DirectMail2.0 Privacy Policy

DirectMail2.0 (DM20) is a cloud based direct mail marketing technology platform. Its goal is to automate, report on and enhance the effectiveness of direct mail. It does this through the application of various digital technologies depending on the version and variation of the product. In implementing these technologies DM20 incorporates several vendors into one platform to accomplish these goals for our partners and their clients. In doing so, DM20 relies mainly on the security and privacy of the vendors we partner with to ensure privacy and security of data.
General Data Collection, Storage & Use

It is DM20’s overall purpose and policy NOT to store or collect any private personal information for or from any of its partners, their clients or the end users being targeted by the advertising performed on our platform.
We only collect postal mailing information and sometimes email addresses when provided (Name, Address and sometimes email ONLY, no other personal information is accepted, handled or retrieved). That data is used to initiate digital campaigns and mailing related services but is not sold or shared with any organizations other than those we must to conduct the advertising so contracted for.

All incoming and outgoing data is stored at AWS (Amazon Web Services) on secure servers. This includes all data, passwords and logins for the authorized users of our website. Their privacy policy can be found here:

Customer Provided Data
All data involving Customer’s or Customer’s clients’ campaign(s), including but not limited to mailing lists, designs, and customer information (“Data”), transferred by Customer to DM20 in the utilization of the product, will only be used for the provision of the Services. The Data will not be transferred to any third party and DM20 will not solicit customers obtained from the Data without Customer’s written permission.

Use of Anonymous Data
Customer acknowledges and agrees that DM20 may obtain and aggregate data it captures or comes in contact with
through use of its Services excluding any personally identifiable data with respect to Customer (“Aggregated
Anonymous Data”), and DM20 may use the Aggregated Anonymous Data to analyze, improve, support and operate
the Services and otherwise for any business purpose, during and after the term of any Agreement, including without
limitation to generate industry benchmarks or best practices guidance, recommendation or similar reports for
distribution to and consumption by Customer and other DM20 customers and prospects. For clarity, the Section does not give DM20 the right to identify Customer as the source of any Aggregated Anonymous data.

Feedback & Campaign Results Utilization
If Customer provides suggestions, comments and feedback regarding the Services, including but not limited to
usability, bug reports and usage results, (collectively, “Feedback”), DM20 may make, use, copy, modify, sell,
distribute, sub-license, and create derivative works of the Feedback as part of any of DM20’s products, technology,
services, specifications or other documentation. In addition, DM20 may, in its sole discretion, use Customer’s
campaign results and analytics, to include the number of calls received and website visitors, for both internal
product development purposes, as well as marketing materials to be published to third parties but will not identify
the Customer as the source of any.

USPS/Informed Delivery
Processed mailing lists are shared with USPS Informed Visibility and Informed Delivery. Only IMDB
digits are shared with the USPS for these services and thus contain no personal information. Here is
their privacy Policy:

Call Tracking
We partner with Twilio and WhitePages for this service. The information returned by Twilio and
WhitePages is password protected and stored on our AWS servers. Recorded phone calls are
disclosed to the caller per the law and are ONLY accessible to the client the calls were made to.
They are NOT accessible by DM20 or its partners. Compliance with all laws governing recording of calls is
Customer’s sole responsibility, including obtaining all necessary consents. Customer understands and agrees
that DM20 is not responsible for determining the lawfulness of recording any particular call(s). Twilio’s security and privacy policy is here:

Advertising & Ads
DM20 deploys all ad campaigns via the Google Network, Facebook and LinkedIn. We comply to all
of their advertising policies as stated on their sites. We have no special rights or access to any data
going to or from their respective platforms. We are not in control of the ads they will or will not
accept. We do not give them nor do we receive any personal private information on ad targets
belonging to clients. Below are links to their respective privacy and advertising policies.

LeadMatch Services
With permission and placement of the pixel by the client, the LEADMatch pixel placed returns to our
vendor a Device ID (if available), IP address, cookie-based information, time of firing and page of firing. Those
data points are used to return (through externally acquired databases owned by our vendor and proprietary
algorithms) a residential postal address of the most likely visitor tied to the user of that device/IP
address. LEADMatch service collects only postal address from website visitors. We collect no
personal or private information. No names, no phone numbers, no emails, no financial, no medical or
personal information is retrieved, shared, exposed other than a likely residential postal address of the
visitor. Postal addresses are publicly available there is no personal identifiable information as we are not
identifying the person in the home who made the visit, only the most likely address. The collection pixel is
placed with permission. Our vendor partner for this service is Barometric. Their privacy policy is
located here:

Removal of Data
Should you, your partners or clients request to know what personal information we may
have or any personal information you would like to be removed please contact us at

Event of Data Breach
In the event of a data breach any partners or clients affected by a data breach involving
any personal or private information will be notified via email within 48 hours of the
confirmed breach.