MailChimp wants to squeeze more data from its users | Starts rating your spam

  • marzo 3, 2016
  • Jorge Morell Ramos

Síguenos en |     

MailChimp, the popular email marketing service, updated its terms and conditions last week: Terms of Use, Privacy Policy and the Acceptable Use Policy.

The changes are many and some of them with special significance on a day-to-day basis.

First of all, it seems obvious that MailChimp wants to get the most information out of its users. For starters, by linking all the information already gathered to our accountas well as other data that could be collected (probably from external sources). Second, an important paragraph has disappeared on the subject of advertising. MailChimp said that if someday a Privacy Policy change to use or share more personal data happened, and the reason was for marketing purposes, you would be able to opt-out without termination. Apparently, that will no longer be possible.

Third, to improve the service and to guarantee its quality. Now a new clause allows MailChimp to have access to the subscriber data, totally or partially, to detect abusive or illegal behavior related to the distribution lists and spam.

Even then, MailChimp still shows an interest for protecting the privacy of its users: Do Not Track is partially accepted, there is a new email address specifically related to the privacy subject and they guarantee the right to access the personal data free of charge (when that’s not the case in every country).

What’s more, another significant change is setting up percentage rates to establish if the services, products or content that we are promoting through MailChimp can be or not the subject of an investigation, to the point of suspending our account. The thing is that if we have a hard bounce rate over 5% or a spam complain rate over 0,1%, our account can be reviewed, throttled, suspended or disabled.

Some other interesting changes are related to Safe Harbor, charges for add-ons or its mobile app.

Now let’s take a closer look to all those changes. I’ve included a comparative of every document, taking into account the snap from the Tracker of Terms and Conditions.

Terms of Use from MailChimp – Comparative
  • The previous section 25, related to «Liquidated Damages», has been deleted. The new section twenty-five is the one about «Attorney fees».
  • Section 20, related to «Compliance with laws», says that you may not use the service for any unlawful or discriminatory activities, including acts prohibited by the Federal Trade Commission Act, the Fair Credit Reporting Act, the Equal Credit Opportunity Act or other laws that apply to commerce.
  • In section 20 too, the mention of the «European Economic Area» has been deleted. Now it just points out to signing up the Data Processing Agreement.
  • Section 17, related to «General Rules», has lost the clause that said that «unsolicited bulk email» means spam in favor of the Acceptable Use Policy.
  • Section 13, related to proprietary rights owned by MailChimp, now it includes trade secrets too.
  • There is a new section 11, related to the charges for add-ons. It establishes aspects such as when the charge will happen or that additional terms may apply.
  • Section 7, related to «Monthly Plans», points out now that payments are due for any month on the same or closest date to the day the first monthly payment was made. That’s not new, the novelty is that the previous version of the text also took into consideration the day the user signed up on the service. But not anymore.
  • A small paragraph about what the Acceptable Use Policy was for has been deleted.
  • The Copyright Policy is now included as one of the documents that can be considered as the terms and conditions of the service. Only the mention is new, the text was already available.
  • Section 36, related to «Amendments and Waiver», has lost a clause about the possible application of additional terms. Although that clause has been gained by section 41, related to the «Entire Agreement».
Privacy Policy from MailChimp- Comparative
  • Section 11, related to the Distributions Lists, points out an important change. Before the modification, the terms and conditions said that the distribution lists were not sold or shared. The new version of the text just says that they are not sold. The thing is that now MailChimp can obtain aggregate information from the distribution lists, so it can use that data to detect ilegal behavior. That means that a distribution list can be shared with an Internet service provider or an organizations anti-spam as a way to fight against abusive conducts.    
  • Sections 14 and 15 have two important updates on the subject of «Compliance». First of all, the reference to Safe Harbor and how MailChimp adhered to it, has disappeared. So, in case of a data transfer from Europe to USA, the users of the service located in the EU or Switzerland must request the updated data processing agreement (which incorporates the corresponding Standard Contractual Clauses). In second place, now the Privacy Policy expressly says that the service operates in United States, that the information from its users is processed and transferred to that country and that we consent that. 
  • The new section 16 is about the users of MailChimp that live in Australia. The platform says that is subject to the Privacy Act 1988 or Australian Privacy Act, although with some specific points.
  • There is a new section 18, related to the «Do Not Track» option. MailChimp does not monitor or follow any Do Not Track browser requests, although some of features of the platform may.
  • Section 17 now says that there is no charge for an individual to access or update his or her personal information.
  • For questions related to the security of the personal information there is a new channel of communication:
  • Section 5, related to «Information Collected», says that data such as the operating system, birth date, purchase history, localization, gender or occupation, is shared with the service too. That information, as well as other pieces of data, is processed and transferred to United States. The collected information is stored in association with the user account, as well as other information that MailChimp could gather about us (external sources probably).
  • There is a new section 7, related to the data collected  by the users, that mainly establishes how the data from the subscribers can be accessed by MailChimp. That means that a user from the service is responsible for obtaining the appropriate permission so MailChimp can collect and process the information about those individuals (the subscribers).
  • Section 2, related to «Changes», has lost an important paragraph about advertising. Before the modification, the terms and conditions of MailChimp said that if a Privacy Policy change to use or share more personal data for marketing purposes happened, you would be able to opt-out without termination. Well, that clause has been deleted.
  • In section 2 again, the term «material» has been included when talking about the kind of changes that MailChimp will notify its users. That means that now the service will notify only the material changes of the terms and conditions (although the term «material» is not defined). Nothing else.
  • Section 1, related to «Definitions», includes as a new concept «Aggregate Information». This information could be about a user of the service or the subscribers and includes data such as: emails, names, IP addresses, location or demographic information.
  • MailChimp keeps using the TRUSTe seal, although now it has reduced the extension of the text that talks about it.
  • There is a new paragraph about the information that MailChimp collects through the use of its mobile app. It doesn’t say anything very surprising. In fact, it points out that the information gathered is not associated with any other personal data from the user.
  • The reference to the Flash cookies has been deleted.
  • There is a new section 9, related to contests and sweepstakes.
  • Section 1, related to «Definitions», now establishes the concept of «Subscriber», a person that a user of MailChimp has contacted through the service.
Acceptable Use Policy from MailChimp- Comparative
  • As was already said, there are two new percentage rates to establish the termination of an account. First, the hard bounce rate must be less than 5%. Second, the spam complaint rate must be less than 0,1%. If a user has rates above those levels, the account will be reviewed and could be suspended, throttled or disabled.
  • Besides, if the platform detects that you are sending bulk mails, you must be able to point out to an opt-in form or show other evidence of consent for the bulk email. That clause was already there before the update, but now there is more emphasis on it.
  • The section related to “Best Practices” has been reduced considerably. Although you can find all that content through blog posts linked there. For example, before the update it said that the permission to send promotional content lasted for 12 months. Now a post from the beginning of 2016 about the same subject reduces that period to 6 months.
  • There are new services, products or content that should not be promoted through MailChimp, such as selling Likes or followers for a social media platform.
  • Now services as Mandrill or Tinyletter are also subject to the Acceptable Use Policy, as well as the rest of the terms and conditions of MailChimp.

And that’s it for today.

Happy mailing!