Data Privacy Framework (DPF) Notice

Last updated on 20 May 2024

1. About

MoEngage complies with the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework (collectively, the “Data Privacy Framework”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union, the United Kingdom and Switzerland, as applicable, to the United States in reliance on the Data Privacy Framework (“Personal Data”). We have certified to the Department of Commerce that we adhere to the Data Privacy Framework Principles (the “Principles”). You can learn more about the Data Privacy Framework program and can view our certification here.

2. Scope

Our compliance with the Data Privacy Framework applies to Personal Data that we process as a Data Controller as described in our Website Privacy Policy and our Employee Privacy Notice,(each as applicable) (“Controller Personal Data”).

Our compliance with the Data Privacy Framework also applies to Personal Data that we process on behalf of our business customers, as a Data Processor in the course of providing our services to them (“Customer Personal Data”). Since MoEngage is a customer engagement platform used by businesses for multichannel marketing, the Customer Personal Data that our customers entrust to us for processing includes information about their own customers, including contact information, device information, and information concerning consumer engagement. MoEngage processes Customer Personal Data to provide our services to our
customers and otherwise carry out their instructions.

3. Disclosures and onward transfers of Personal Data

In order to operate our websites and provide services, we may provide personal, aggregate and other associated data to third parties including our service providers and vendors that provide or perform services for us, including services such as payment processing, database management, and professional services. MoEngage discloses Personal Data only to third parties who reasonably need to know such data for the scope of the services and initial transaction and not for other purposes.

Such third parties must agree to use the personal data only for the purpose for which they have been engaged by MoEngage and confirm that their privacy practices are consistent with this Policy. On occasion, we may also share Personal Data concerning a visitor with our affiliates (such as a subsidiary or affiliate of our company) and Clients in furtherance of our operations and as needed to implement visitor request.

We remain responsible for the Personal Data that we share with third parties for processing on our behalf, and we remain liable under the Principles if such third parties process such Personal Data in a manner inconsistent with the principles if we are responsible for the event giving rise to the damage.

Please be aware that MoEngage may be required to disclose Personal Data in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

4. Inquiries and complaints

If you are in the EU, UK or Switzerland and have an inquiry or complaint regarding our handling of your Personal Data under the Data Privacy Framework, you should first contact MoEngage by email at [email protected].

If MoEngage cannot resolve your complaint, where required by law, we will cooperate with the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office and the Swiss Federal Data Protection and Information Commissioner with regard to your unresolved complaint concerning our handling of your Personal Data.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms here.

5. Enforcement and compelled disclosure

MoEngage is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). In addition, MoEngage may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

6. Exercising your Rights

Individuals have rights in relation to their Personal Data processed by us as a Data Controller. For exercising your data subject right (DSR), kindly submit your data subject rights requests by email to [email protected] mentioning the following information

  • First Name
  • Last Name
  • Email Address
  • Mention the Jurisdiction you are currently located in (European Union (E.U.)/United Kingdom (U.K.)/United States of America (U.S.A)/Singapore/Philippines/Middle East, India, Indonesia, Other Country)
  • Type of Data Subject Request: (Right to Access/Right to Erasure/Right to Object/Right to Restrict Processing/Right to Rectification/Right to Data Portability/Right to Information about Automated Decision making/)
  • Who do you identify yourself as? (customer, Employee, Ex-Employee, Job Candidate)
  • Other comments (if any):We will require the above-mentioned information to authenticate your request.

If we reject your request we will inform you of the legal basis for rejecting your request. For personal data processed by our customer, our customers are responsible for processing requests to exercise individual rights, and we suggest that you direct requests to exercise such rights directly to the relevant MoEngage customer. Alternatively, if you provide the name of the relevant MoEngage customer, we will transfer your request to that particular customer. If you wish to prevent such processing, please accept only “Strictly necessary cookies” in the cookie banner.

If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us at [email protected].

7. Audit and Accountability

The Data Privacy team is responsible for auditing how well business departments implement this Policy.

Any employee who violates this Policy will be subject to disciplinary action and the employee may also be subject to civil or criminal liabilities if his or her conduct violates laws or regulations.

8. Legal Notice

MoEngage may need to disclose personal information to legal authorities for compliance, fraud investigation, statutory purposes or for other legal activities as per the local laws and government request.

9. MoEngage Contact Details

We provide easily accessible information via our Platform or on request. If You have any questions or requests related to this Policy or Your Personal Information, please contact us at the following contact details –

Please contact us at [email protected] if you have any questions about our Privacy Policy.

MoEngage Inc

315 Montgomery Street, 10th floor,
San Francisco, 94104,
USA

MoEngage India

1st Floor, #32, Salarpuria Tower II,
Chikku Lakshmaiah Layout,
Luskar Hosur Road,
Koramangala,
Bangalore – 560034,
India

Data Protection Officer (DPO)/Grievance Officer

In accordance with Information Technology Act 2000 and rules made there under, the name and contact details of the Grievance Officer are published herewith.

Data Protection Officer (DPO)/ Grievance Officer: Yashwanth Kumar
Email: [email protected] / [email protected]

10. Changes to this Notice

This Notice may be amended or modified from time to time consistent with the Data Privacy Framework. If there is any conflict between the terms in this Notice and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern.

MoEngage is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). In addition, MoEngage may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.