Privacy Policy
The ARPOONE Platform, available on the website https://app.arpoone.com (“Platform”), allows our clients (typically entities seeking to promote their products and services) to create, manage and send, via multiple channels, marketing communications to pre-selected recipients inserted into the Platform by the Clients themselves.
In order to provide the service offered through the Platform and with the aim of improving and personalizing your user experience, we collect information from the users of the Platform (“Users”). This document aims to clarify what information we collect and inform the holders of personal data of their rights.
We always ensure strict compliance with personal data protection legislation, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”), and national legislation ensuring the enforcement of the GDPR.
1. Person Responsible for Treatment
SEND IT – SOFTWARE E SERVIÇOS PARA TELECOMUNICAÇÕES, S.A., with registered office at Rua Fradesso da Silveira 3 1B, Lisbon, Portugal, registered with the Lisbon Registrar of Companies under NIPC 506844188 (“Sendit”) is the entity responsible for processing the personal data of the Platform Users. If you have any questions about this Privacy Policy, or about how your data is handled, please contact us at compliance@sendit.pt
2. Information Gathered
We only collect the data that we consider essential to browse our website, to provide you with our service through the Platform and to let you know about our news or other opportunities that we think are suitable for you. For the purposes and grounds of processing your data, please refer to the section (“Purposes of Processing”).
This data could be, more specifically:
Identification data: name, tax identification number (TIN), title; Contact information: address, e-mail address, phone number;
Billing data: billing address, payment methods and amounts;
Navigational data: Information concerning the way you use our website and our Platform;
Commercial data: plans you have subscribed to, traffic packages you have purchased, registrations on the website and on the Platform, communications with us.
The personal data that we collect may be processed by computer in an automated or non-automated way and are stored in specific databases, created for this purpose, being certain that, under no circumstances, will they be used for a purpose other than that for which they were collected.
2.1 Information provided directly by the User
We collect information that you provide directly to us when you use our Platform. This takes place when you create an account on the Platform and are asked for your email and mobile phone number. You are also asked to provide a password, account name, company name and sector of activity. Some additional information will be requested when subscribing to a price plan (or subscription plan) or when purchasing traffic packages, such as full name, address, country, city, zip code and VAT number.
2.2. Other Automatically Collected Information
Sendit automatically collects information whenever the User visits the website and uses the Platform. To this end, Sendit obtains information from the User’s device by assigning it a “cookie”.
What are cookies?
Cookies are small text files sent to your computer or mobile device when you visit certain websites, containing information relating to your browsing. Cookies help websites identify and retrieve information about browsing habits and customize the browsing experience according to User preferences. The cookies Sendit uses do not store sensitive personal information, such as address, password or bank details. Sendit uses cookies and other similar technologies to assess the effectiveness of the content of the Platform and its use and to identify, in particular, which services the User uses on the Platform. This data allows us to improve the use of the Platform, optimize Users’ navigation and develop programs and content according to Users’ interests.
Sendit uses two types of cookies:
Necessary/technical cookies: This type of cookie is used to track the User’s journey during their visit to the Platform. These cookies are necessary for the proper technical operation of the Platform and its functions but are not used to identify the User personally. Typically, the necessary cookies are temporary and are automatically deleted when the User leaves the Platform.
Personalization/preferences Cookies: This type of cookie is used to identify Users whenever they use the Platform and enables the Platform to remember their preferences so that it is not necessary to re-configure the Platform each time it is accessed. These cookies are not essential to the proper operation of the Platform but may optimize its use.
The User’s computer browser or other installed software may restrict the use of cookies. If the User chooses not to allow the use of necessary/technical cookies, they may not be able to use the Platform.
In addition to cookies, Sendit uses some “pixel tags” (markers) that allow us to track Users’ steps on the Platform. These tags are used to collect data, not identifiable as personal, that help Sendit to determine popular destinations, among others.
Additionally, Sendit obtains technical information from the User’s device whenever the User visits the Platform. This information is obtained through the User’s browser, such as: IP address, operating system used, Internet search software (e.g., Internet Explorer, Google Chrome, Mozilla Firefox, Safari) and screen resolution.
What does not authorizing the use of cookies entail?
If you prefer not to allow cookies, you can disable cookies in the internet browser you use, but you should be aware that not allowing certain types of cookies may prevent some web pages from being displayed correctly and/or make it impossible to provide the service in its entirety.
3. Purposes of Treatment
In the table below, you can see the purposes for which we collect and process your personal data, as well as its legal basis:
| Purpose | Data Type | Legal basis |
|---|---|---|
| Service Delivery and Billing | Identification, contact and billing data | Contract Execution Legitimate interests of the controller (for example, for debt recovery) |
| Confirmation of the User’s identity by sending a code via SMS or email address validatio | Identification data, contact data | Contract Execution Legitimate interest of the controller |
| Management of the commercial relationship (contacts, responses to requests for support, information, prices, among others, notification of modifications to our Terms and Conditions) | Identification data, contact data and business data | Contract Execution Compliance with legal obligations Legitimate interests of the controller (for example, to understand how we can provide better services) |
| Ensure the operation and optimization of the Platform and adapt it to the User’s needs and interests | Identification data, contact data and navigation data | Legitimate interests of the controller (for example, to keep the Platform fully functional and secure) Compliance with legal obligations |
| Sending newsletters and other marketing communications | Identification and contact data, navigation data and commercial data | Legitimate interests of the controller; Contract Execution |
| Analyzing data to improve the Platform, our services and our business relationships | Navigation data and business data | Legitimate interest of the controller |
4. With which entities Sendit shares its data
Except under limited circumstances identified both in this Privacy Policy and within the scope of the Platform Terms and Conditions, Sendit does not share personal data with third parties. In this sense, Sendit only shares data in cases where, for technical reasons of platform operation and always ensuring appropriate security measures, it must transfer it to the respective suppliers/subcontractors.
In this case, Sendit guarantees that only the information strictly necessary to provide the services contracted under the use of the Platform will be shared. Sendit also ensures that these entities comply with legal regulations on personal data protection, information security and other applicable legislation, both at contractual level and regarding the technical and procedural implementation of technical and organizational data protection measures.
Additionally, whenever required by law or court order, we will disclose your personal data to the relevant authorities in accordance with the law.
We will not transfer your personal data to any country outside the European Economic Area.
5. Data Security
Sendit undertakes to adopt the necessary security measures to ensure the safeguarding of personal data against possible misuse. These measures include technical and organizational measures that ensure the confidentiality of personal data, protecting them against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access and against other unlawful forms of data processing.
Notwithstanding the foregoing, the User acknowledges and accepts that, since the Internet is an open network, personal data may circulate on the network without security conditions, running the risk of being seen and used by unauthorized third parties and Sendit cannot be held responsible for such access or use. Therefore, the User acknowledges and accepts, under his responsibility, the risk of inadvertent disclosure of passwords, confidential codes, and any information of a confidential nature.
6. Rights of the Data Subject
In compliance with the RGPD, the User has the following rights in relation to the processing of their data:
Right of Access – Whenever you request, you may access your personal data by asking us for information about the specific data we hold about you, as well as the characteristics of the data processing we perform. Before allowing access to personal data or making any corrections to them, Sendit will take the necessary measures to verify your identity.
Right of Rectification – Whenever you consider that your personal data (provided by you) is incomplete or incorrect, you may request its rectification or that it be completed.
Right to Erasure – You may request that your personal data be erased when the personal data is no longer necessary for the purpose for which it was collected or processed.
Note that notwithstanding your right to erasure or limitation, Sendit may retain certain personal data when required or authorized by law or when it has a legitimate reason to do so (e.g., to prove performance of a contract), for the exercise or defence of rights in court or when the exercise of such rights would violate the right to freedom of expression and information.
Right to Limitation of Processing – You may request the limitation of the processing of your personal data, in the form of: (i) suspension of processing, or (ii) limitation of the scope of processing to certain categories of data or purposes of processing.
Right of Portability – You may request Sendit to deliver, in a structured, commonly used and machine-readable format, the personal data provided by you.
Right to object – You have the right to object to the processing of your personal data at any time where the processing is carried out on the basis of legitimate interests pursued by the controller or by a third party. Sendit will, in such cases, stop processing your personal data, unless it has legitimate reasons to carry out such processing and these override your interests.
You may also object to the processing of your data for direct marketing purposes, including profiling that is related to such marketing.
How to opt-out of receiving promotional messages from Sendit
Within the scope of the established business relationship, you may occasionally receive, via email or SMS, information related to the service/platform, as well as Sendit products, campaigns, discounts and promotions, as well as special offers and other opportunities available on the Platform. Sendit sends this information directly or through third parties.
You will only receive promotional communications if you do not object.
At any time you may decide not to receive further promotional information from Sendit. In such a case, you may cancel the sending of promotional messages by contacting the following email address: compliance@sendit.pt
Sendit guarantees, in all promotional communications, the possibility for the holder to object to receiving them by including instructions for cancelling their sending.
Right to Withdraw Your Consent – In cases where data processing is done based on your consent, you may withdraw consent at any time.
File a complaint with the National Data Protection Commission – whenever you believe that your personal data has been violated.
You can exercise your rights by contacting the following email address: compliance@sendit.pt.
7. Conservation of Personal Data
Sendit keeps personal data for as long as it is necessary for the provision of the service contracted under the use of the Platform. In this regard, we shall only keep your personal data for the period strictly necessary for the pursuit of the specific purpose for which the data was initially collected. In some cases, and to comply with the law, for example tax obligations, we shall have to keep your personal data for the period expressly provided for by law.
At any time, you can delete your account in the Account Settings section of our Platform. This will delete your personal data from our records and it will no longer be used. We may, however, retain copies of your personal data in backup copies for legal retention purposes.
8. Information used and imported by Clients to the Platform
The Client is solely responsible for importing and managing the databases of the respective recipients of the communications and marketing campaigns sent by the digital communication channels provided via the Platform, namely SMS and Email (“Recipients”).
In particular, all obligations relating to the sending of unsolicited communications for marketing purposes rest with the Client, and it is the Client’s sole responsibility to comply with all legal requirements, such as obtaining valid consent or ensuring that Recipients are able to opt-out of marketing communications, and to provide proof of compliance with all legal formalities should the need arise.
Consequently, in relation to the personal data of the Recipients that the Client processes and imports within the scope of its use of the Platform, the Client acts as the controller and Sendit acts as its subcontractor.
The Client, as the controller, is responsible, in accordance with the applicable data protection legislation and the Platform’s Terms and Conditions, for defining the nature and purposes of the processing, the type of personal data processed and the categories of data subjects, as well as the means of processing.
Sendit will therefore process the personal data of the Recipients only upon the Client’s instructions and authority and for the sole purpose of providing the services set forth in the Platform’s Terms and Conditions.
Notwithstanding the above, Sendit may process the Recipients’ personal data for the exercise or defence of rights in court or before regulatory/supervisory bodies, namely to prove compliance with legal obligations regarding the sending of unsolicited communications (which fall exclusively on the Client, as the controller, as mentioned above).
Sendit will not communicate, transmit, transfer or disclose, by any means, the personal data of the recipients to third parties, except in cases where, for technical reasons of platform operation and always ensuring the measures of pseudonymization and encryption of data, it must transfer them to the respective partners.
Sendit undertakes to implement technical and organizational measures to protect the personal data of the Recipients against any unauthorized or illegal processing or, against any accidental loss, damage, alteration or disclosure thereof.
Upon termination of the contract entered between Sendit and the Client, whatever the cause thereof, Sendit will destroy or return the Recipients’ personal data collected under and for the purposes of providing the services set forth in the Platform’s Terms and Conditions, together with any accessory or supporting documentation that may contain the Recipients’ personal data.
9. Changes to the Privacy Policy
This Privacy Policy is posted on the website and on the Platform.
Whenever there is a change in the Privacy Policy, Sendit will send an email informing of such change and the same will be duly advertised on the website at https://arpoone.com
If you have any questions about the Privacy Policy, please feel free to contact us through the contacts available on the Platform or by writing to the following email address: compliance@sendit.pt
10. Contacts
10.1. General
Rua Fradesso da Silveira nº4, 3ºB
Urbanization Alcântara Rio
1300-609 Lisboa
Phone: +351 213 405 290
Email: info@sendit.pt
10.2 Data Treatment
To exercise your rights regarding the processing of your data (data protection rights) or for any clarification in case of questions about this Policy, you may contact Sendit and its Data Protection Officer. The Sendit Data Protection Officer may be contacted at the above address or by email at compliance@sendit.pt.