Privacy Policy Notice – Active Tracker Service Supplement

RPost is a global cloud service provider with patented email security, eSignature, and tracking technologies. Millions of users have enjoyed RPost services for more than a decade in more than 100 countries.

This RPost service related to the information in this document is referred to herein as the Active Tracker™ service (“Service”) but also referred to with other names by RPost partners, sellers, and affiliates (“Service”). When the Active Tracker technology detects unexpected anomalies based on sender preferences or expectations, associated with activities related to an email message, digital transaction, or document (“Content”) that has the Active Tracker technology enabled, the Active Tracker technology may be referred to as Email Eavesdropping™, eSign Eavesdropping™, File Eavesdropping™ or other similar terms. This is a terms statement and disclosure that supplements the RPost Privacy Policy, Service Level Agreement, and End User License Agreement, and other legal terms materials posted at RPost.com/legal, as amended from time to time.

The Active Tracker™ service and underlying technology is patented and has patents pending in the United States and other countries, including patents listed at rpost.com/patents and US Patent US11,665,120B2 among other patents, and patent applications US18/124,419; US18/134,480; WO2023201009 A1; US20220329558 A1, among other applications. For more information on RPost patents and patent applications, please visit rpost.com/patents and contact RPost. Active Tracker™, Email Eavesdropping™ and eSign Eavesdropping™ are trademarks protected under Common Law used in commerce and owned by RPost Communications Limited.

The Service generates data related to Content transmitted and how systems or humans (“Viewers”) may have interacted with Content (“Activity Data”).

The Service collects Activity Data related to Viewers on behalf of original subscribed senders of Content related to the service or their administrators (“Users”). Neither RPost nor any RPost partner, seller, employee, or affiliate (“RPost and its Affiliates”) is responsible for the privacy policies or privacy practices of Users or their third parties with regards to their use of the Activity Data.

The Service adds RPost proprietary technology (“Security Markers”) to Content or internal processing systems that gather Activity Data.

1. If you are a Viewer, a User may or may not receive Activity Data related to your interaction with Content or other data related to the User. While the Activity Data is associated with an original Content or Content ID, an original intended recipient email address, an original transmitted file name or message subject, and/or other metrics, the Activity Data may be reported as related to a specific Viewer, but the data is not necessarily indicative of activity by that Viewer person. The activity may, for example, be related to a cybercriminal that has accessed the message or document, another person who the original Viewer may have forwarded the message to, or a server that is acting on a message or document. For this reason, it is RPost’s believe that the Activity Data does not contain personally identifiable information related to an identifiable person from a HIPAA, CCPA, GDPR or other regulatory perspective, but rather provides data related to activities surrounding an intended initial recipient of the Content, or internal processing systems.
2. RPost stores this Activity Data information on behalf of our Users. If a User uses this Activity Data in a manner separate from the initial intention of the Service, the User is responsible for that tertiary use of the Activity Data. RPost and its Affiliates are not responsible for the privacy practices of its Users, and only processes, retains and/or stores this information in accordance with the applicable agreement it has with each User. If you are a Viewer of a User’s content and would no longer like to be contacted by such User that uses the Service, you will need to contact the User whose content that you interacted with, directly.

1. When you use the Service, RPost automatically records Activity Data. This includes data related to the message or documents originally associated with the original Viewer. The Activity Data may include but may not be limited to a device Internet Protocol (IP) address that had activity related to the original Content along with other information related to that activity such as operating system, browser type, user agent, date and time stamps, and server-to-server or server-to-device Internet metadata. The Service may cross reference this data against other data and generate derivatives of this data.
2. RPost collects this information to deliver the Service and to provide our Users with reporting and analytics relating to their use of the Service. This information is made available to Users via the Service and may be associated with other information about the User and the Viewers. If you are a Viewer who views content you receive from a User via the Service, RPost may automatically collects information about your interaction with such content and the Service.