Data Processing
Effective Date: 03/27/2019
By use of AWeber services, you instruct AWeber to process any personal data you provide to AWeber in alignment with AWeber’s Service Agreement and Privacy Policy and agree to the processing of any personal data that AWeber provides to you in connection with the services. Customer also specifically authorizes the engagement of AWeber’s Advocates as Sub-processors. In addition, Customer generally authorizes the engagement of any other third parties as Sub-processors.
Customer Obligations
By use of AWeber services you agree to comply with data protection, security and other obligations with respect to any and all personal data by adhering to the AWeber Service Agreement and Anti-Spam policies, and Privacy Policy along with all local data protection laws to which you are subject. AWeber will inform you if, in AWeber’s opinion, you have violated any data processing obligation.
Details of Data Processing
Subject Matter: All AWeber services, Customer provided data, and related technical support to Customer, including all publicly available information that is transmitted or retrieved from sub-processors of AWeber.
Duration of the Processing: As identified in the AWeber Service Agreement.
Nature and Purpose of the Processing: AWeber provides an email service, automation and marketing platform and other related services as identified in our Privacy Policy.
Categories of Data: As outlined in our Privacy Policy ("I Am An AWeber Advocate.", "I Am A Subscriber To An Email List Managed Through AWeber.", "I Am An AWeber Customer.")
Data Subjects: Personal data submitted, stored, sent or received via AWeber services that may concern the Customer or Subscribers of the Customer.
Data Security
AWeber takes all reasonable technical and organizational measures to commit to confidentiality of your data including:
- Use of encryption
- Continual monitoring of the confidentiality, integrity, availability, and resilience of our systems
- Preparedness to restore availability of our services in the event of a physical or technical incident
- Regular risk assessments of all systems
- Commercially reasonable steps to ensure employees and those acting on AWeber’s behalf maintain confidentiality of personal data
- Privacy confirmations of all sub-processors engaged in providing AWeber services to provide at least the same level of protection for the personal data and the rights of data subject as AWeber.
- Providing written responses to all reasonable requests for information made by customers
- In the event of a personal data breach, reasonably assisting customers with data security audits, including inspections, conducted by the customer, auditors, law enforcement, or other supervisory authorities
- Providing notice to customers regarding personal data breaches without undue delay
- Reasonably assisting customers with their obligations to Supervisory Authority Data Protection Impact Assessments and Prior Consultation taking into account the nature of processing and data involved
- Maintaining Privacy-Shield certification
- Maintaining Payment Card Industry (PCI) Security certification
Data Rights
Right to be informed: You or your subscribers can ask about personal data, how it is used, and why it is being used at any time.
Right of access: As outlined in our Privacy Policy (Access to Personal Information).
Right of rectification: You or your subscribers can update (or request updates to) personal information at any time.
Right of erasure: You may cancel your AWeber account at any time and may additionally request that AWeber erase your personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. Your subscribers may also request that you or AWeber do the same for their personal data. AWeber reserves the right to keep the minimum amount of information that helps us prevent fraud to keep your deliverability the highest it can be.
Right to restrict processing: You may put your account on hold at any time which restricts the sending of email. Your data will still be processed for other actions such as billing and by our sub-processors. You may backup and deactivate a list to verify subscriber data and reactivate within 30 days. You may cancel your account to restrict all data processing of your data and your subscribers and reactivate your account as long as we have not yet deleted your information according to our retention policies.
Right to data portability: You may export any of your lists, or selected information within any list, at any time while your account is active by accessing your AWeber account.
Right to object: You may unsubscribe from any of AWeber’s emails at any time. Your subscribers may unsubscribe from your emails at any time.
AWeber does not discriminate against a customer, price services differently, or reduce quality of service based on exercising of the above data rights.
Sub-processors
You may opt-in to be informed of sub-processor additions excluding those on our list of sub-processors below by contacting us. If you object to any sub-processor addition, you may cancel your account within 5 days of the notification provided that such objection is based on reasonable grounds relating to data protection. You may independently contact any of these sub-processors directly to have your information erased that they store about you. This may include information you provided to AWeber or information AWeber procured from the sub-processor.
| Sub Processor | Purpose |
|---|---|
| Amazon | Cloud Infrastructure Hosting |
| Clearbit | Customer Intelligence |
| eHawk | Spam Prevention |
| First Data | Customer Billing |
| Fullstory | Customer Support |
| Business Analytics | |
| Kissmetrics | Business Analytics |
| Qualaroo | Customer Surveys |
| LiveChatInc | Customer Support |
| PayPal | Billing and Payments |
| Salesforce | Customer Sales Management |
| Sift Science | Spam Prevention |
| Survey Gizmo | Customer Surveys |
| VWO | A/B Testing |
| Zendesk | Customer Support |