Privacy

Privacy Policy

Last updated: May, 24th, 2018, we’ve updated our Privacy Policy and our Terms of Use in order to comply with the new General Data Protection Regulation (GDPR). These documents have been rewritten in order to make it more easy to understand and to comply with the new GDPR directives.

 

Welcome

 

GeoTrack is owned and operated by FXINTER LLC, 1732 1st Ave #27298, New York, NY 10128, USA. As you use and access Geotrack website and services, FXINTER LLC will learn certain information about you.

This Privacy/Data Protection Policy (“Privacy Policy”) is designed to help you understand how FXINTER LLC (“FXINTER”, “GeoTrack”, “we”, “our” or “us”) collects and uses the information, including personal data, that you share when you use https://geotrack.email and its associated domains (together, the “Site”), as well as the information, software or services available through the Site (collectively, “Services”). Except where otherwise expressly indicated in this Privacy Policy or on the Site, this Privacy Policy applies only to information collected on the Site and through the Services and does not apply to information that we receive offline. It also describes the choices available to you regarding our use of your Personal Data and how you can access and update this information.

 

1. EU-U.S. Privacy Shield Framework

Privacy Shield Framework

 

GeoTrack complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the European Union/EEA to the United States.

Before submitting information to the Site or Services, please review this Privacy Policy carefully. By using or accessing the Site or Services, and/or communicating with a GeoTrack agent via mail, email or telephone you are accepting the practices described in this Privacy Policy. You are responsible for submitting accurate information to the Site. If you prefer that we not collect your Personal Data, please do not provide it to us. When you submit your personal and other information on the Site, you hereby consent to the collection, use and disclosure of such information as set forth in the Privacy Policy.

 

Users Outside Of The United States and European users

GeoTrack shall process personal data in accordance with European Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”) and applicable data protection laws.

The Site is hosted in the United States and is governed by United States law. If you are outside the United States when you visit the Site or engage in communications with a GeoTrack agent via mail, e-mail or telephone, please be aware that your information may be transferred to, stored and processed in the United States where our servers are located and our central database is operated. By using the Site and/or communicating with a GeoTrack agent via mail, email or telephone, you consent to your information being transferred to our facilities in the United States and to the facilities of those third parties with whom we share it as described in this Privacy Policy.

 

2. Processing of personal data of Users by GeoTrack (as Controller)

2.1. This Section explains the processing of personal data of Users by GeoTrack as a controller, that is, when GeoTrack decides about the purposes and means for the processing of the data. This only happens regarding the data of the User used by GeoTrack to render the Service (having an account, invoicing…). This does not include the communications sent by the User through the Service and related-data, which shall only be processed in accordance with Section 3 below.

GeoTrack shall process as controller your personal data to provide you with the Service and to manage and improve the Service, including sending of communications regarding the Service or with information about the Service or GeoTrack.

2.2. Personal data of Users processed by GeoTrack for the above purposes may include contact information, such as name or email address, language preferences, current location for the proper price/currency displaying, payment data, and other personal data provided by the User in the context of the provision of the Service.

2.3. The legal basis for the processing of personal data of Users is the contractual relationship between the Users and GeoTrack for the Service and also the legitimate interest of GeoTrack of informing registered Users about the Service and the company, unless they opt out to receive this information .

2.4. Personal data of the Users will be processed by GeoTrack throughout the term of the contractual relationship for the Service and subsequently for the period during which applicable regulations require such personal data be he held thereafter.

2.5. GeoTrack may share the personal data with third parties, some of which may be located outside of the European Economic Area, only for the provision of the Service and at all times subject to the guarantees and requirements provided by applicable data protection laws.

2.6. The User may at all times exercise his rights to access, rectification, erasure and restriction of processing and data portability as provided in the GPDR and applicable regulations by contacting FXINTER LLC at 1732 1st Avenue #27298, New York, NY 10128, USA.

If at any time the User wishes to stop receiving communications regarding GeoTrack or with commercial information about the Service, the User may request so by sending an email to support@geotrack.email

 

3. Processing of personal data on behalf of Users by GeoTrack (as Data Processor)

3.1. This Section explains the processing of personal data by GeoTrack on behalf of Users, as a data processor, that is, when the purposes and means for the processing of the data are decided by the User and GeoTrack only access the data for the rendering of the Service and on behalf of the User.

The Service may imply the access and processing by GeoTrack of personal data controlled by the User and generated within the Service in relation to each electronic mail sent by the User through the Service (“Accessed Data”). In such cases, GeoTrack shall be deemed as the data processor and shall process such personal data only on behalf of the User and not for its own purposes.

The Accessed Data shall comprise:

  • Information required to identify the electronic mails sent through the Service:
    • information of the recipients;
    • subject of the email; and
    • date and time in which the email was sent; and
  • Information provided by the Service:
    • receipt confirmation;
    • open confirmation;
    • timestamp of each email opening;
    • history of the times (number, date and time, geolocation) the recipient has opened the received email;
    • browser and operating system used by the recipient who opened the email;
    • number of links included in the email;
    • text and URL of such links;
    • number of clicks made on each of them by the recipient;
    • timestamp of each click on the link; and
    • browser and operating system used by the person who has clicked on the link;
    • geolocation

Accessed Data is the only information to which GeoTrack shall access to provide the Service. Authorizations for Gmail and the connection to your Google account as detailed in the Service Terms and Conditions are needed technically for the rendering of the Service by GeoTrack and to provide the email tracking service, but do not imply the access by GeoTrack to any data or information of the User other than the Accessed Data. For your better understanding, this is the detail of the use of the above permissions by GeoTrack:

  • Basic permissions: view your email metadata such as labels and headers, but not the email body. The Service needs this permission to identify your emails and correctly assign the open status.
  • Insert email into your inbox: this permission is necessary to add email alerts in your Gmail inbox when your emails are opened.
  • View and manage your basic email settings: The Service needs to know your settings (e.gl alias, design style) to work properly.
  • Manage mailbox labels: the read notifications in mobile devices are added as labels. The Service needs this permission to add labels to your emails and update them when your emails are opened.
  • Read, send, delete and manage your email: The Service needs to delete the tracking pixel from your sent emails, so when you open your own emails you do not produce a self-open. The Service does not use the “ read” nor the “send” permissions, but unfortunately those permissions can not be removed separately. No one at GeoTrack will read your emails, GeoTrack will never send emails on your behalf and will never share the content of your emails.
  • Read and change your data in a number of websites and servers (All usergooglecontent.com sites, All geotrack.email sites, Amazon AWS servers, inbox.google.com, mail.google.com, geotrack.email). The Service modifies Gmail and Google Inbox websites in order to display the read labels as well as the GeoTrack website.

As detailed in the above permissions, some of them are never used by GeoTrack, but the permission system from Google does not have enough granularity to select only the ones that GeoTrack really needs.

GeoTrack guarantees that:

  • Only automated software uses the above permissions
  • No one at GeoTrack reads your emails
  • GeoTrack will never send emails on your behalf
  • GeoTrack will never share the content of your emails with third parties
  • GeoTrack will never share your browsing data with third parties
  • GeoTrack doesn’t store the body of your emails.

 

The processing of the above personal data is only carried out for the provision of the Service within the terms and duration stated in the Service Terms and Conditions .

3.2. Accordingly, GeoTrack shall:

(i) not process the Accessed Data for a purpose other than the provision of the Service requested by the User and shall not transfer such data, not even for their storage, to unauthorized parties;

(ii) process the Accessed Data only on documented instructions from the User; and if GeoTrack is aware that or of the opinion that any instruction given by the User breaches the data protection regulations, GeoTrack shall immediately inform the User;

(iii) notify the User promptly if it becomes aware of any data breach and shall provide full details of the relevant breach;

(iv) ensure that persons authorized to process the Accessed Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;

(v) taking into account the nature of the processing, assist the User by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Users’ obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR;

(vi) take all measures required pursuant to Article 32 of the GDPR (Security of Processing);

(vii) assist the User in complying with its obligations pursuant to Articles 32 to 36 of GDPR taking into account the nature of processing and the information available to GeoTrack, including but not limited to, assisting the User with:

(viii) at the choice of the User, delete or return all the Accessed Data to the User after the end of the provision of Service, unless the storing of the data is required by applicable law; and

(ix) make available to the User all information necessary to demonstrate compliance with the obligations laid down in Article 28 of GDPR and allow for and contribute to audits, including inspections, conducted by the User or another auditor mandated by the User.

3.3 GeoTrack shall not subcontract third parties for the processing operations which may imply access to the Accessed Data without the authorization of the User.

In this respect, the following sub-processors are deemed as authorized by the User:

  • Amazon Web Services, Inc. as provider of the hosting of the Service, through servers located in United States.
  • Google services: Google Apps, Google Analytics, Webmaster Tools and Google Forms
  • LogEntries for server logs storage

3.4. GeoTrack shall guarantee the confidentiality of the Accessed Data, even after the termination of the Service.

3.5. The User is the data controller of the processing of the Accessed Data within the meaning in GDPR. The User is the only one deciding the purposes and means for the processing of Accessed Data, so GeoTrack does not use Accessed Data for its own purposes and only uses them for the rendering of the Service and on behalf of the User. To such extent, the User shall have to comply with applicable obligations under data protection regulations, including relying on an appropriate legal basis for the processing of personal data of the recipients of the emails sent through the Service. The User, and not GeoTrack, shall be solely responsible for the compliance with such obligations.

3.6. The User acknowledges and agrees that the use of the Service and the processing of the Accessed Data as a result of the same is its own free and exclusive decision and has verified that the conditions of the Service and the processing of the Accessed Data are in line with its interests.

 

4. Security

GeoTrack shall process all personal data in the strictest confidentiality and implement the appropriate technical and organisational measures as required by applicable regulations.

We use industry-standard encryption to protect your data in transit. This is commonly referred to as transport layer security (“TLS”) or secure socket layer (“SSL”) technology.

 

5. Exclusion of the GeoTrack service

5.1. The recipient of an email sent by the User of the Service may be excluded of the monitoring conducted by the User if the recipient selects the checkbox “Opt-out” available on the “ User Privacy" section.

5.2. Due to technical limitations, the only way to exclude the recipient of the Service from the Service implies the installing of a cookie from the website geotrack.email. Therefore, in case the recipient proceeds to delete cookies from his browser, the recipient will be included once again in the Service.

5.3. The aforementioned cookie will only work on the browser used by the recipient to select the exclusion. Therefore, in the event of using a different browser, the recipient will have to carry out the exclusion process on such browser.

 

6. Frequently asked questions about privacy

6.1. How can I remove GeoTrack access to my Google account and emails?

You can stop GeoTrack access to your Google account here: Google Account Permissions. In such a case, you will not enjoy the Service any more.

6.2. Does GeoTrack sell or rent my personal data or the content of my emails?

No, GeoTrack does not sell or rent your personal data.

6.3. Do you need a data privacy agreement?

This Privacy Policy constitutes a binding data processing agreement (DPA) in case you need it.

6.4. Where is my information stored?

Information submitted to GeoTrack will be transferred to, processed, and stored in Amazon.com services facilities in Unites States.

6.5. How can I delete my personal data from the Service?

You can remove your Personal Data from the Service at any time by logging into your account, accessing the Account page, and then deleting your account.

6.6. How safe is my credit card information?

Your credit card information is safe. GeoTrack does not have access to your credit card information at any point during the transaction, so we do not store your credit card information. We process every payment via Stripe or Paypal, certified Level 1 third party payment processing services.

6.7 Does GeoTrack store the body of my emails?

No, GeoTrack doesn’t store the body of your emails.

6.8 Why does GeoTrack need permissions to access your Gmail / Google Account and how those permissions are used?

This is the detail of the use of the permissions by GeoTrack:

  • Basic permissions: view your email metadata such as labels and headers, but not the email body. The Service needs this permission to identify your emails and correctly assign the open status (read labels).
  • Insert email into your inbox: this permission is necessary to add email alerts in your Gmail inbox when your emails are opened.
  • View and manage your basic email settings: The Service needs to know your settings (e.gl alias, design style) to work properly.
  • Manage mailbox labels: the read labels in mobile devices are added as labels. The Service needs this permission to add labels to your emails and update them when your emails are opened.
  • Read, send, delete and manage your email: The Service needs to delete the tracking pixel from your sent emails, so when you open your own emails you do not produce a self-open. The Service does not use the “ read” nor the “send” permissions, but unfortunately those permissions can not be removed separately. No one at GeoTrack will read your emails, GeoTrack will never send emails on your behalf and will never share the content of your emails.
  • Read and change your data in a number of websites and servers (All usergooglecontent.com sites, All geotrack.email sites, Amazon AWS servers, inbox.google.com, mail.google.com, geotrack.email). The Service modifies Gmail and Google Inbox websites in order to display the read labels as well as the GeoTrack website.

As detailed in the above permissions, some of them are never used by GeoTrack, but the permission system from Google does not have enough granularity to select only the ones that GeoTrack really needs.

6.9 Privacy code of conduct

GeoTrack guarantees that:

  • Only automated software uses the above permissions
  • No one at GeoTrack reads your emails
  • GeoTrack will never send emails on your behalf
  • GeoTrack will never share the content of your emails with third parties
  • GeoTrack will never share your browsing data with third parties

 

For a complete review of your privacy, please see also our Cookie policy and our Terms of use