1. The Basics
A. About Us
NoteRouter is an online communication platform (the "Services") operated by The Gough Company LLC, a company headquartered in the State of California in the United States ("we," "us," "our," and "NoteRouter").
The Services enable our Organizations to manage and send their communications via email and text, while also allowing our Organizations’ Contacts to influence what they are sent. We also provide other related services, such as data analytics in real-time. Learn more about our Services here.
NoteRouter takes its mission of providing large organizations a way to meaningfully connect with their Contacts seriously. As such, we also take data privacy and respect seriously, and we specifically refuse some data. Please read on for details.
Under the California Consumer Privacy Act (CCPA), you have the right to opt out of the sharing of your personal information. To exercise this right, click the button to be redirected to another page to opt-out:
B. Key Terms
In this privacy policy, these terms have the following meanings:
"Member" is a person an Organization may contact through our Services. In other words, a Member is anyone in an Organization’s Contact Database, or someone whom an Organization has provided us information for. For example, if you are an Organization, a subscriber to your email and/or text outreach would be considered a Member. If you have a contractual relationship with a professional association, and that association is one of our Organizations, it’s very likely that you’re considered a Member.
"Contact Database" is a list of Contacts an Organization may upload or manage on our platform, along with all associated information related to those Contacts (for example: email addresses, phone numbers, and preferences). Contacts can also update their own preferences and contact information easily via the Member Preference Form.
"Contact Preference Form" is a form Contacts can use to modify their contact information and preferences at any time. Contacts can access the Contact Preference Form by using the link provided at the bottom of NoteRouter emails, or by using the link provided by responding "INFO" to NoteRouter texts.
"Organization" means any person or entity that is registered with us to use the Services.
"Personal Information" means any information that identifies or can be used to identify an Organization, a Member, or a Visitor, either directly or indirectly. Examples of Personal Information include, but are not limited to, first and last name, date of birth, email address, phone number, gender, occupation, or other demographic information.
"Website(s)" means any website(s) we own and operate (such as www.noterouter.com) or any web pages, applications, social networks, interactive features, widgets, blogs, or other online/mobile/wireless offerings that post a link to this privacy policy.
"User" means any person or entity using the Services that is working under or on behalf of an Organization that is registered to use the Services.
"Visitor" means any person who visits any of our Websites.
"You" and "your" means, depending on the context, either an Organization, a Member, or a Visitor.
2. Privacy for Organizations and Users
This section applies to the Personal Information we collect and process from an Organization and Users through the provision of the Services. If you are not an Organization or User, the Contacts or Visitors section of this policy may be more applicable to you and your data. In this section, "you" and "your" refer to Organizations and Users.
A. Information We Collect
Broadly speaking, the Personal Information that we may collect falls into the following categories:
(i) Information you provide to us: In the course of engaging with our Services, you may provide Personal Information about you and your Contacts. Personal Information is often, but not exclusively, provided to us when your account is created in order to use the Services, and when you consult with our customer service team, send us an email, integrate the Services with another website or service (for example, when you choose to connect your current membership software with NoteRouter), or communicate with us in any other way.
If any Personal Information is requested by NoteRouter, prior to collection, we will inform you whether the provision of Personal Information is mandatory or optional, and clearly explain the consequences of not providing requested information. We will only collect Personal Information that is necessary for the specified purposes outlined in this privacy policy. By giving us this information, you agree to this information being collected, used and disclosed as described in this privacy policy.
This information may include:
• Registration information: You need a NoteRouter account to use the Services as a User. In order to create an Organization account or User account, we will need to input certain basic information, such as your name, email address, username, password, and phone number. Organization accounts require some additional information such as Organization name and address.
• Billing and communications information: If you purchase our Services, you may also need to provide us with billing and payment information, such as your billing address and credit card details. NoteRouter will also maintain a record of your purchases and billing transactions, along with any communications and responses.
• Information we process on your behalf: In order to send a targeted message via email and text or use certain features in your account, you will need to provide us with Member records that provide us information about your Contacts, such as their names, email address, phone number, and various professional information. We use and process this information to provide the Services in accordance with your instructions.
(ii) Information we collect automatically: When you use the Services, we may automatically collect certain information about your usage of the Services and your device. We use various tracking technologies including but not limited to cookies in order to collect some of this information. Our use of cookies and other tracking technologies is discussed more below.
This information may include:
• Device information: We collect information about the device and applications you use to access the Services, such as your operating system, your IP address, your browser ID, and other information about your connection and system.
• Log data: Our web servers keep log files that record data each time a device accesses those servers and those log files contain data about the nature of each access, including originating IP addresses. We may also access metadata and other information associated with files that you upload into our Services.
• Product usage data: We collect usage data about you whenever you interact with our Services, which may include the dates and times you access the Services and your browsing activities (specifically, such as what portions of the Services are used). We also collect information regarding the performance of the Services, including metrics related to the deliverability of emails and other communications you send through the Services. This information allows us to help you identify how well you’re engaging your Contacts, improve the content and operation of the Services, and to facilitate research and analysis of the Services.
(iii) Information we collect from other sources: From time to time, we may obtain information about Organizations and Contacts from third-party sources, such as third-party data providers, public databases, social media platforms, and joint marketing partners. We take steps to ensure that such third parties are legally or contractually allowed to disclose such information to us.
• Examples of the information we might receive from other sources include demographic information (such as age and gender), device information (such as IP addresses), location (such as city and state), and online behavioral data (such as information about use of social media websites, page view information and search results and links). We use this information, alone or in combination with other information (including Personal Information) we collect, to enhance our ability to provide relevant marketing and content to you and to develop and provide you with more relevant products, features, and services.
B. Use of Personal Information
We may use the Personal Information we collect through the Services or other sources for a large range of reasons, including:
• To bill and collect money owed to us by you. This includes calling you or sending you emails, receipts, invoices, notices of delinquency, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and those third parties collect billing information to process your orders and credit card payments. To learn more about the steps we take to safeguard that data, see the "Our Security" section of this privacy policy.
• To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
• To send you system alert messages. For example, we may inform you about temporary or permanent changes to our Services, such as planned outages - or to send you account, security or compliance notifications, such as new features, version updates, releases, abuse warnings, and changes to this privacy policy.
• To communicate with you about your account and provide customer support. For example, if you ever call our customer support team, we want to make sure any issue you bring to our attention is resolved to your satisfaction.
• To enforce compliance with our Terms of Use and applicable law, and to protect the rights and safety of our Organizations, Users, and third parties, as well as our own. This may include developing tools and algorithms that help us prevent violations. For example, sometimes we may evaluate the content of our Organizations’ outgoing text and email messages to make sure they comply with our Terms of Use. To improve that process, we may use software that helps us find messages that may violate our Terms of Use. Our employees or independent contractors may review those particular messages. This benefits all Organizations who comply with our Terms of Use because it reduces the amount of spam being sent through our servers and helps us maintain high deliverability. Email and text messaging systems are not designed to guarantee the security of confidential information. You must not use NoteRouter to send sensitive personal data (as defined by applicable data protection laws), confidential information, or other regulated data types unless specifically authorized under a separate written agreement with NoteRouter that provides for appropriate security measures.
• To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
• To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.
• To prosecute and defend a court, arbitration, or similar legal proceeding.
• To provide, support and improve the Services.
• For our data analytics projects: We conduct data analytics projects to improve our Services, which may involve processing Personal Information from NoteRouter accounts. Such processing is conducted in accordance with applicable data protection laws and subject to appropriate technical and organizational safeguards. Where possible, we use anonymized or pseudonymized data for analytics purposes. We use information like your sending habits so we can make more informed decisions, predictions, and products for our Organizations. If you or your Contacts prefer not to share this data, you can opt out of data analytics projects at any time by emailing us at outreach@noterouter.com. For example, we use data from NoteRouter accounts to enable audience segmentation and outreach performance features for our Organizations. We will act as a data controller to process data for our data analytics projects in reliance on our legitimate business interests of improving and enhancing our products and services for our Users. As always, we take the privacy of Personal Information seriously, and will continue to implement appropriate safeguards to protect this Personal Information from misuse or unauthorized disclosure.
• Combined information. We may combine Personal Information with other information we collect or obtain about you (for example, information we source from third-party partners) to serve you specifically, such as to deliver a product or service according to your restrictions or preferences, or for advertising or targeting purposes in accordance with this privacy policy. When we combine Personal Information with other information in this way, we treat it as Personal Information, and apply all of the safeguards in this privacy policy applicable to, Personal Information.
• Other purposes. To carry out other legitimate business purposes, as well as other lawful purposes about which we will notify you.
C. Cookies and Tracking Technologies
We and our partners use a variety of technologies to collect and store information when you use our Services, which includes the use of cookies and similar tracking technologies such as web beacons and pixels. These technologies are implemented to enhance the functionality and user experience of our Services.
Cookies are small data files stored on your device that help us recognize you as a user and improve the efficiency of your interactions with our Services. They allow us to remember your preferences and tailor our Services to better suit your needs.
Web beacons and pixels are small graphic images embedded in emails or on websites, used to track user interaction with content. For instance, we might use web beacons in emails we send on your behalf to monitor specific behaviors, such as whether the email was delivered, opened, or if links within the email were clicked. This tracking provides us with valuable information such as the recipient’s IP address, browser type, email client type, and other similar details.
The information gathered through these technologies helps us measure the performance of your messages and provides analytics to enhance the effectiveness of our Services. We utilize this data to refine our Services, ensuring they meet the needs of our users while maintaining high standards of performance.
You have the ability to control the use of cookies and similar technologies. Most browsers allow you to manage cookie preferences, including blocking or deleting cookies. Please note that disabling cookies may affect the functionality and availability of certain features within our Services.
For detailed information about the types of cookies and tracking technologies we use, their purposes, and how you can manage your preferences, please contact us at outreach@noterouter.com.
D. Contact Data
Your Contact Data can be provided in a number of ways both manual and automated. An example of manual creation includes importing contact information stored in CSV format into NoteRouter. An example of automated creation includes the integration we may have with your 3rd party membership management database, whereby your contact records are imported via API or similar technology. Your Contact Data is stored on a secure server. We do not, under any circumstances, sell your Contact Data. If a contact in your NoteRouter account complains or contacts us, we might then contact that person. You may download your Contact Data from NoteRouter at any time.
If we detect illegal or abusive behavior related to your Contact Data, we may share your Contact Data or portions of it with affected ISPs or anti-spam organizations to the extent permitted or required by applicable law.
E. Other Data Protection Rights
You and your Contacts may have the following data protection rights:
• To access, correct, update or request deletion of Personal Information. NoteRouter takes reasonable steps to ensure that the data we collect is reliable for its intended use, as well as accurate, complete, and up to date. You can manage many of your Organization or individual User account and profile settings within the interface provided through the NoteRouter platform, or you may contact us directly by emailing us at outreach@noterouter.com. You can also manage information about your Contacts within the interface provided through the NoteRouter platform to help you fulfill any requests to access, correct, update or delete information that you receive from your Contacts. Please note: if NoteRouter imports data automatically using an integration with a 3rd party membership management database your Organization uses, some information may not be editable using NoteRouter and must be edited directly within your 3rd party membership software, which should then update NoteRouter.
• In addition, individuals who are residents of the EEA, UK, or other jurisdictions with similar data protection rights can: (1) object to processing of their Personal Information; (2) request restriction of processing of their Personal Information; (3) request portability of their Personal Information; and (4) lodge a complaint with their local supervisory authority. These rights may be subject to certain conditions and limitations under applicable law. You can exercise these rights by contacting us using the contact details provided in the "Questions and Concerns" section below. If any of your Contacts wishes to exercise any of these rights, they should contact you directly, or contact us as described in the "Privacy for Contacts " section below.
• Additionally, if Personal Information is collected or processed on the basis of consent, the data subject can withdraw their consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent. As an Organization, if you receive these requests from Contacts, you have the option to designate and assign Tags within the NoteRouter platform to ensure that you only send messages to Contacts who have not opted out of receiving such messages. Alternatively, Users can manually disable the pertinent channels for a specific Member if the Member is unable to do so themselves via their Contact Preference Form.
• The right to complain to a data protection authority about the collection and use of Personal Information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA are available here.We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection law. We may ask you to verify your identity in order to help us respond efficiently to your request. If we receive a request from one of your Contacts, we will either direct the Contact to reach out to you, or, if appropriate, we may respond directly to their request.
3. Privacy for Contacts
This section applies to the information we process about our Organizations’ Contacts as a data controller pursuant to our legitimate business interests, as explained in the "Legal Basis for Processing" section below. Our Services are intended for use by our Organizations. As a result, for much of the Personal Information we collect and process about Contacts through the Services, we act as a processor on behalf of our Organizations. NoteRouter is not responsible for the privacy or security practices of our Organizations, which may differ from those set forth in this privacy policy. Please check with the Organization(s) using NoteRouter that you are affiliated with about the policies they have in place. For purposes of this section, "you" and "your" refer to Contacts.
A. Information We Collect
Broadly speaking, the Personal Information that we may collect or receive about you falls into the following categories:
(i) Information we receive about Contacts from our Organizations: An Organization may provide Personal Information about you to us through the Services. For example, when an Organization uploads their Contactrecords into NoteRouter’s Contact Database, or integrates the Services with another website or service (for example, when an Organization chooses to connect their membership management system with NoteRouter), they may provide us with certain contact information or other Personal or professional Information about you such as your name, email address, address, phone number, and professional designations. You may have the opportunity to update some of this information by choosing to adjust your contact information or preferences via an email or text you receive from an Organization.
(ii) Information we collect automatically: When you interact with an email or text message that you receive from an Organization, we may collect information about your device and interaction with the message. We may use cookies and other tracking technologies to collect some of this information. Our use of cookies and other tracking technologies is discussed more below.
• Device information: We collect information about the applications and device you use to access messages sent through our Services, which may include your operating system, your IP address, your browser ID, and other information about your system and connection.
• Product usage data: We collect usage data about you whenever you interact with messages sent through the Services, which may include dates and times you access messages and your browsing activities (such as what pages are viewed when a message is opened up in a browser). We also collect information regarding the performance of the Services, including analytics related to the deliverability of texts, emails and other electronic communications our Organizations send through the Services. This information allows us to improve the content and operation of the Services, and facilitate analysis and research of the Services.
(iii) Information we collect from other sources: One of the primary ways an Organization may opt to provide us information about their Contacts is through a 3rd party membership management database the Organization already uses, such as an association management software. NoteRouter may integrate with these databases in order to allow our Organizations to communicate with their Contacts based on professional and personal information the Organization already has collected from its Contacts. We take steps to ensure that such third parties are legally or contractually permitted to disclose such information to us, and we use this information to provide our Organizations the ability to be very relevant to you. The integrations we build may also allow you to more easily update some of your personal information that has been collected by the Organization you are affiliated with.
B. Use of Personal Information
We do not, under any circumstances, sell your Contact Data. We may use the Personal Information we receive or collect about you for our legitimate business interests, including:
• To enforce compliance with our Terms of Use and applicable law. This may include developing tools that help us prevent violations.
• To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
• To protect the rights and safety of our Contacts and third parties, as well as our own. For example, sometimes we may evaluate the content of our Organizations’ outgoing text and email messages to make sure they comply with our Terms of Use. To improve that process, we may use software that helps us find messages that may violate our Terms of Use. Our employees or independent contractors may review those particular messages. This benefits all Organizations who comply with our Terms of Use because it reduces the amount of spam being sent through our servers and helps us maintain high deliverability.
• To meet legal requirements, including complying with court orders, valid subpoenas, valid discovery requests, and other appropriate legal mechanisms.
• To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.
• To prosecute and defend a court, arbitration, or similar legal proceeding.
• To provide, support and improve the Services.
• For our data analytics projects. We may conduct data analytics projects which analyze data from NoteRouter accounts, which may include your Personal Information, in order to provide and improve the Services. We study information like your message engagement habits so we can make more informed decisions, predictions, and products for our Organizations. It also helps us provide our Organizations with tools to ensure you have more control over what messages you receive. If you prefer not to share this data, you can opt out of data analytics projects at any time by emailing us at outreach@noterouter.com. As always, we take the privacy of Personal Information seriously, and will continue to implement appropriate safeguards to protect this Personal Information from misuse or unauthorized disclosure.
• Other purposes. To carry out other legitimate business purposes, as well as other lawful purposes.
C. Cookies and Tracking Technologies
We and our partners may use various technologies to collect and store information when Organizations use our Services, and this may include using cookies and similar tracking technologies, such as web beacons and pixels. For example, we might use web beacons in emails we send on your behalf to track certain behavior, such as whether the email sent through the Services was delivered and opened, and whether or not links within the email were clicked. Such tracking technologies also allow us to collect information such as the recipient’s IP address, browser, email client type and other similar details. We use this information to measure the performance of messages, as well as to provide analytics information and enhance the effectiveness of our Services.
D. Legal Basis for Processing
We process Personal Information about you as a data controller as described in this section, where such processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. Our legitimate interests typically include: providing, improving, and maintaining our technology, services and products; and ensuring the security of the Services and our Website.
E. Other Data Protection Rights
You may have the following data protection rights:
• To access, correct, update or request deletion of Personal Information. NoteRouter takes reasonable steps to ensure that the data we collect is reliable for its intended use, as well as accurate, complete, and up to date. You can manage use the Member Preference Form provided through the NoteRouter platform to help you access, correct, or update some of your Personal Information. For more help, and for other requests such as deletions, you may contact us directly by emailing us at outreach@noterouter.com. We will consider any request we receive from you in accordance with applicable laws. Please note: if NoteRouter imports data automatically using an integration with a 3rd party membership management database your Organization uses, some information may not be editable using NoteRouter and must be edited directly within your Organization’s 3rd party membership software. Contact the Organization using NoteRouter that you are affiliated with for help fulfilling those requests.
• Additionally, if you are a resident of the EEA, you can object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information. You can exercise these rights by contacting us using the contact details provided in the "Questions and Concerns" section below.
• The right to complain to a data protection authority about the collection and use of Personal Information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA are available here.
As described above, for a great deal of the Personal Information we process and collect about Contacts through the Services, we act as a processor on behalf of our Organizations. In such cases, if you are a Member and want to exercise any data protection rights that may be available to you under applicable law, or if you have questions or concerns about how your Personal Information is handled by NoteRouter as a processor on behalf of our individual Contacts, you should contact the pertinent Organization you are affiliated with that is using the NoteRouter Services, and refer to their separate privacy policies.
If you no longer want to be contacted by one of our Organizations through our Services, please update your Member Preference Form using the link provided in NoteRouter texts and emails, or contact the Organization you are affiliated with that is using NoteRouter to update or delete your data. If you contact us directly, we may remove or update your information within a reasonable time and once we have provided notice to the Organization of your request.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may ask you to verify your identity in order to help us respond efficiently to your request. Additionally, in the event of a data breach where your personal information is compromised, we will notify you promptly and provide details of the breach and remedial measures in accordance with applicable law.
4. Privacy for Visitors
This section applies to Personal Information that we collect and process through our Websites and in the standard course of our business, such as in connection with our sales and marketing activities, recruitment, and events. In this section "you" and "your" refers to Visitors. In addition, for California residents, in compliance with the California Consumer Privacy Act (CCPA), you have the right to request information regarding our collection, use, and sale of your personal information, request deletion of your personal information, and opt out of the sale of your personal information. To exercise these rights, please contact us at outreach@noterouter.com.
A. Information We Collect
(i) Information you provide to us on the Websites or otherwise: Certain parts of our Websites may ask you to voluntarily provide Personal Information. For example, we may ask you to provide certain Personal Information (such as your name, contact details, or company name) in order to sign up for a free or paid NoteRouter account, apply for a role with NoteRouter, or otherwise submit inquiries to us. We may also collect Personal Information, such as your contact and job details and feedback, when you take part in surveys, attend our events, or through other business or marketing interactions we may have with you. You may choose to provide additional information when you communicate with us or otherwise interact with us, and we will keep copies of any such communications for our records.
The Personal Information that you are asked to provide, along with the reasons why you are asked to provide it, will be made clear to you at the time when we ask you to provide your Personal Information. We will also let you know prior to collection if the provision of the Personal Information we are collecting is either compulsory or may be provided on a voluntary basis, along with the consequences, if any, of not providing the information.
(ii) Information we collect automatically through the Websites: When you visit our Websites, we may also collect certain information automatically from your device. In some countries, including countries in the European Economic Area, this information may be considered Personal Information under applicable data protection laws.
Specifically, the information we collect automatically may include your IP address, your operating system, your browser ID, your browsing activity, and other information about your system and connection and how you interact with our Websites and other websites. We may collect this information as a part of log files as well as through the use of cookies or other tracking technologies. Our use of cookies and other tracking technologies is discussed more below.
B. Use of Personal Information
We may use the information we collect through our Websites for a range of reasons, including:
• To provide, operate, optimize, and maintain our Websites.
• To send you information for marketing purposes.
• For recruitment purposes if you have applied for a role with NoteRouter.
• To respond to your online inquiries and requests, and to provide you with information and access to resources or services that you have requested from us.
• To manage our Websites and system administration and security.
• To improve the navigation and content of our Websites.
• To identify any server problems or other IT or network issues.
• To process transactions and to set up online accounts.
• To compile aggregated statistics about site usage and to better understand the preferences of our Visitors.
• To carry out research and development to improve our products and services.
• To customize content and layout of the Websites.
• To carry out other legitimate business purposes, as well as other lawful purposes.
In addition, we may combine Personal Information with other information we collect or obtain about you to serve you specifically, such as to deliver a product or service according to your preferences or restrictions, or for advertising or targeting purposes in accordance with this privacy policy. When we combine Personal Information with other information in this way, we treat it as Personal Information and apply all of the safeguards in this privacy policy applicable to Personal Information.
C. Public Information and Third-Party Websites
• Social media platforms and widgets. Our Websites may include social media features, such as the Facebook Like button. These features may collect information about your IP address and which page you are visiting on our Website, and they may set a cookie to make sure the feature functions properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. We may also maintain presences on social media platforms, including Facebook, Twitter, and Instagram. Any information, communications, or materials you submit to us via a social media platform is done at your own risk without any expectation of privacy. We cannot control the actions of other users of these platforms or the actions of the platforms themselves. Your interactions with those features and platforms are governed by the privacy policies of the companies that provide them.
• Links to third-party websites. Our Websites include links to other websites, whose privacy practices may be different from ours. If you submit Personal Information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit.
• Contests and sweepstakes. We may, from time to time, offer surveys, contests, sweepstakes, or other promotions on our Websites or through social media (collectively, "Promotions"). Participation in our Promotions is completely voluntary. Information requested for entry may include Personal Information such as your name, address, date of birth, phone number, email address, username, and similar details. We use the information you provide to administer our Promotions. We may also, unless prohibited by the Promotion’s rules or law, use the information provided to communicate with you, or other people you select, about our Services. We may share this information with our affiliates and other organizations or service providers in line with this privacy policy and the rules posted for our Promotions.
D. Cookies and Tracking Technologies
We and our partners use a variety of technologies to collect and store information when you use our Services, which includes the use of cookies and similar tracking technologies such as web beacons and pixels. These technologies are implemented to enhance the functionality and user experience of our Services.
Cookies are small data files stored on your device that help us recognize you as a user and improve the efficiency of your interactions with our Services. They allow us to remember your preferences and tailor our Services to better suit your needs.
Web beacons and pixels are small graphic images embedded in emails or on websites, used to track user interaction with content. For instance, we might use web beacons in emails we send on your behalf to monitor specific behaviors, such as whether the email was delivered, opened, or if links within the email were clicked. This tracking provides us with valuable information such as the recipient’s IP address, browser type, email client type, and other similar details.
The information gathered through these technologies helps us measure the performance of your messages and provides analytics to enhance the effectiveness of our Services. We utilize this data to refine our Services, ensuring they meet the needs of our users while maintaining high standards of performance.
You have the ability to control the use of cookies and similar technologies. Most browsers allow you to manage cookie preferences, including blocking or deleting cookies. Please note that disabling cookies may affect the functionality and availability of certain features within our Services.
For detailed information about the types of cookies and tracking technologies we use, their purposes, and how you can manage your preferences, please contact us at outreach@noterouter.com.
E. Other Data Protection Rights
You have the following data protection rights:
• To access, correct, update, or request deletion of your Personal Information. NoteRouter takes reasonable steps to ensure that the data we collect is reliable for its intended use, accurate, complete, and up to date. You may contact us directly at any time about accessing, correcting, updating, or deleting your Personal Information, or altering your data or marketing preferences by emailing us at outreach@noterouter.com. We will consider your request in accordance with applicable laws.
• In addition, if you are a resident of the EEA, you can object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information. Again, you can exercise these rights by emailing us at outreach@noterouter.com.
• Similarly, if we have collected and processed your Personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
• You have the right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA are available here.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may ask you to verify your identity in order to help us respond efficiently to your request.
5. General Information
A. How We Share Information
We may share and disclose your Personal Information to the following types of third parties for the purposes described in this privacy policy (for purposes of this section, "you" and "your" refer to Organizations, Users, Contacts, and Visitors unless otherwise indicated):
(i) Any competent law enforcement body, regulatory body, government agency, court or other third party where we believe disclosure is necessary (a) as a matter of applicable law or regulation, (b) to exercise, establish, or defend our legal rights, or (c) to protect your vital interests or those of any other person.
(ii) A potential buyer (and its agents and advisors) in the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this privacy policy, including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on our Website.
(iii) Any other person with your consent.
B. Legal Basis for Processing Personal Information (EEA Persons Only)
If you are from the European Economic Area, our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.
However, we will normally collect and use Personal Information from you where the processing is in our legitimate interests and not overridden by your data-protection interests or fundamental rights and freedoms. Typically, our legitimate interests include improving, maintaining, providing, and enhancing our technology, products, and services; ensuring the security of the Services and our Websites; and for our marketing activities.
If you are an Organization, we may need the Personal Information to perform a contract with you. In some limited cases, we may also have a legal obligation to collect Personal Information from you.
If we ask you to provide Personal Information to comply with a legal requirement or to perform a contact with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not, as well as of the possible consequences if you do not provide your Personal Information.
Where required by law, we will collect Personal Information only where we have your consent to do so.
If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us using the contact details provided in the "Questions and Concerns" section below.
C. Your Choices and Opt-Outs
Contacts who have enrolled or opted in to receive emails and texts from our Organizations can withdraw their consent and opt out at any time. To facilitate this, Contacts can access the "preferences" link at the bottom of emails to update their communication preferences or use the preferences form link provided in text messages. Additionally, opt-out requests can be submitted by emailing us through the contact information provided in the "Questions and Concerns" section of this policy. We commit to processing these requests within the timeframes required by the CAN-SPAM Act and the Telephone Consumer Protection Act (TCPA).
Please be aware that certain communications, such as service messages, account notifications, and billing information, are deemed transactional and essential for account management. These communications will continue unless the NoteRouter service agreement is terminated. We ensure compliance with the CAN-SPAM Act and TCPA by maintaining accurate records of consent and promptly addressing any opt-out requests to protect Contacts' rights and preferences.
SMS Messaging Privacy Notice
When you opt in to receive SMS messages from NoteRouter or from an organization using the NoteRouter platform, we collect and use your mobile phone number solely to deliver the messaging program you consented to, such as alerts, notifications, reminders, or marketing messages, depending on the program.
Message frequency varies. Message and data rates may apply. You may opt out of SMS messages at any time by replying STOP. For help, reply HELP. No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Mobile information and SMS consent are only shared with service providers who assist in delivering messaging services on our behalf. Your consent to receive SMS messages is not a condition of purchase.
Carriers are not liable for any delayed or undelivered messages.
D. Our Security
We take appropriate and reasonable technical and organizational measures to protect Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the Personal Information. In the event of a data breach compromising your Personal Information, we will promptly notify you and take remedial measures as required by applicable law. If you have any questions about the security of your Personal Information, you may contact us at outreach@noterouter.com.
NoteRouter accounts require a username and password to log in. Users must keep their username and password secure, and never disclose it to a third party. Because the information in a User’s NoteRouter account is so sensitive, account passwords are hashed, which means we cannot see a User’s password. We cannot resend forgotten passwords either. We will only provide Users with instructions on how to reset them.
E. International Transfers
(i) We operate in the United States
Our servers and offices are located in the United States, so your information may be transferred to, stored, or processed in the United States. While the data protection, privacy, and other laws of the United States might not be as comprehensive as those in your country, we take many steps to protect your privacy, including implementing appropriate technical and organizational measures to protect your personal information. For transfers of personal data from the EEA, we rely on appropriate safeguards including Standard Contractual Clauses approved by the European Commission.
F. Retention of Data
We retain Personal Information where we have an ongoing legitimate business or legal need to do so. Our retention periods will vary depending on the type of data involved, but, generally, we'll refer to these criteria in order to determine retention period:
• Whether we have a legal or contractual need to retain the data.
• Whether the data is necessary to provide our Services.
• Whether our Organizations have the ability to access and delete the data within their NoteRouter accounts.
• Whether our Organizations would reasonably expect that we would retain the data until they remove it or until their NoteRouter accounts are closed or terminated.
When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it, or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.
G. California Privacy
Under California Law, California residents have the right to request in writing from businesses with whom they have an established business relationship, (a) a list of the categories of Personal Information, such as name, email, and mailing address, and the type of services provided to the customer that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third-parties’ direct marketing purposes, and (b) the names and addresses of all such third parties.
Additionally, we comply with the requirements of the California Consumer Privacy Act (CCPA) by providing an opt-out button located above or through contacting us at the email address below. We ensure that we respond to valid requests within the timeframes required by law, and we have implemented procedures to verify the identity of requestors to safeguard the privacy of our customers. Furthermore, California residents have the right to request the deletion of their personal information, to opt out of the sale of their personal information, and to receive equal service and price even if they exercise their privacy rights.
To request the above information or exercise any of your rights under the CCPA, please contact us at outreach@noterouter.com.
H. Changes to this Policy
We may change this privacy policy at any time and from time to time. The most recent version of the privacy policy is reflected by the version date located at the top of this privacy policy. All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this privacy policy or other notice on the Websites. We encourage you to review this privacy policy often to stay informed of changes that may affect you. Our electronically or otherwise properly stored copies of this privacy policy are each deemed to be the true, complete, valid, authentic, and enforceable copy of the version of this privacy policy that was in effect on each respective date you visited the Website.
I. Questions & Concerns
If you have any questions or comments, or if you have a concern about the way in which we have handled any privacy matter, you may contact us by email at: outreach@noterouter.com
For EEA Residents:
For the purposes of EU data protection legislation, The Gough Company LLC d/b/a NoteRouter is the controller of your Personal Information. Our Data Protection Officer can be contacted at outreach@noterouter.com.
For Non-EEA Residents:
The Gough Company LLC d/b/a NoteRouter
Attn. Privacy Officer
outreach@noterouter.com
Last Updated: February 9, 2026
