Privacy Policy

Privacy Policy

Effective date: February 3, 2020

At Ceipal Corp. (“Ceipal”) we take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal information. By using or accessing our Site in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use and share your information as described in this Privacy Policy.

Remember that your use of Ceipal’s Site is at all times subject to our Terms of Use, which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Use.  Please note that this privacy policy applies only to the information collected through our website and not information collected offline.

You may print a copy of this Privacy Policy by clicking here. If you have a disability, you may access this Privacy Policy in an alternative format by contacting compliance@ceipal.com.

1) What this Privacy Policy Covers

This Privacy Policy covers how we treat Personal Data that we gather when you access or use our Site. “Personal Data” means any information that identifies or relates to a particular individual and also includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules or regulations. This Privacy Policy does not cover the practices of companies we don’t own or control or people we don’t manage.

2) What Information Does Ceipal Collect?

A. Personal Data Collected for Ceipal‘s Customers Via Our ATS or WorkForce Platforms (the “Ceipal Services”)

When Ceipal collects and uses Personal Data in the performance of the Ceipal Services for our business customers the following provisions will apply:

The Personal Data Collected for Ceipal‘s Customers

Ceipal may collect, receive, process, and store Personal Data under the direction of its customers in the course of providing those customers with the Ceipal Services. This Personal Data may include, but is not limited to, Personal Data as your name, phone number, job title, employer name, mailing address, email addresses, and other information identifiable to you such as information one would ordinarily expect to find on a resume. In addition, we collect Personal Data from our customers’ authorized users and account administrators (typically, their employees or agents) in order to provide them with accounts to access the Ceipal Services.  This information may include, but is not limited to, credential and profile data (such as name, contact information, employer, job title, and other relevant information).

Ceipal has no direct relationship with the consumers whose Personal Data Ceipal collects in the course of providing the Ceipal Services.  All such information is owned and controlled by our customers, who are the data controllers for such information with respect to data protection laws.

How We Use the Personal Data Collected by Ceipal‘s Customers

Ceipal may use this information for various purposes for the benefit of its customers, including, but not limited to, providing them with contracted Ceipal Services.

Access to Personal Data Controlled by Ceipal’s Customers

Ceipal has no direct relationship with the consumers whose Personal Data Ceipal receives in the course of providing the Ceipal Services to its customers. An individual consumer who seeks access, or who seeks to correct, amend, or delete inaccurate Personal Data should direct his query to Ceipal’s customer. If the customer then requests Ceipal to correct, amend, or delete the data in Ceipal’s possession or control, we will respond to their request promptly.

Retention of Personal Data

Ceipal will retain Personal Data we receive in the course of providing the Ceipal Services to our customers for as long as (i) directed by the customers or otherwise agreed to with them, (ii) otherwise needed to provide the Ceipal Services to the customers and (iii) as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

B. Personal Data Collected from Visitors to Our Websites and through Ceipal Sales, Marketing, and Support Activities

We gather various types of Personal Data such as name, email address, company name, phone number, and device type from our users, as explained more fully below. We may use this Personal Data to personalize and improve our Site, to contact users, to fulfill your requests for certain products and services, to analyze how users utilize the Site, and as otherwise set forth in this Privacy Policy. We may share certain types of Personal Data with third parties (described in this Section and in Section 5 below).

The following chart details the categories of Personal Data that we collect and have collected over the past 12 months from visitors to our websites and through Ceipal sales, marketing and customer support activities. For each category of Personal Data, these subsections also set out our commercial and business purpose for collecting that Personal Data and the categories of third parties with whom we share that Personal Data. More information regarding those sources and categories is set forth in the charts below. The chart in this section details the categories of Personal Data that we collect and have collected over the past 12 months:

Category of Personal DataPersonal Data We CollectSource(s) of Personal DataThird Parties with Whom We Share this Personal Data for a Business Purpose
Personal Identifiers
  • First and last name

  • Email

  • Phone number

  • Mailing address

  • You

  • Service providers

  • Acquirors

  • Parties you authorize, access, or authenticate
Geolocation Information
  • Zip code

  • You

  • Service providers

  • Acquirors

  • Parties you authorize, access, or authenticate
Employment Data
  • Employer

  • Job title

  • You

  • Third parties

  • Service providers

  • Parties you authorize, access, or authenticate
Other Identifying Information That You Voluntarily Choose to Provide
  • Unique identifiers such as passwords

  • Personal data in emails, calls or letters you send to us

  • You

  • Service providers

  • Parties you authorize, access, or authenticate
Device/IP Information
  • IP address

  • Device ID

  • Domain server

  • Type of device/operating system/browser used to access the Site

  • Log data

  • Access times

  • Hardware and software information

  • You

  • Service providers

  • Ad partners

  • Parties you authorize, access, or authenticate

Web Analytics
  • Web page interactions

  • Referring webpage/source through which you access the Site

  • Non-identifiable request IDs

  • Statistics associated with the interaction between device or browser and the Site

  • Usage information

  • Cookies and other tracking technologies (e.g., web beacons, pixel tags, SDKs)

  • You

  • Third parties

  • Service providers

  • Ad partners

  • Parties you authorize, access, or authenticate

3) Categories of Sources of Personal Data

Sources of Personal Data

We collect Personal Data about you from the following categories of sources:

  • “You”
    • When you provide such information directly to us.
    • When Personal Data about you is automatically collected in connection with your use of our Site (see the subsection titled “Information Collected Automatically” below).
  • “Third Parties”
    • Third parties that provide us with Personal Data about you. Third Parties that share your Personal Data with us include:
      • Service providers. For example, we may use analytics service providers to analyze how you interact and engage with the Site, or third parties may help us provide you with customer support.
      • Our business customers. If you share Personal Data with our business customers, they may share that information with us in order to chat or email with you through the Site and to store your information on the Site.
      • Advertising partners. We receive information about you from some of our service providers who assist us with marketing or promotional services related to how you interact with our websites, applications, products, services, advertisements or communications.

Cookies and other Information Collected Automatically

The Site use cookies and similar technologies such as pixel tags, web beacons, clear GIFs and JavaScript (collectively, “Cookies”) to enable our servers to recognize your web browser and tell us how and when you visit and use our Site, to analyze trends, learn about our user base and operate and improve our Site. Cookies are small pieces of data– usually text files – placed on your computer, tablet, phone or similar device when you use that device to access our Site. We may also supplement the information we collect from you with information received from third parties, including third parties that have placed their own Cookies on your device(s). Please note that because of our use of Cookies, the Site does not support “Do Not Track” requests sent from a browser at this time.

We use the following types of Cookies:

  • Essential Cookies. Essential Cookies are required for providing you with features or services that you have requested. For example, certain Cookies enable you to log into secure areas of our Site. Disabling these Cookies may make certain features and services unavailable.
  • Functional Cookies. Functional Cookies are used to record your choices and settings regarding our Site, maintain your preferences over time and recognize you when you return to our Site. These Cookies help us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Performance/Analytical Cookies. Performance/Analytical Cookies allow us to understand how visitors use our Site such as by collecting information about the number of visitors to the Site, what pages visitors view on our Site and how long visitors are viewing pages on the Site. Performance/Analytical Cookies also help us measure the performance of our advertising campaigns in order to help us improve our campaigns and the Site’s content for those who engage with our advertising. For example, Google Inc. (“Google”) uses cookies in connection with its Google Analytics services. Google’s ability to use and share information collected by Google Analytics about your visits to the Site is subject to the Google Analytics Terms of Use and the Google Privacy Policy. You have the option to opt-out of Google’s use of Cookies by visiting the Google advertising opt-out page at www.google.com/privacy_ads.html or the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout/.

You can decide whether or not to accept Cookies through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You can also delete all Cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit our Site and some of the functionalities may not work.

To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find out more information about Cookies, including information about how to manage and delete Cookies, please visit https://www.allaboutcookies.org/ or https://ico.org.uk/for-the-public/online/cookies/ if you are located in the European Union.

4) How we use the Personal Data we Collect

We process Personal Data to operate, improve, understand and personalize our Site. We may use Personal Data for the following purposes:

  • To meet or fulfill the reason you provided the information to us.
  • To communicate with you about the Site, including Service announcements, updates or offers.
  • To provide support and assistance for the Site.
  • To respond to user inquiries and fulfill user requests.
  • To improve and develop the Site, including testing, research, analysis and product development.
  • To protect against or deter fraudulent, illegal or harmful actions and maintain the safety, security and integrity of our Site.
  • To comply with our legal or contractual obligations, resolve disputes, and enforce our Terms of Use.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • For any other business purpose stated when collecting your Personal Data or as otherwise set forth in applicable data privacy laws, such as the California Consumer Privacy Act (the “CCPA”).

We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated, or incompatible purposes without providing you notice.

As noted in the list above, we may communicate with you if you’ve provided us the means to do so. For example, if you’ve given us your email address, we may send you promotional email offers or email you about your use of the Site. Also, we may receive a confirmation when you open an email from us, which helps us improve our Site. If you do not want to receive communications from us, please indicate your preference by emailing us at compliance@ceipal.com.

5) With Whom Do We Share Your Personal Data for Business Purposes

We disclose your Personal Data as indicated in the chart above to the following categories of service providers and other parties:

  • “Service Providers”
    • These are third parties that help us provide our services through the Site, including, ad networks, security and fraud prevention providers, hosting and other technology and communications providers, analytics providers, and staff augmentation and contract personnel.
  • “Acquirors”
    • These are parties who acquire your Personal Data through an acquisition or other change of control. Personal Data may be transferred to a third party if we undergo a merger, acquisition, bankruptcy or other transaction in which that third party assumes control of our business (in whole or in part).
  • “Selected Recipients”
    • These are third parties that we share your Personal Data with at your direction, including:
      • Third-party business partners who you access through the Site.
      • Other parties authorized by you

We may share your Personal Data to service providers and other parties for the following business purposes:

  • Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity.
  • Debugging to identify and repair errors that impair existing intended functionality.
  • Short-term, transient use of Personal Data that is not used by another party to build a consumer profile or otherwise alter your consumer experience outside the current interaction.
  • Performing services on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, or providing similar services on behalf of the business or service provider.
  • Undertaking internal research for technological development and demonstration.
  • Undertaking activities to verify or maintain the quality or safety of a service or device that we own, manufacture (or that was manufactured for us) or control.

6) Data Security and Retention

We seek to protect your Personal Data from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of Personal Data and how we are processing that data. We implement a variety of security measures to maintain the safety of your personal information when you submit a request, place an order or enter, submit, or access your personal information.  These security measures include: password protected directories and databases to safeguard your information, SSL (Secure Sockets Layered) technology to ensure that your information is fully encrypted and sent across the Internet securely, and PCI Scanning to actively protect our servers from hackers and other vulnerabilities.

The Website may contain links to other sites. We are not responsible for the privacy policies and/or practices on other sites. When following a link to another site you should read that site’s privacy policy.

We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you with our Site. In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.

7) Personal Data of Children

As noted in the Terms of Use, we do not knowingly collect or solicit Personal Data about children under 16 years of age; if you are a child under the age of 16, please do not attempt to register for or otherwise use the Site or send us any Personal Data. If we learn we have collected Personal Data from a child under 16 years of age, we will delete that information as quickly as possible. If you believe that a child under 16 years of age may have provided Personal Data to us, please contact us at compliance@ceipal.com.

8) What Choices Do I Have?

You can always opt not to disclose information to use, but keep in mind some information may be needed to register with us or to take advantage of some of our special features.

You may be able to add, update, or delete information by emailing us at to compliance@ceipal.com. When you update information, however, we may maintain a copy of the unrevised information in our records. You may request deletion of your account via email to compliance@ceipal.com. Please note that some information may remain in our private records after your deletion of such information from your account if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. We may use any aggregated data derived from or incorporating your Personal Data after you update or delete it, but not in a manner that would identify you personally.

We collect information for our customers, if you have been contacted by one of our customers and would no longer like to be contacted by one of our customers through use of our service, please contact the customer that you interact with directly. Ceipal will retain personal data we process on behalf of our customers for as long as needed to provide services to our customer. Ceipal will retain and use this Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

If you do not wish to receive email or other mail from us, please contact us via email at compliance@ceipal.com or follow the unsubscribe instructions in each promotional email. Please note that if you do not want to receive legal notices from us, such as this Privacy Policy, those legal notices will still govern your use of the Website, and you are responsible for reviewing such legal notices for changes.

If you are a resident of California or the European Union, you may have additional rights. Please see the California Rights and EU Residents sections below for more information.

9) Changes to this Privacy Policy

We may amend this Privacy Policy from time to time. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

10) California Resident Rights

If you are a California resident, you have the rights set forth in this section. Please see the “Exercising Your Rights” section below for instructions regarding how to exercise these rights. Please note that we may process Personal Data of our customers’ end users or employees in connection with our provision of certain services to our customers. If we are processing your Personal Data as a service provider, you should contact the entity that collected your Personal Data in the first instance to address your rights with respect to such data.

If there are any conflicts between this section and any other provision of this Privacy Policy and you are a California resident, the portion that is more protective of Personal Data shall control to the extent of such conflict. If you have any questions about this section or whether any of the following rights apply to you, please contact us at compliance@ceipal.com.

Access

You have the right to request certain information about our collection and use of your Personal Data over the past 12 months. In response, we will provide you with the following information:

  • The categories of Personal Data that we have collected about you.
  • The categories of sources from which that Personal Data was collected.
  • The business or commercial purpose for collecting or selling your Personal Data.
  • The categories of third parties with whom we have shared your Personal Data.
  • The specific pieces of Personal Data that we have collected about you.

If we have disclosed your Personal Data to any third parties for a business purpose over the past 12 months, we will identify the categories of Personal Data shared with each category of third-party recipient. If we have sold your Personal Data over the past 12 months, we will identify the categories of Personal Data sold to each category of third-party recipient.

Deletion

You have the right to request that we delete the Personal Data that we have collected about you. Under the CCPA, this right is subject to certain exceptions: for example, we may need to retain your Personal Data to provide you with the Site or complete a transaction or other action you have requested. If your deletion request is subject to one of these exceptions, we may deny your deletion request.

Exercising Your Rights

To exercise the rights described above, you must send us a request that (1) provides sufficient information to allow us to verify that you are the person about whom we have collected Personal Data, and (2) describes your request in sufficient detail to allow us to understand, evaluate and respond to it. Each request that meets both of these criteria will be considered a “Valid Request.” We may not respond to requests that do not meet these criteria. We will only use Personal Data provided in a Valid Request to verify your identity and complete your request. You do not need an account to submit a Valid Request.

We will work to respond to your Valid Request within 45 days of receipt. We will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive or manifestly unfounded. If we determine that your Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your request.

You may submit a Valid Request using the following methods:

You may also authorize an agent (an “Authorized Agent”) to exercise your rights on your behalf. To do this, you must provide your Authorized Agent with written permission to exercise your rights on your behalf, and we may request a copy of this written permission from your Authorized Agent when they make a request on your behalf.

We Will Not Discriminate Against You for Exercising Your Rights Under the CCPA

We will not discriminate against you for exercising your rights under the CCPA. We will not deny you our goods or services, charge you different prices or rates, or provide you a lower quality of goods and services if you exercise your rights under the CCPA. However, we may offer different tiers of our Site as allowed by applicable data privacy laws (including the CCPA) with varying prices, rates or levels of quality of the goods or services you receive related to the value of Personal Data that we receive from you.

Other California Resident Rights

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes; in order to submit such a request, please contact us at compliance@ceipal.com.

11) Nevada Resident Rights

If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Data to third parties who intend to license or sell that Personal Data. You can exercise this right by contacting us at compliance@ceipal.com with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your account. Please note that we do not currently sell your Personal Data as sales are defined in Nevada Revised Statutes Chapter 603A.

12) EU Residents

If you are a resident of the European Union (“EU”), United Kingdom, Liechtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below.

For this Section 12, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. Ceipal Corp. and its affiliates will be the controller of your Personal Data processed in connection with your use of the Site.

Where applicable, this Section 12 is intended to supplement, and not replace, the other provisions of the Privacy Policy. If there are any conflicts between this section and any other provision of this Privacy Policy, the policy or portion that is more protective of Personal Data shall control to the extent of such conflict. If you have any questions about this section or whether any of the following applies to you, please contact us at compliance@ceipal.com. Note that we may also process Personal Data of our customers’ end users or employees in connection with our provision of services to customers, in which case we are the processor of Personal Data. If we are the processor of your Personal Data (i.e., not the controller), please contact the controller party in the first instance to address your rights with respect to such data.

What Personal Data Do We Collect From You and How Do We Use It?

Please refer to Section 3 – What Information Does Ceipal Collect? and Section 4 – How We Use the Personal Data We Collect above for information about the Personal Data we collect about you and how we use it.

On What Basis Do We Justify Processing Your Personal Data

We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below, and depending on the Personal Data involved and the specific context in which we collect it. Ceipal’s processing of your Personal Data is justified on one or more of the following legal bases:

Performance of Contract: The processing is necessary to perform a contract with you or take steps to enter into a contract at your request. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Site that require such data. Examples include: name, email address, address and phone number.

Our Legitimate Interests: The processing is in our legitimate interests, subject to your interests and fundamental rights, and notably our legitimate interest in using applicable data to conduct and develop our business activities, such as developing and maintaining relationships with our customers, our operation and improvement of our business, products and services, marketing of our products and services, provision of customer support, protection from fraud or security threats, compliance with legal obligations, and completion of corporate transactions. Examples include: name, email address, address, phone number, Content, and information about you that is automatically collected when you use the Site as detailed above.

Compliance with Law: The processing is necessary for us to comply with a relevant legal obligation;

With Your Consent: You have consented to the processing (for example, where we are required by local law to rely upon your prior consent for the purposes of direct marketing); or

Defend Our Rights; Protect Vital Interests: The processing is necessary to the establishment, exercise, or defense of legal claims or rights or to protect your vital interests or those of another person.

How and With Whom Do We Share Your Data?

Please refer to Section 5 – With Whom Do We Share Your Personal Data for Business Purposes? above for information about how and with whom we share your Personal Data.

What Rights Do You Have Regarding Your Personal Data?

You have certain rights with respect to your Personal Data, including those set forth below.  For more information about these rights, or to submit a request, please email compliance@ceipal.com. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision.  In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.

Special Note Regarding Personal Data Processed by Ceipal through the Ceipal Services:  If Ceipal has collected or is otherwise processing your Personal Data through a Ceipal‘s customer’s use of the Ceipal Services you should contact that customer in the first instance to address your rights with respect to the Personal Data.

Access:  You can request more information about the Personal Data we hold about you and request a copy of such Personal Data.

Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.

Erasure: You can request that we erase some or all of your Personal Data from our systems.

Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Site.

Portability:  You can ask for a copy of your Personal Data in a machine-readable format.  You can also request that we transmit the data to another controller where technically feasible.

Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.

Restriction of Processing:  You can ask us to restrict further processing of your Personal Data.

Right to File Complaint:  You have the right to lodge a complaint about Ceipal’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.

Transfers of Personal Data

The Site is hosted and operated in the United States (“U.S.”) through Ceipal and its service providers, and if you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Site, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Ceipal in the U.S. and will be hosted on U.S. servers, and you authorize Ceipal to transfer, store and process your information to and in the U.S., and possibly other countries.  You hereby consent to the transfer of your data to the U.S. pursuant to another safeguard(s) for cross-border transfer: (i) a data processing agreement incorporating standard data protection clauses promulgated by the EC, a copy of which can be obtained at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32010D0087 , (ii) binding corporate rules for data protection that align with the GDPR’s requirements, or (iii) adherence to an industry- or technology-specific approved code of conduct blessed by the EC.

13) Questions or Concerns

If you have any questions or concerns regarding our privacy policies, please send us a detailed message to compliance@ceipal.com or Ceipal, Attn. Privacy Policy 687 Lee Road, Suite 208A, Rochester, NY 14606. We will make every effort to resolve your concerns.

Website design and coding provided and warranted by Accelerate Media.

Gmail Add-On

It’s important to Ceipal to help our customers retain their privacy because we believe your business is no one else’s. To protect your privacy, Ceipal follows different principles in accordance with worldwide practices for customer privacy and data protection.

What information do you collect?

We collect information from you when you register on our site, place an order, subscribe to our newsletter, respond to a survey, or fill out a form. Any data we request that is not required will be specified as voluntary or optional.

When ordering or registering on our site, you may be asked to enter your name, e- mail address, mailing address, phone number, and any other relevant information required for us to share and present our information to our customers. You may, however, visit our site anonymously.

What do you use the information for?

Any of the information we collect from you may be used in one of the following ways:

  • To personalize your experience
  • To improve our website
  • To improve customer service
  • To process transactions
  • To send periodic emails
  • To administer a contest, promotion, survey, or other site feature
  • To alert you to product upgrades, special offers, updated information, & other new services

How do you protect information?

We implement a variety of security measures to maintain the safety of your personal information when you submit a request, place an order or enter, submit, or access your personal information.

These security measures include: password protected directories and databases to safeguard your information, SSL (Secure Sockets Layered) technology to ensure that your information is fully encrypted and sent across the Internet securely, and PCI Scanning to actively protect our servers from hackers and other vulnerabilities.

We use a secure server, so all supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems.
After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers.

Do you use Cookies?

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser that enables the sites’ or service providers’ systems to recognize your browser and capture and remember certain information. This helps the site remember user preferences and create a more personalized experience.

Do you disclose any information to outside parties?

We do not sell, trade, or otherwise transfer your personally identifiable information to parties not relevant to our business or the purpose of data collected to for your service. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

We may disclose your personal information, without notice, if required to do so by law or in the belief that such action is necessary to:

  • Conform to the edicts of the law or comply with legal process served on the site
  • Protect and defend the rights or property of Ceipal and its family of websites
  • Act in urgent circumstances to protect the personal safety of users of v, its websites, or the public

Consent

If you choose not to register or provide personal information, you can still use most of website. However, you will not be able to access areas that require registration.

If you decide to register, you will be able to select the kinds of information you want to receive from us by subscribing to various services, like our electronic newsletters, product brochures, and trail subscriptions to platform portals. If you do not want us to communicate with you about other offers regarding products, programs, events, or services by email, postal mail, or telephone, you may select the option stating that you do not wish to receive marketing messages.

Ceipal occasionally allows other companies to offer our registered customers information about their products and services, using postal mail only. If you do not want to receive these offers, you may select the option stating that you do not wish to receive marketing materials from third parties.

Access

We will provide you the means to ensure your personal information is correct and current. You may review and update this information at any time at the Visitor Center. There, you can:

  • View and edit personal information you have already given us
  • Tell us whether you want to receive marketing information
  • Tell us whether you want third parties to send you their offers by postal mail
  • Sign up for electronic newsletters about our services and products

Third Party Links

The Ceipal Services may provide links to other websites or resources over which Ceipal does not have control (External Web Sites). Such links do not constitute an endorsement by Ceipal and they are provided to you only as a convenience. Ceipal is not responsible for the content of External Web Sites and your use of External Web Sites is subject to the terms of use and privacy policies located on the applicable External Web Site. We encourage you to read the privacy statements of External Web Sites that collect your personal information.

Third Party Websites

You can access Ceipal and its services from several third-party websites (in the form of plug-ins, add-ins, etc). When you do so, you are thereby subject to the policies of that site regarding privacy and data collection and you should read those sites’ privacy policies to make sure you agree to them before usage. Ceipal does not collect, transmit, or process data from any plug-ins such as the:

  • Office 365 Outlook Add-in
  • Desktop Outlook Plug-in
  • Windows Plug-in
  • Google Chrome Plug-in
  • Gmail Add-on

Electronic Product Registration

When you buy and install a new product, we may ask you to register your purchase electronically. When you do, we merge your registration information with any information you’ve already provided (we call that information your personal profile). If you haven’t previously registered with us, we create a personal profile for you from your product registration information. If you ever want to review or update that information, you can visit the Profile Center, click on Update Profile, and edit any of the Personal Information in your profile. If you haven’t already created a Registration ID, we will ask you to do so. This ensures that only you can access your information.

Customer Profiles

As mentioned above, every registered customer has a unique personal profile. Each profile is assigned a unique personal identification number, which helps us ensure that only you can access your profile.

When you register, we create your profile, assign a personal identification number, then send this personal identification number back to your hard drive in the form of a cookie. This code is uniquely yours and acts as your passport to travel across website, allowing you to download free software, order free newsletters, and visit premium sites without having to fill out registration forms with information you’ve already provided. Even if you switch computers, you won’t have to re-register – just use your Registration ID to identify yourself.

California Online Privacy Protection Act Compliance
Because we value your privacy, we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.

California Customer Privacy Act (CCPA)
Ceipal is inherently compliant with the CCPA because we do not sell any information to outside parties.

CAN-SPAM Compliance
We have taken the necessary steps to ensure that we are compliant with the CAN-SPAM Act of 2003.

Enforcement
If for some reason you believe Ceipal has not adhered to these principles, please notify us by email at support-th@ceipal.com, and we will do our best to correct the problem promptly. Be certain the words “Privacy Policy” are in the email subject line.

Acceptable Use Policy
Please also visit our Privacy Policy section establishing the use, disclaimers, and limitations of liability governing the use of our website.

Your Consent
By using our site, you consent to our privacy policy.

Privacy Policy Customer Pledge
We pledge to you, our customer, that we have made a dedicated effort to bring our privacy policy in line with the following important privacy laws and initiatives:

  • Federal Trade Commission Fair
  • Children’s Online Privacy Protection Act
  • Privacy Alliance
  • Controlling the Assault of Non-Solicited Marketing Activities
  • Trust Guard Privacy Requirements

PLEASE NOTE: This online privacy policy applies only to information collected through our website and not to information collected offline.

Zoom Integration Privacy Policy

Zoom Integration Privacy Policy

Ceipal is committed to protecting our customers’ privacy because we believe your business belongs to you. Ceipal complies with worldwide practices for protecting customer privacy and data in order to protect your privacy. This Privacy Policy describes our policies and procedures on the collection, use, and disclosure of your Personal Data when you use the Zoom Integration and tells you about your privacy rights and how the law protects You.

We use your Personal data to provide and improve the Zoom Integration service. By using this service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Data Collection

We collect your information via Call Logs, Cookies, and certain Identifiable Information. The data collected via Call Logs include – Call Date/Time, Source Number, Destination Number, Call Duration (MM : SS), Call Status, and Call Type (Incoming/Outgoing). These call logs are generated on your request but are not stored in Ceipal’s system.

We use Cookies and similar tracking technologies to track the activity on our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze our service. Please read Ceipal’s Privacy Policy for more information on cookies.

The other identifiable information/ data collected are email address, first name, last name, phone number, and usage data. This identifiable data is collected via an access token to initiate a Zoom call.

2. Reasons for Personal Data Collection

To provide and maintain the service, including monitoring the usage of Zoom Service.

To manage your Account:  to manage your registration as a user of the service. The personal data you provide can give you access to different functionalities of the service that are available to you as a registered user.

For the performance of service: the development, compliance, or services you have purchased or of any other contract with us through this Service.

To contact you: To contact you by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as notifications regarding updates or informative communications related to the functionalities, products, or contracted services, including security updates, when necessary or reasonable for their implementation.

To manage your requests: To attend and manage your requests to us.

3. Disclosure of Your Personal Data

We don’t use/ disclose your data for any other purpose such as Advertising or Marketing using profiles based on such data, conducting or assisting with surveillance, or reconstructing the profiles.

We may disclose your personal information, without notice, if required to do so by law or in the belief that such action is necessary to:

  1. Conform to the edicts of the law or comply with legal process served on the site
  2. Protect and defend the rights or property of Ceipal and its family of websites
  3. Act in urgent circumstances to protect the personal safety of users, their websites, or the public

4. Securing Your Data

We take the necessary steps to ensure that your data is protected. We have put physical and technical safeguards in place to keep the data we collect secure. We also take appropriate measures, in compliance with applicable law, to ensure that your Personal Data collected by Zoom remains secure. However, please note that although we take responsible steps to protect your data, no website, internet transmission, computer system, or wireless connection is completely secure.

5. Transfer of  Your Personal Data

Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred between Ceipal’s operating offices located in the US and India and maintained on Ceipal’s computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

6. Your Rights

Your personal information belongs to you. In accordance with the applicable law, you have the right to ask us to provide details about what we have collected, to delete it, or to exercise any other right you may have. However, requesting the deletion of your personal data may also result in a loss of access to the Zoom integration service we provide. We will not delete data that we are required by law to retain.

To enquire more about your rights please contact us.

7. Data Retention

The Ceipal system will retain your Personal Data only as long as necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The system will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Zoom along with Ceipal ATS, or we are legally obligated to retain this data for longer time periods.

8. Deletion of personal data

We ensure that anytime data subjects/ users can disconnect the Zoom integration. All the integration information collected throughout the usage will be deleted from our system.

Our system may give you the ability to delete certain information about you from within the system. You may update, amend, or delete your information at any time by signing in to your Account and visiting the account settings section that allows you to manage your personal data. You may also contact us to request access to, correct, or delete any personal data that you have provided to us.

Please note, however, that we may need to retain certain information when we have a legal obligation or lawful basis to do so.

9. Contact us

Please read the Ceipal Privacy Policy for more information. If you have any questions about this Privacy Policy, you can contact us: By email: compliance@ceipal.com

Website Terms of Use

Effective date: February 3, 2020

Welcome to https://www.ceipal.com/ (the “Site”), owned and operated by Ceipal Corp. (“Ceipal,” “we,” or “us”).  By using this Site, you agree to these terms and conditions of use (the “Terms”); if you do not agree, you may not use the Site.  Ceipal may modify the Site and/or these Terms from time to time without notice to you, except that if Ceipal makes material changes to these Terms, we will post the revised Terms and the revised effective on this Site and/or provide notice by some other means.  By using the Site following any modifications to the Terms, you agree to be bound by the modified Terms.  The Terms do not govern use of any of Ceipal’s services, which are subject to a separate services agreement to be signed between any user of the services and Ceipal. These Terms include the provisions in this document as well as those in the Privacy Policy, and any other relevant policies.  Your use of or participation in certain Services may also be subject to additional policies, rules and/or conditions (“Additional Terms”), which are incorporated herein by reference, and you understand and agree that by using or participating in any such Services, you agree to also comply with these Additional Terms.

Please read these Terms carefully. They cover important information about Services provided to you. These Terms include information about future changes to these Terms, limitations of liability, a class action waiver and resolution of disputes by arbitration instead of in court. PLEASE NOTE THAT YOUR USE OF AND ACCESS TO OUR SERVICES ARE SUBJECT TO THE FOLLOWING TERMS; IF YOU DO NOT AGREE TO ALL OF THE FOLLOWING, YOU MAY NOT USE OR ACCESS THE SERVICES IN ANY MANNER.

ARBITRATION NOTICE AND CLASS ACTION WAIVER: EXCEPT FOR CERTAIN TYPES OF DISPUTES DESCRIBED IN THE ARBITRATION AGREEMENT SECTION BELOW, YOU AGREE THAT DISPUTES BETWEEN YOU AND US WILL BE RESOLVED BY BINDING, INDIVIDUAL ARBITRATION AND YOU WAIVE YOUR RIGHT TO PARTICIPATE IN A CLASS ACTION LAWSUIT OR CLASS-WIDE ARBITRATION.

  1. Use of the Site.  You must be at least 16 years old to use our Site. We do not knowingly collect or solicit personally identifiable information from individuals under 16. If  you are under 16, please do not attempt to use the Site or send any personal information about yourself to us. If we learn we have collected personal information from an individual under 16, we will delete that information as quickly as possible. You will comply with all applicable laws, rules and regulations in connection with your use of the Site.  You will not violate or attempt to violate the security of the Site or Ceipal’s systems or network security, including, without limitation by (i) accessing data not intended for users of the Site or gaining unauthorized access to an account, server or any other computer system; (ii) attempting to probe, scan or test the vulnerability of a system or network or to breach security or authentication measures; (iii) attempting to interfere with the function of the Site, host or network.  You may not “crawl,” “scrape,” or “spider” any portion of the Site (through use of manual or automated means).
  2. Information Not Confidential.  If you choose to contact any Ceipal personnel using the contact information you find on the Site, you understand any information and/or materials you provide to such personnel will not be treated as confidential or proprietary.  Ceipal undertakes no obligation to review information submitted by you, or to return such information to you.
  3. Ceipal Proprietary Rights.  The Site, including all of its contents (including, text, images, audio, and the HTML used to generate the pages) (“Content”), are the property of Ceipal or that of our suppliers or licensors and are protected trademark, copyright, and/or other intellectual property laws.  You may not download, copy, print, display, perform, reproduce, publish, modify, prepare derivative works from, license, transmit, or distribute any Content from this Site in whole or in part, for any public or commercial purpose without prior written consent from Ceipal.  Ceipal grants you a limited, personal, non-exclusive, non-transferable license to access the Site, and to use the Content, solely for personal, internal and non-commercial purposes.  Ceipal (on behalf of itself and its suppliers and licensors) reserves all rights not expressly granted herein. If you provide us (in a direct email or otherwise) with any feedback, suggestions, improvements, enhancements, and/or feature requests relating to the Services (each of the foregoing, “Feedback”), Ceipal will own all such Feedback and you hereby assign to Ceipal all your rights to such feedback.

    Without limiting the foregoing, as between you and Ceipal, Ceipal is the owner and/or authorized user of any trademark, registered trademark, logo, and/or service mark appearing on the Site (the “Marks”).  Nothing on the Site should be construed to grant any license or right to use any Ceipal Mark. You may not use or exploit any Marks without prior written consent from Ceipal.
  4. Links from and to the Site.  The Site may contain links to third party websites (“Third Party Sites”).  Third Party Sites are not reviewed, controlled or examined by Ceipal in any way and Ceipal is not responsible for any content contained therein.  These links do not imply Ceipal’s endorsement of or association with any Third-Party Site.  Ceipal is not liable, directly or indirectly, to anyone for any loss or damage arising from or in connection with use of the Third-Party Sites.
  5. Disclaimer of Warranties.  THE SITE, INCLUDING, WITHOUT LIMITATION, ALL CONTENT AND FUNCTIONALITY THEREOF, IS PROVIDED “AS IS,” WITHOUT WARRANTY OF ANY KIND, INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OF AVAILABILITY, ACCURACY, COMPLETENESS, USEFULNESS, TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, AND CEIPAL (ON BEHALF OF ITSELF AND ITS SUPPLIERS AND LICENSORS) HEREBY DISCLAIMS ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED.  NO ADVICE, RESULTS, INFORMATION OR MATERIALS, WHETHER ORAL OR WRITTEN, OBTAINED BY YOU THROUGH THE SITE WILL CREATE ANY WARRANTY NOT EXPRESSLY MADE HEREIN.
  6. Limitation of Liability.  TO THE GREATEST EXTENT PERMITTED UNDER APPLICABLE LAW, IN NO EVENT WILL CEIPAL, ITS AFFILIATES (INCLUDING AFFILIATED FUNDS) OR ANY OF ITS OR THEIR RESPECTIVE DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, SUPPLIERS OR LICENSORS (THE “CEIPAL PARTIES”), BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, EXEMPLARY OR PUNITIVE DAMAGES ARISING FROM OR IN CONNECTION WITH THE USE OF, OR THE INABILITY TO USE, THE SITE OR THE CONTENT, EVEN IF ANY CEIPAL PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.  SOME JURISDICTIONS DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY SO SOME OF THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU.  IN NO EVENT WILL THE TOTAL LIABILITY OF ANY CEIPAL PARTY TO YOU FOR ALL DAMAGES, LOSSES, AND CAUSES OF ACTION (WHETHER IN CONTRACT OR TORT, INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE OR OTHERWISE) ARISING FROM OR RELATED TO THE TERMS, THE CONTENT, AND/OR YOUR USE OF THE SITE, EXCEED, IN THE AGGREGATE, $100.00.
  7. Choice of Law and Arbitration. 
    1. Choice of Law. These Terms are governed by and will be construed under the Federal Arbitration Act, applicable federal law, and the laws of the State of New York, without regard to the conflicts of laws provisions thereof.
    2. Arbitration Agreement. Please read the following ARBITRATION AGREEMENT carefully because it requires you to arbitrate certain disputes and claims with Ceipal and limits the manner in which you can seek relief from Ceipal. Both you and Ceipal acknowledge and agree that for the purposes of any dispute arising out of or relating to the subject matter of these Terms, Ceipal’s officers, directors, employees and independent contractors (“Personnel”) are third-party beneficiaries of these Terms, and that upon your acceptance of these Terms, Personnel will have the right (and will be deemed to have accepted the right) to enforce these Terms against you as the third-party beneficiary hereof.

      (a) Arbitration Rules; Applicability of Arbitration Agreement. The parties shall use their best efforts to settle any dispute, claim, question, or disagreement arising out of or relating to the subject matter of these Terms directly through good-faith negotiations, which shall be a precondition to either party initiating arbitration. If such negotiations do not resolve the dispute, it shall be finally settled by binding arbitration in Monroe County, New York. The arbitration will proceed in the English language, in accordance with the JAMS Streamlined Arbitration Rules and Procedures (the “Rules”) then in effect, by one commercial arbitrator with substantial experience in resolving intellectual property and commercial contract disputes. The arbitrator shall be selected from the appropriate list of JAMS arbitrators in accordance with such Rules. Judgment upon the award rendered by such arbitrator may be entered in any court of competent jurisdiction.

      (b) Costs of Arbitration. The Rules will govern payment of all arbitration fees. Ceipal will pay all arbitration fees for claims less than seventy-five thousand ($75,000) dollars. Ceipal will not seek its attorneys’ fees and costs in arbitration unless the arbitrator determines that your claim is frivolous.

      (c) Small Claims Court; Infringement. Either you or Ceipal may assert claims, if they qualify, in small claims court in Monroe County, New York or any United States county where you live or work. Furthermore, notwithstanding the foregoing obligation to arbitrate disputes, each party shall have the right to pursue injunctive or other equitable relief at any time, from any court of competent jurisdiction, to prevent the actual or threatened infringement, misappropriation or violation of a party’s copyrights, trademarks, trade secrets, patents or other intellectual property rights.

      (d) Waiver of Jury Trial. YOU AND Ceipal WAIVE ANY CONSTITUTIONAL AND STATUTORY RIGHTS TO GO TO COURT AND HAVE A TRIAL IN FRONT OF A JUDGE OR JURY. You and Ceipal are instead choosing to have claims and disputes resolved by arbitration. Arbitration procedures are typically more limited, more efficient, and less costly than rules applicable in court and are subject to very limited review by a court. In any litigation between you and Ceipal over whether to vacate or enforce an arbitration award, YOU AND CEIPAL WAIVE ALL RIGHTS TO A JURY TRIAL, and elect instead to have the dispute be resolved by a judge.

      (e) Waiver of Class or Consolidated Actions. EXCEPT TO THE EXTENT ARISING OUT OF THE CALIFORNIA CONSUMER PRIVACY ACT, ALL CLAIMS AND DISPUTES WITHIN THE SCOPE OF THIS ARBITRATION AGREEMENT MUST BE ARBITRATED OR LITIGATED ON AN INDIVIDUAL BASIS AND NOT ON A CLASS BASIS. CLAIMS OF MORE THAN ONE CUSTOMER OR USER CANNOT BE ARBITRATED OR LITIGATED JOINTLY OR CONSOLIDATED WITH THOSE OF ANY OTHER CUSTOMER OR USER. If however, this waiver of class or consolidated actions is deemed invalid or unenforceable, neither you nor Ceipal is entitled to arbitration; instead all claims and disputes will be resolved in a court as set forth in (g) below.

      (f) Opt-out. You have the right to opt out of the provisions of this Section by sending written notice of your decision to opt out to the following address: 687 Lee Road, Suite 208A, Rochester, NY 14606 postmarked within thirty (30) days of first accepting these Terms. You must include (i) your name and residence address, (ii) the email address and/or telephone number associated with your account, and (iii) a clear statement that you want to opt out of these Terms’ arbitration agreement.

      (g) Exclusive Venue. If you send the opt-out notice in (f), and/or in any circumstances where the foregoing arbitration agreement permits either you or Ceipal to litigate any dispute arising out of or relating to the subject matter of these Terms in court, then the foregoing arbitration agreement will not apply to either party, and both you and Ceipal agree that any judicial proceeding (other than small claims actions) will be brought in the state or federal courts located in, respectively, Monroe County, New York, or the federal district in which that county falls.

      (h) Severability. If the prohibition against class actions and other claims brought on behalf of third parties contained above is found to be unenforceable, then all of the preceding language in this Arbitration Agreement section will be null and void. This arbitration agreement will survive the termination of your relationship with Ceipal.
  8. General Information.  The failure of Ceipal to exercise or enforce any right or provision of these Terms does not constitute a waiver of such right or provision.  If any provision of these Terms is found by a court of competent jurisdiction to be invalid, that provision will be limited or eliminated, to the minimum extent necessary, so that these Terms shall otherwise remain in full force and effect and enforceable.  You may not assign these Terms or transfer any of your rights or obligations hereunder without Ceipal’s express written consent.  These Terms inure to the benefit of Ceipal’s successors, assigns and licensees.  These Terms are the entire agreement between you and Ceipal with respect to the subject matter herein.
  9. Contact Us.  If you have any questions, comments, or concerns regarding these terms or the Services, please contact us at:

    Email: compliance@ceipal.com
    Phone: +1-585-296-4563
    Address: 687 Lee Road, Suite 109, Rochester, NY 14606

Anti-Spam Guidance

A Compliance Guide for Business

Do you use email in your business? The CAN-SPAM Act, a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations.

Despite its name, the CAN-SPAM Act doesn’t apply just to bulk email. It covers all commercial messages, which the law defines as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service,” including email that promotes content on commercial websites. The law makes no exception for business-to-business email. That means all email – for example, a message to former customers announcing a new product line – must comply with the law.

Each separate email in violation of the CAN-SPAM Act is subject to penalties of up to $41,484, so non-compliance can be costly. But following the law isn’t complicated. Here’s a rundown of CAN-SPAM’s main requirements:

  • Don’t use false or misleading header information: Your “From,” “To,” “Reply-To,” and routing information – including the originating domain name and email address – must be accurate and identify the person or business who initiated the message.
  • Don’t use deceptive subject lines: The subject line must accurately reflect the content of the message.
  • Identify the message as an ad: The law gives you a lot of leeway in how to do this, but you must disclose clearly and conspicuously that your message is an advertisement.
  • Tell recipients where you’re located: Your message must include your valid physical postal address. This can be your current street address, a post office box you’ve registered with the U.S. Postal Service, or a private mailbox you’ve registered with a commercial mail receiving agency established under Postal Service regulations.
  • Tell recipients how to opt out of receiving future email from you: Your message must include a clear explanation of how the recipient can opt out of getting email from you in the future. Craft the notice in a way that’s easy for an ordinary person to recognize, read, and understand. Creative use of type size, color, and location can improve clarity. Give a return email address or another easy Internet-based way to allow people to communicate their choice to you. You may create a menu to allow a recipient to opt out of certain types of messages, but you must include the option to stop all commercial messages from you. Make sure your spam filter doesn’t block these opt-out requests.
  • Honor opt-out requests promptly: Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your message. You must honor a recipient’s opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request. Once people have told you they don’t want to receive more messages from you, you can’t sell or transfer their email addresses, even in the form of a mailing list. The only exception is that you may transfer the addresses to a company you’ve hired to help you comply with the CAN-SPAM Act.
  • Monitor what others are doing on your behalf: The law makes clear that even if you hire another company to handle your email marketing, you can’t contract away your legal responsibility to comply with the law. Both the company whose product is promoted in the message and the company that actually sends the message may be held legally responsible.

Q. How do I know if the CAN-SPAM Act covers email my business is sending?

A. What matters is the “primary purpose” of the message. To determine the primary purpose, remember that an email can contain three different types of information:

  • Commercial content – which advertises or promotes a commercial product or service, including content on a website operated for a commercial purpose
  • Transactional or relationship content – which facilitates an already agreed-upon transaction or updates a customer about an ongoing transaction
  • Other content – which is neither commercial nor transactional or relationship

If the message contains only commercial content, its primary purpose is commercial and it must comply with the requirements of CAN-SPAM. If it contains only transactional or relationship content, its primary purpose is transactional or relationship. In that case, it may not contain false or misleading routing information, but is otherwise exempt from most provisions of the CAN-SPAM Act.

Q. How do I know if what I’m sending is a transactional or relationship message?

A. The primary purpose of an email is transactional or relationship if it consists only of content that:

  • Facilitates or confirms a commercial transaction that the recipient already has agreed to
  • Gives warranty, recall, safety, or security information about a product or service
  • Gives information about a change in terms or features or account balance information regarding a membership, subscription, account, loan or other ongoing commercial relationship
  • Provides information about an employment relationship or employee benefits
  • Delivers goods or services as part of a transaction that the recipient already has agreed to

Q. What if the message combines commercial content and transactional or relationship content?

A. It’s common for email sent by businesses to mix commercial content and transactional or relationship content. When an email contains both kinds of content, the primary purpose of the message is the deciding factor. Here’s how to make that determination: If a recipient reasonably interpreting the subject line would likely conclude that the message contains an advertisement or promotion for a commercial product or service or if the message’s transactional or relationship content does not appear mainly at the beginning of the message, the primary purpose of the message is commercial. So, when a message contains both kinds of content – commercial and transactional or relationship – if the subject line would lead the recipient to think it’s a commercial message, it’s a commercial message for CAN-SPAM purposes. Similarly, if the bulk of the transactional or relationship part of the message doesn’t appear at the beginning, it’s a commercial message under the CAN-SPAM Act.

Q. What if the message combines elements of both a commercial message and a message with content defined as “other”?

A. In that case, the primary purpose of the message is commercial and the provisions of the CAN-SPAM Act apply if:

  • A recipient reasonably interpreting the subject line would likely conclude that the message advertises or promotes a commercial product or service; and
  • A recipient reasonably interpreting the body of the message would likely conclude that the primary purpose of the message is to advertise or promote a product or service.

Factors relevant to that interpretation include the location of the commercial content (for example, is it at the beginning of the message) how much of the message is dedicated to commercial content; and how color, graphics, type size, style, etc., are used to highlight the commercial content.

Q. What if the email includes information from more than one company? Who is the “sender” responsible for CAN-SPAM compliance?

A. If an email advertises or promotes the goods, services, or websites of more than one marketer, there’s a straightforward method for determining who’s responsible for the duties the CAN-SPAM Act imposes on “senders” of commercial email. Marketers whose goods, services, or websites are advertised or promoted in a message can designate one of the marketers as the “sender” for purposes of CAN-SPAM compliance as long as the designated sender:
Meets the CAN-SPAM Act’s definition of “sender,” meaning that they initiate a commercial message advertising or promoting their own goods, services, or website; is specifically identified in the “from” line of the message; and complies with the “initiator” provisions of the Act – for example, making sure the email does not contain deceptive transmission information or a deceptive subject heading, and ensuring that the email includes a valid postal address, a working opt-out link, and proper identification of the message’s commercial or sexually explicit nature.
If the designated sender doesn’t comply with the responsibilities the law gives to initiators, all marketers in the message may be held liable as senders.

Q. My company sends email with a link so that recipients can forward the message to others. Who is responsible for CAN-SPAM compliance for these “Forward to a Friend” messages?

A. Whether a seller or forwarder is a “sender” or “initiator” depends on the facts. So, deciding if the CAN-SPAM Act applies to a commercial “forward-to-a-friend” message often depends on whether the seller has offered to pay the forwarder or give the forwarder some other benefit. For example, if the seller offers money, coupons, discounts, awards, additional entries in a sweepstakes, or the like in exchange for forwarding a message, the seller may be responsible for compliance. Or if a seller pays or gives a benefit to someone in exchange for generating traffic to a website or for any form of referral, the seller is likely to have compliance obligations under the CAN-SPAM Act.

Q. What are the penalties for violating the CAN-SPAM Act?

A. Each separate email in violation of the law is subject to penalties of up to $41,484, and more than one person may be held responsible for violations. For example, both the company whose product is promoted in the message and the company that originated the message may be legally responsible. Email that makes misleading claims about products or services also may be subject to laws outlawing deceptive advertising, like Section 5 of the FTC Act. The CAN-SPAM Act has certain aggravated violations that may give rise to additional fines. The law provides for criminal penalties – including imprisonment – for:

  • Accessing someone else’s computer to send spam without permission.
  • Using false information to register for multiple email accounts or domain names.
  • Relaying or retransmitting multiple spam messages through a computer to mislead others about the origin of the message.
  • Harvesting email addresses or generating them through a dictionary attack (the practice of sending email to addresses made up of random letters and numbers in the hope of reaching valid ones), and taking advantage of open relays or open proxies without permission.

Q. Are there separate rules that apply to sexually explicit email?

A. Yes, and the FTC has issued a rule under the CAN-SPAM Act that governs these messages. Messages with sexually oriented material must include the warning “SEXUALLY-EXPLICIT:” at the beginning of the subject line. In addition, the rule requires the electronic equivalent of a “brown paper wrapper” in the body of the message. When a recipient opens the message, the only things that may be viewable on the recipient’s screen are:

  • the words “SEXUALLY-EXPLICIT”; and
  • the same information required in any other commercial email: a disclosure that the message is an ad, the sender’s physical postal address, and the procedure for how recipients can opt out of receiving messages from this sender in the future.

No graphics are allowed on the “brown paper wrapper.” This provision makes sure that recipients cannot view sexually explicit content without an affirmative act on their part – for example, scrolling down or clicking on a link. However, this requirement does not apply if the person receiving the message has already given affirmative consent to receive the sender’s sexually oriented messages.

Email validation

We take our anti-spam policy seriously. Prior to distribution, all email addresses are subject to verification. Our email validation software identifies and removes:

  • Invalid emails from your list to prevent email bounces from ruining your deliverability
  • Spam traps and known email complainers
  • Duplicate email addresses.
  • Inactive email addresses.

Your use of Ceipal’s website and services is subject to this policy. Please note that, in accordance with the Ceipal Acceptable Use Policy, we may change this policy at any time. It is your responsibility to keep up-to-date with and comply with this policy.

Unsubscribe Link

Email messages sent from Ceipal must contain an “unsubscribe” link that allows subscribers to remove themselves from your email messages. You acknowledge and agree that you will not hide, disable, or remove or attempt to hide, disable, or remove the opt-out link from the email invitation. You will actively manage and process unsubscribe requests received by you, and update your email lists and address books to reflect the unsubscribe requests.

Email Bounce Statistics & Client Restrictions

Ceipal uses industry-standard metrics to report on how your emails are performing. You can get insights into the number of emails that are valid, how many have been delivered, and how many have been opened. Opens are a great indicator that your emails are engaging your recipients. This shows that the email is interesting enough to a recipient for them to view. CEIPAL strives hard to maintain a 97% delivery rate in most of their email distribution campaigns. However, the results might vary based on the quality of the email address list, type of content, and ISP spam traps of the receivers.

Automatic Global Unsubscribe

A global unsubscribe occurs when a subscriber chooses to unsubscribe from every email sent from Ceipal. Ceipal manages this list, so a subscriber’s status changes to Unsubscribed on the global list when they globally unsubscribe. None of our clients can email that subscriber, regardless from what message they clicked the unsubscribe link.

Data Backup Policy

By accessing or using Ceipal, you acknowledge and agree to be bound by this Data Backup Policy. You are responsible for all actions that are performed on or through your Ceipal account, including any procurement or use of third party products or services (and associated disclosure of data) in connection with the cloud product. If you have been added or invited to a cloud product, the party that administers such cloud product (and not you) controls your use of that cloud product, including but not limited to adding or removing You from that cloud product, enabling or disabling third-party integrations, and managing permissions. Any content that You submit or upload to the cloud product may be retained, accessed, used, modified, shared, or removed by the party that administers such cloud product and their appointees. You acknowledge that your CEIPAL account is subject to the limited rights granted by You hereunder, and We acquire no right, title, or interest from You or Your licensors under this Agreement in or to Your Data. This includes any intellectual property rights therein.

Ceipal conducts regular data backups as part of its service offering to clients to protect from data loss or data migration. Ceipal also performs data enrichment for clients for faster searches, quality search results, and to provide data integrity using its advanced parser algorithms to all active clients. We do not control, retain, or have a title to store data from third-party websites. The functionality is at the sole and express choice of the customer, which are further detailed in our Privacy Policy.