data Transfers

Children

Notice to European Users

Changes to This Privacy Policy

How to Contact Us

Cookie Policy

Personal Information We Collect

Information you provide to us.  Personal information you provide to us through the Services or otherwise includes:

  • Business and personal contact information, such as your first and last name, email and mailing addresses, phone number, professional title and company name and information.
  • Content you choose to upload to the Services, such as comments on our blog and survey responses.
  • Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.
  • Registration information, such as information that may be related to a service or an event you register for.
  • Usage information, such as information about how you use the Service and interact with us, including information associated with any content you submit to us, and information you provide when you use any interactive features of the Service.
  • Information provided by job applicants, such as professional credentials and skills, educational and work history, and other information of the type that may be included on a resume or curriculum vitae.
  • Marketing information, such as your preferences for receiving communications about our activities, events, and publications, and details about how you engage with our communications
  • Other information that we may collect which is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.

Information we obtain from social media platforms. We may maintain pages for our Company on social media platforms, such as Facebook, LinkedIn, Twitter, Google, YouTube, Instagram, and other third party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy policy will apply to your interactions and their collection, use and processing of your personal information. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy.

Cookies and Other Information Collected by Automated Means 

We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and activity occurring on or through the Service. A listing of potential types of cookies are described at https://support.squarespace.com/hc/en-us/articles/360001264507-About-the-cookies-Squarespace-uses .  The information that may be collected automatically includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier (such as the Google Advertising ID or Apple ID for Advertising), browser type, IP address, general location information such as city, state or geographic area; and information about your use of and actions on the Services, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access.  Our service providers and business partners may collect this type of information over time and across third-party websites and mobile applications.

On our webpages, this information is collected using cookies, browser web storage (also known as locally stored objects, or “LSOs”), web beacons, and similar technologies, and our emails may also contain web beacons. See our Cookie Policy for more information.

We provide important information for individuals located in the European Union, European Economic Area, and United Kingdom (collectively, “Europe” or “European”) below.

How We Use Your Personal Information

We use your personal information for the following purposes and as otherwise described in this Privacy Policy or at the time of collection:

To operate the Services. We use your personal information to:

  • provide, operate and improve the Services
  • provide information about our products and services
  • establish and maintain your user profile on the Services
  • enable security features of the Services, such as by sending you security codes via email or SMS, and remembering devices from which you have previously logged in
  • communicate with you about the Services, including by sending you announcements, updates, security alerts, and support and administrative messages
  • communicate with you about events or surveys in which you participate
  • understand your needs and interests, and personalize your experience with the Services and our communications
  • provide support and maintenance for the Services
  • to respond to your requests, questions and feedback

For research and development.  We analyze use of the Services to improve the Services and to develop new products and services, including by studying user demographics and use of the Services.

To send you marketing and promotional communications.  We may send you EngageSmart-related marketing communications as permitted by law. You will have the ability to opt-out of our marketing and promotional communications as described in the Opt out of marketing section below.

To display advertisements. We work with advertising partners to display advertisements elsewhere online. These advertisements are delivered by our advertising partners and may be targeted based on your use of the Service or your activity elsewhere online. To learn more about your choices in connection with advertisements, please see the section below titled “Targeted online advertising.”

To manage our recruiting and process employment applications. We use personal information, such as information submitted to us in a job application, to facilitate our recruitment activities and process employment applications, such as by evaluating a job candidate for an employment activity and monitoring recruitment statistics.

To comply with law. We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.

For compliance, fraud prevention, and safety.  We may use your personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern the Services; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

With your consent.  In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.

To create anonymous, aggregated or de-identified data.  We may create anonymous, aggregated or de-identified data from your personal information and other individuals whose personal information we collect.  We make personal information into anonymous, aggregated or de-identified data by removing or not utilizing information that makes the data personally identifiable to you.  We may use this anonymous, aggregated or de-identified data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.

How We Share your Personal Information

We do not share your personal information with third parties without your consent, except in the following circumstances or as described in this Privacy Policy:

Affiliates.  We may share your personal information with our subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.

Service providers.  We may share your personal information with third party companies and individuals that provide services on our behalf or help us operate the Services (such as customer support, hosting, analytics, email delivery, marketing, and database management services). These third parties may use your personal information only as directed or authorized by us and in a manner consistent with this Privacy Policy, and are prohibited from using or disclosing your information for any other purpose.

Co-branded events.  We may share your personal information with third party companies that partner with us on co-branded events (such as webinars we offer with a partner).  These third parties may use your personal information consistent with their privacy policies.

Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.

For compliance, fraud prevention and safety. We may share your personal information for the compliance, fraud prevention and safety purposes described above.

Business transfers.  We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

Your Choices

In this section, we describe the rights and choices available to all users. Users who are located within Europe can find additional information about their rights below.

Opt out of marketing communications.  You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us at privacy@engagesmart.com.   You may continue to receive service-related and other non-marketing emails.

Cookies & Browser Web Storage.  We may allow service providers and other third parties to use cookies and similar technologies to track your browsing activity over time and across the Services and third-party websites. In doing so, a cookie may enable us to and determine what you look at and relate your use of the Services to your Personal Information. You can set your browser to not accept cookies by following the instructions for your chosen browser, but this may limit your ability to use the Site. For more details, see our Cookie Policy and https://www.squarespace.com/cookie-policy.

Do Not Track.  Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit.  We currently do not respond to “Do Not Track” or similar signals.  To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Choosing not to share your personal information. Where we are required by law to collect your personal information, or where we need your personal information in order to provide the Services to you, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our services.  We will tell you what information you must provide to receive the Services by designating it as required at the time of collection or through other appropriate means.

Other Sites, Mobile Applications and Services

The Services may contain links to other websites, mobile applications, and other online services operated by third parties as well as our affiliates.  These links are not an endorsement of, or representation that we are affiliated with, any third party.  In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions.  Other websites and services follow different rules regarding the collection, use and sharing of your personal information.  We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.

Security Practices

The security of your personal information is important to us.  We employ a number of organizational, technical and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all Internet and information technologies and we cannot guarantee the absolute security of your personal information.

California Privacy Statement

California residents have certain rights under the California Shine the Light law and the California Consumer Privacy Act (“CCPA”).

CCPA Disclosures

In general, within the preceding 12 months:

  • We have collected the categories of Personal Information listed in the “Personal Information We Collectsection above.
  • We have collected these categories of Personal Information directly from you, when you use our Services, and from third parties for the purposes described in “Personal Information We Collectsection above.
  • We have disclosed the following categories of Personal Information for business purposes: Identifiers and contact information; professional and employment-related information; commercial information; transactional information; and internet and network activity information.
  • We have not sold your Personal Information.

CCPA Privacy Rights

As of January 1, 2020, certain California residents are entitled to privacy rights under the CCPA. Customers who wish to exercise these rights should direct their requests to the EngageSmart customer contact that controls their Personal Information.

  • The right to know. You have the right to request to know (i) the specific pieces of Personal Information we have about you; (ii) the categories of Personal Information we have collected about you in the last 12 months; (iii) the categories of sources from which that Personal Information was collected; (iv) the categories of your Personal Information that we sold or disclosed in the last 12 months; (v) the categories of third parties to whom your Personal Information was sold or disclosed in the last 12 months; and (vi) the purpose for collecting and selling your Personal Information.
  • The right to deletion. You have the right to request that we delete the Personal Information that we have collected or maintain about you. We may deny your request under certain circumstances, such as if we need to comply with our legal obligations or complete a transaction for which your Personal Information was collected. If we deny your request for deletion, we will let you know the reason why.
  • The right to equal service. If you choose to exercise any of these rights, we will not discriminate against you in anyway. If you exercise certain rights, understand that you may be unable to use or access certain features of our Services.

You may exercise your right to know and your right to deletion twice a year free of charge. To exercise your right to know or your right to deletion, contact us at privacy@engagesmart.com.

We will take steps to verify your identity before processing your request to know or request to delete. We will not fulfill your request unless you have provided sufficient information for us to verify you are the individual about whom we collected Personal Information. If you have a customer account with us, we will use our existing customer account authentication practices to verify your identity. If you do not have a customer account with us, we may request additional information about you to verify your identity. We will only use the Personal Information provided in the verification process to verify your identity or authority to make a request and to track and document request responses unless you initially provided the information for another purpose.

You may use an authorized agent to submit a request to know or a request to delete. When we verify your agent’s request, we may verify both your and your agent’s identity and request a signed document from you that authorizes your agent to make the request on your behalf. To protect your Personal Information, we reserve the right to deny a request from an agent that does not submit proof that they have been authorized by you to act on their behalf.

Shine the Light

Our California customers are also entitled to request and obtain from EngageSmart once per calendar year information about any of your Personal Information shared with third parties for their own direct marketing purposes, including the categories of information and the names and addresses of those businesses with which we have shared such information. To request this information please contact us at privacy@engagesmart.com.

International Data Transfers

We are headquartered in the United States and have service providers in other countries, and your personal information may be transferred to the United States or other locations outside of your state, province, or country where privacy laws may not be as protective as those in your state, province, or country.

European Union users should read the important information provided below about transfer of personal information outside of the European Union.

Children

The Services are not directed to, and we do not knowingly collect personal information from, anyone under the age of 16.  If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us. We will delete such information from our files as soon as reasonably practicable.  We encourage parents with concerns to contact us.

Notice to European Users

The information provided in this “Notice to European Users” section applies only to individuals in Europe.

Personal information. References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.

Controller.  EngageSmart, LLC is the controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation.

Processing purpose

Details regarding each processing purpose listed below are provided in the section above titled “How we use your personal information”.

Legal basis

To operate the Services

 

Processing is necessary to perform the contract governing our provision of the Services or to take steps that you request prior to signing up for the Services. If we have not entered into a contract with you, we process your personal information based on our legitimate interest in providing the Services you access and request.

●  For research and development

●  To send you marketing and promotional communications

●  To display advertisements

●  To manage our recruiting and process employment applications

●  For compliance, fraud prevention and safety

●  To create anonymous data

These activities constitute our legitimate interests.   We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To comply with law Processing is necessary to comply with our legal obligations.
With your consent Processing is based on your consent. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or in the Services.

Use for new purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it.  If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Sensitive personal information.  We ask that you not provide us with any sensitive personal information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services, or otherwise to us.

If you provide us with any sensitive personal information to us when you use the Services, you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not submit such sensitive personal information through our Services.

Retention

We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

When we no longer require the personal information we have collected about you, unless prohibited by applicable law, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.  If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.

Information for Visitors from Outside of the United States

We are located in the United States, where the laws may be different and, in some cases, less protective than the laws of other countries. By providing us with your Personal Information and using the Services, you acknowledge that your Personal Information will be transferred to and processed in the United States and other countries where we and our vendors operate. If we receive or transfer your personal information from Europe or Switzerland to a third country and are required to apply additional safeguards to your personal information under European data protection legislation, we use good faith efforts to do so.

Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Services. We may, and if required by law will, also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through the Services.

Any modifications to this Privacy Policy will be effective upon our posting the new terms and/or upon implementation of the new changes on the Services (or as otherwise indicated at the time of posting). In all cases, your continued use or visiting of the Services after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy

How to Contact Us

Please direct any questions or comments about this Privacy Policy or privacy practices at privacy@engagesmart.com. You may also write to us via postal mail at:

EngageSmart, LLC
30 Braintree Hill Office Park, Suite 101
Braintree, MA 02184

We reserve the right to change these Terms from time to time at our sole discretion. Please check this page periodically for any updates.

This Privacy Policy is governed by the laws of the Commonwealth of Massachusetts, U.S.A., excluding any conflict of laws rules or principles.

If there is any dispute relating to the Site or Privacy Policy, you and EngageSmart agree to exclusive personal jurisdiction and venue in the state and federal courts of Boston, Massachusetts, U.S.A.

If any provision of this Privacy Policy is found to be invalid or unenforceable, that provision will be struck, and the remaining provisions will remain in full effect.

If you or others violate this Privacy Policy and we take no immediate action, this in no way limits or waives our rights, such as our right to take action in the future or in similar situations.

 

This Privacy Policy was last updated on April 24, 2020 and is effective immediately.

 

© 2021 EngageSmart, LLC. All Rights Reserved

 

EngageSmart and other service marks and trademarks are owned by EngageSmart, LLC.

Cookie Policy

This Cookie Policy explains how EngageSmart, LLC. (“EngageSmart”, “we”, “us” or “our”) uses cookies and similar technologies in connection with the www.engagesmart.com website and any other website that we own or control and which posts or links to this Cookie Policy (collectively, the “Sites”).

What are cookies?

Cookies are small data files that are placed on your computer or mobile device when you visit a website. Cookies serve different purposes, like helping us understand how a site is being used, letting you navigate between pages efficiently, remembering your preferences and generally improving your browsing experience.

Our Sites may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them).

We use two broad categories of cookies: (1) first party cookies, served directly by us to your computer or mobile device, which we use to recognize your computer or mobile device when it revisits our Sites; and (2) third party cookies, which are served by service providers or business partners on our Sites, and can be used by these parties to recognize your computer or mobile device when it visits other websites. Third party cookies can be used for a variety of purposes, including site analytics, advertising and social media features.

 

What types of cookies and similar tracking technologies does EngageSmart use on the Sites?

On the Sites, we use cookies and other tracking technologies in the following categories described in the table below.

 

Type Description Who serves the cookies How to control them
Analytics These cookies are used by advertising companies to collect information about how you use our Sites and other websites over time. These companies use this information to show you ads they believe will be relevant to you within our Sites and elsewhere, and to measure how the ads perform. LinkedIn See ‘your choices’ below.
Advertising These cookies help us understand how our Sites are performing and being used. These cookies may work with web beacons included in emails we send to track which emails are opened and which links are clicked by recipients.

Google Analytics

HubSpot

Bizible

Marketo

See ‘your choices’ below.

Google Analytics uses its own cookies. You can find out more information about Google Analytics cookies here and about how Google protects your data here. You can prevent the use of Google Analytics relating to your use of our Sites by downloading and installing a browser plugin available here.

You can prevent the use of Bizible tracking relating to your use of our Sites by visiting the Bizible opt-out site available here.

Essential These cookies are necessary to allow the technical operation of our Sites (e.g., they enable you to move around on a website and to use its features). Google Tag Manager See ‘your choices’ below.
Functionality/performance These cookies enhance the performance and functionality of our Sites.

Twitter

LinkedIn

See ‘your choices’ below.

 

Other technologies

In addition to cookies, our Sites may use other technologies, such as Flash technology and pixel tags to collect information automatically.

Browser Web StorageWe may use browser web storage (including via HTML5), also known as locally stored objects (“LSOs”), for similar purposes as cookies. Browser web storage enables the storage of a larger amount of data than cookies. Your web browser may provide functionality to clear your browser web storage.

Web BeaconsWe may also use web beacons (which are also known as pixel tags and clear GIFs) on our Sites and in our HTML formatted emails to track the actions of users on our Sites and interactions with our emails. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages or within HTML formatted emails. Pixel tags are used to demonstrate that a webpage was accessed or that certain content was viewed, typically to measure the success of our marketing campaigns or engagement with our emails and to compile statistics about usage of the Sites, so that we can manage our content more effectively.

Your choices

Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the Sites may not work properly.

For more information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org. If you do not accept our cookies, you may experience some inconvenience in your use of our Sites. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Sites.

For more information about how we collect, use and share your information, see our Privacy Policy.

ChangesInformation about the cookies we use may be updated from time to time, so please check back on a regular basis for any changes.

QuestionsIf you have any questions about this Cookie Policy, please contact us by email at privacy@engagesmart.com.