This privacy statement aims to provide clear, accessible. and easy-to-understand information to all website visitors, leads, customers, and the recipients of our communication services.
As an omnichannel communications platform, MessageBird and its Affiliates (24sessions, Pusher, SparkPost, and Telvox) (together “we”, “us”, “our”, or “MessageBird”) provide a wide range of solutions to improve the communications experience for developers, businesses, and your intended audience. We process personal data in order to deliver these services, operate our websites, and to conduct our day-to-day business. In this privacy statement, the terms “you”, “your”, or “Customer” refer to you. “Affiliate” means any entity that directly or indirectly controls, or is controlled by, or is under common control with the party specified. For purposes of this definition, “control” means direct or indirect ownership of more than fifty percent (50%) of the voting interests of the subject entity or the power to direct the management and policies of the subject entity.
The information contained in this statement relates to the practices and services as provided by the brands 24sessions, MessageBird, Pusher, Sparkpost, and Telvox.
This privacy statement applies to all products and services as provided by MessageBird (including through any of its Affiliates) and contains information about what personal data we collect, why we collect it, and how we process it, so that you can make an informed decision before making use of our platform, website, and communications services. This privacy statement applies regardless of your or any end user's geographical location and covers all of our websites, (sub)domains, mobile applications, desktop clients, as well as the services we provide.
Personal data refers to information that would allow any natural person to be directly or indirectly identified. Your use of our website or services may involve personal data relating to three categories of individuals:
Data privacy and protection of your personal data (including personal data relating to your End Users) is one of MessageBird’s core principles. Our privacy statement is intended to give you a detailed understanding of our data processing practices. It is important to us that we are transparent, and you feel informed and empowered when it comes to the privacy of your and your End Users’ personal data, and the steps we take to protect that personal data.
If you or any of your End Users are located in Singapore, references in this privacy statement to terms such as "data subject", "data controller", and "data processor" should be taken to refer to the equivalent terms of "individual", "organization", and "data intermediary" under the Personal Data Protection Act of 2012 (“PDPA”).
If you or any of your End Users reside in California, references in this privacy statement to terms such as “personal data”, "data subject", "data controller", and "data processor" should be taken to refer to the equivalent terms of “personal information”, "consumer", "business", and "service provider" under the California Consumer Privacy Act of 2018 (“CCPA”). MessageBird does not sell, rent, or otherwise disclose personal data or the personal data of End Users for money or anything else of value.
MessageBird applies the same data protection standards to all individuals regardless of nationality, geographic location, or data source. Personal information is only used when necessary to achieve a purpose, the persons whose data it concerns are properly informed, and there are legal grounds to do so. All activities involving personal data will be checked against the EU’s GDPR or other applicable laws.
We will only process personal data to the extent necessary to fulfill the specific purpose(s) for which you have submitted personal data. When you sign up to our services through our website, we request you to provide contact information details such as your name and email address. We subsequently use that information to create your account, facilitate your use of the services, billing purposes, and to provide you with relevant information about our services. Some basic examples of actions that result in us processing your personal data are (a) when you sign up to our newsletter, (b) you sign up for the services via our website and accept the General Terms and Conditions (the “Terms”), or (c) sign up for the services through an order form. To the extent permitted or required by applicable law, you will be given the opportunity to explicitly agree to the collection, use, disclosure, and sharing of the personal data you’ve provided. We do not use your personal data for any other purposes than those agreed to by you or as permitted by the Terms and this privacy statement.
When you share personal data with us, we commit to handle that information in accordance with the applicable data protection and e-privacy regulations, including the General Data Protection Regulation (“GDPR”). Due to the nature of the services we do not interact with End Users directly. You are responsible for ensuring that you have all applicable rights and consents to share any End User personal data with us and that the personal data is accurate and complete.
1.1 Roles and responsibilities. When it comes to processing personal data, there are several different roles and responsibilities that come into play. This privacy statement provides an explanation of the relevant roles, the corresponding responsibilities of each role, and the systems of governance that play an integral part in protecting your personal data.The data controller determines the purpose (why) and means (how) of personal data processing and remains ultimately responsible for the correct handling of the data subject’s personal data. In practice, the data controller is often the company that an individual (or data subject) provides their personal data to directly.
The data processor is a company that provides services to the data controller, and receives personal data from or on behalf of the data controller in order to perform those services. To give an example, when one of our customers sends a marketing campaign through our communications platform, we receive personal data from the customer, such as a phone number or email address of the intended recipient, in order to provide the service. In this example MessageBird acts as the data processor of the customer, who in turn is acting as the data controller of the phone number or email address entrusted to it by the individual to which this personal data belongs. The data processor only processes personal data according to the instructions of the data controller. These instructions are typically laid down in a data processing agreement between the controller and the processor.
Depending on your relationship with us, we can be either data controller or data processor, or in certain circumstances we can be both. If you have any questions about these practices or more general inquiries about how we handle personal data, you can contact us at privacy[at]messagebird.com.
Personal data is collected for specific purposes, including the prevention of spam and fraud, the fulfillment of legal requirements, communication, marketing, sales activities, and ancillary services. Personal information will never be collected, used, or retained without purpose. We do not sell your or your end-users personal data.
We have a few key priorities when it comes to protecting your personal data. Not only do we prioritize keeping your personal data safe and secure, we are also highly focused on protecting your privacy rights and freedoms as an individual.
2.1 Legal bases. All personal data we process is lawfully obtained and will only be processed to the extent we have a legal basis to do so. The legal bases we rely upon for processing of personal data are: (a) consent, (b) performance of a contract, (c) compliance with a legal obligation, and (d) legitimate interest. The specific legal basis which permits us to process your personal data may differ when you receive our services from an entity located outside the European Economic Area (“EEA”) and as a result the services and our processing obligations may be subject to non-EU data protection requirements.
As indicated above, we process personal data on a limited set of legal bases:
2.2 Purposes. The purposes for which we process your personal information depend on your relationship with us. For starters, you will be required to submit personal data related to you and the business you work for when creating an account. In addition, we may also require personal data in order to enable you and your End User’s (as applicable) to make use of our services. In other circumstances, we may process your personal data to conduct and expand our day-to-day business, such as for analytical improvements to the service, support, sales, marketing, and legitimate business purposes. Personal data can also help us improve the quality of our services and to develop new functionalities to fit the needs of our customers, such as product and experience personalization. In our Data Processing Agreement (DPA) we refer to these purposes combined as ‘legitimate business purposes’.
We only request personal data that is necessary to fulfill the specified purposes listed below as applicable to you; provided, however, if the nature of our relationship with you changes, we may need you to provide additional information. For example, if you fill out a form to request more information about one of our products, we will use your contact information to send the requested product information to you. If you then decide to become a customer, you will need additional information including your billing address for the purpose of account creation and providing you with the services.
The following is a list of purposes for which we may use your personal data. The specific purpose applicable to our processing of your personal data depends on the nature and extent of your relationship with us.
We only request and retain personal data when strictly necessary. The data that we request will be relevant to our relationship and your purpose. For example, we require an email address to be able to send you marketing emails, but we do not need your gender or payment information.
The exact type of data we collect depends on the relationship we have with you and the product or service you use. Applying your cookie management settings on our website, signing up for a newsletter, downloading marketing materials, requesting to be contacted by our Sales team, creating an account, or using any of our products and services, are all examples of actions you take that require you to share certain personal data with us that is specific to that particular interaction.
3.1 Personal data directly collected from you. The categories of personal data we collect from you include personal identifiers, employment or professional information, financial information, commercial information, information related to internet activities, and location related information.
We only request and retain personal data when strictly necessary. The data that we request will be relevant to our relationship and your purpose. For example, we require an email address to be able to send you marketing emails, but we do not need your gender or payment information.
3.2 Personal data collected from other sources. We may use personal data we obtain from sources other than you (“Third Party Data”). Third Party Data may be combined with personal data that you provide to us. Third Party Data may include, but is not limited to, (a) personal identifiers, and (b) employment or professional information, such as company name, company description and website, company (estimated) revenue and employee range, company industry, employment role and title, seniority, full name, and phone number. Most of the information we collect about you from other sources is business related but even in a business relationship certain information might be considered personal data and process that information accordingly. This information is used to develop our business by updating, expanding, and analyzing our customer relationship records.
Third Party Data is collected from the following sources:
If you no longer want to be contacted by our sales and marketing teams, you can always unsubscribe from an email campaign by contacting your account manager or our Support team via support[at]messagebird.com.
Subject to any exceptions noted in this privacy statement or in the Terms, you will always have a choice when it comes to the types and extent of the personal data you share with us. When we ask you to provide personal data to us, you can decline. However, many of our products and services require personal data so your choice not to provide personal data in certain instances can prevent you from using a certain product, service, or functionality.
Phone number, traffic data*, location related data**, communication content
Phone number, traffic data*, location related data**, communication content recordings (optional)
Identification and contact data (name, email address, and other demographic and segment data provided by you); IT information (IP addresses, usage data, cookies data, online navigation data, location data, browser data); communication content.
(Local Numbers, Short Codes, Programmable Numbers API)
None. Please take the additional service into account that is used in combination with the Numbers service, such as Voice or SMS, to get the correct understanding of personal data involved, as applicable to you.
Customer agent data, service/channel specific data
Email address, phone number, or channel ID contained in Flow Builder invocations created by the customer, service/channel specific data
Video Engagement Platform
Email address, phone number, channel identification, prefered channel of communication, IP address, traffic data*
(WhatsApp for Business, Google Business Messages, Facebook Messenger, Instagram, Line, Twitter, Viber, WeChat)
Phone number or channel identification, traffic data*, communication content
(Pusher RTC Channels Service and Pusher Beams Service)
IP address, traffic data*, communication content
Name, email address, job title, IP address
* Traffic data is data that is processed for the purpose of transmitting communications, such as routing data, and data about the date, time, and duration of the communication.
** Location related data is data with which the geographical position of the carrier or the communication equipment can be determined on the basis of the supplier used.
Personal data is only shared with third parties when necessary or when legally required. Data can be shared with government authorities and affiliated businesses, including communications and technology service providers. Third parties must meet strict privacy and security practices.
We do share personal data with third parties but only in limited instances. Regardless of whether we fulfill the role of data controller or data processor, when we share personal data with third parties we always make sure that the third parties we share any personal data with adhere to similar data protection and security standards as outlined in this privacy statement. There are five categories of third parties with which we may share personal data:
4.1 (Tele)Communications Services Providers. To provide you with certain products and services, we engage with telecom operators, aggregators, carriers, and other communications service providers for routing and connectivity purposes. In order to make sure the message you sent will reach the intended recipient regardless of their physical location, we use a global network of telecom providers. When it comes to the contents of electronic communications transmitted by communication providers, these operators, aggregators, and service providers are neither data controllers nor data processors because they act as mere conduits for the transmission of communication content. If communications services providers process any personal data for their own purposes (e.g. fraud prevention, billing, filtering, or legally required data retention activities) they act as data controllers.
4.2 Third party service and technology providers. We share personal data with third party service providers, like analytics, data science, and fraud prevention service providers, as well as our cloud hosting providers. We never share information with a third party without vetting them in advance and having the required contractual, technical, and organizational safeguards in place. An overview of third party service providers can be found via the section ‘Approved Processors’ of this privacy statement.
We do not sell any information to third parties for advertising or marketing purposes. We use direct marketing technologies like Google Adwords, LinkedIn, and Facebook for our own internal business purposes. To find out more about how to manage your advertising preferences, please check out your cookie management settings, or visit the advertising settings in your web browser.
4.3 Payment Service Providers (PSPs). When you pay for our products and services, PSPs provide you with two ancillary services in addition to the basic provision of payment services: (a) Saved Payment Methods and (b) Auto Recharge. Stripe, Mollie, and Adyen are the PSPs that collect, process, and store all of your payment requests and do so as data controllers in their own right.
For both of these ancillary payment functionalities you can withdraw your consent at any time on the customer finance settings page, here.
4.4 MessageBird Affiliates. In order to do business with our global offices, we might need to share personal data between all of the companies in the MessageBird group. Both MessageBird B.V. and all of our Affiliates will only ever use the data as described in this privacy statement, the Terms, the DPA, and only to the extent permitted under applicable law.
4.5 Government Disclosure Requests. We will not share your information with third parties outside of those third parties outlined in this privacy statement or without your permission, except when we’re legally required to do so and in accordance with our Disclosure Requests Policy. As company policy, we will provide you with a notice in case a governmental authority requests information from us about you or your customers, unless this is explicitly forbidden by law. If authorities do not want us to notify our customers, we require them to explicitly reference the legal grounds that would prevent us from doing so in the disclosure request. We also push back any disclosure request to the extent we have a reasonable legal basis to do so. The Disclosure Request Policy addresses circumstances in which we are legally obligated to respond to official government requests for disclosure of information and requirements we have set for government requests to be processed in accordance with our policy.
Sometimes, we need to transfer personal data to business partners located outside of the European Union. We have robust privacy procedures in place that we deploy as required to protect the privacy of individuals both inside and outside the EU.
As a global cloud based service provider, the use of our services often involves the transfer of personal data to recipients and third parties both inside and outside the European Economic Area (“EEA”). We take care to ensure our partners regardless of location have sufficient safeguards in place to properly process and protect your personal data in line with our own data protection and information security standards.
One of the important steps we take when it comes to international data transfers involving third parties is due diligence and vetting. As part of the third party vetting process, we ensure that personal data will only be transferred to a third party located outside the EEA with the required cross-border transfer mechanism and safeguards in place. This means that when we engage a third party that is located outside of the EEA, we agree on the appropriate level of data protection, including additional contractual, technical, and organizational measures and the execution of a transfer impact assessment where necessary, to ensure the ongoing protection of the rights and freedoms of all individuals, inside and outside the EU. We consistently monitor changes to the international transfer mechanisms permitted under applicable privacy laws to ensure ongoing compliance with the international data protection standards.
Proper security measures are required for effective data protection. Our measures have been created with the highest standards of confidentiality in mind. We hold several information security certifications, including ISO27001 and SOC II.
Data security is paramount to MessageBird. We invest in state-of-the-art technology and thorough security screenings of our infrastructure and employees to minimize security risks. Additionally, depending on the platform, services, and products you are using, we hold multiple globally recognised information security standards for Information Security Management Systems, like ISO/IEC 27001:2013, SOC 2 Type II, and NEN7510 certifications just to name a few.. All of our hosting providers are ISO/IEC 27001:2013 and SOC 2 Type II compliant as well.
Since all our accounts to access our platform services are password protected (with optional two-factor authentication), you should be the only person with access to your account. You are responsible for safeguarding the credentials to your account. If your login information is stolen or used without your permission, it is imperative that you notify us immediately so we can take steps to secure your account. You can notify us of any unauthorized use of your account by sending an email to security[at]messagebird.com with the subject 'Urgent: account credentials'.
If you want to know more about the measures we take to keep your data secure, please review our Security web page and Security Overview. These documents contain information about the industry standard, administrative, technical, physical, and organizational safeguards designed to prevent unauthorized access and use of your personal data.
The length of time that we retain personal data for is determined by a combination of legal requirements, instructions from customers, and the duration of time necessary to achieve the purposes for which the information was collected.
The duration for which we are allowed to retain personal data depends on the nature and the purposes for which the personal data is processed. We retain personal data only to fulfill contractual or legal obligations applicable to us or the specific Affiliate you contract with (as outlined in the Terms). The applicable legal retention requirements for personal data retention may vary depending on the geographical location of us or the Affiliate you are contracting with, or where the communications services are being terminated.
7.1 SMS and Voice. Personal data related to the use of SMS and Voice, services have a default retention period of six (6) months. The retention of personal data related to those services are necessary (a) to fulfill our legal obligations to ensure the integrity and security of our services, and actively prevent misuse of telecommunications services, (b) for the transmission of information over the services, and (c) to ensure we are able to fulfill our legal obligations to assist formal governmental authorities. For more information on disclosure requests please review our Disclosure Request Policy. In other jurisdictions, retention obligations for telecommunication service providers can be for an extended period of time and may be up to two years.
7.2 Omnichannel communication services. For all other communications services, features, and products we retain personal data for the duration of our contract with you or our provision of the services to you, or where possible for a different period as agreed upon with you as the customer. In addition, we provide certain ancillary services which include, but are not limited to, the ability to maintain an online address book ‘Contacts’ for your convenience, and insights into account specific communication usage and transmission history for the duration of our contract with you or our provision of the services to you. You acknowledge and agree that any end-user/communication recipient personal data, such as phone numbers, email addresses, etc, are controlled by you and any data protection rights exercised by your End Users must be actioned by you. It is your responsibility as a data controller or acting on behalf of a data controller to ensure compliance with your obligations towards End Users whose personal data you control.
7.3 Marketing and sales. We keep personal data for marketing and sales purposes up to twelve (12) months, or, if you are an existing customer, for the duration of the services, unless you have withdrawn your consent or unsubscribed from receiving marketing information.
7.4 Compliance with corporate and financial legal obligations. We are under an obligation to demonstrate compliance with applicable national and EU financial and tax laws and regulations. To do so, we retain Customer Account Data such as name, email address, (company) address, (company) bank details, invoices, and position within the company for a period up to ten (10) years.
Proof that consent has been given or has been withdrawn for the processing of personal data, where applicable, will be retained for five (5) years.
Please note that we are not always in a position to fulfill a personal data erasure request if the request conflicts with one of our legal retention obligations. Since we are required to demonstrate that legitimate exercise of rights requests have been fulfilled, we retain confirmation emails relating to these requests for five (5) years.
After a retention period expires, we may keep personal data in a non-identifiable form for archival, statistical, and/or other legitimate business purposes. None of the data will be able to identify an individual directly or indirectly.
We have measures in place to allow you to exercise your data protection rights, including having your data erased. In some situations, our statutory legal obligations may prevent us from fulfilling data privacy requests.
Even though we collect your personal data for the various purposes outlined in this privacy statement, your personal data stays your own. You are in control of your personal data, as well as the personal data of End Users (if applicable). Unless we are under a legal obligation, your data protection rights and freedoms are controlled by you. You can change your cookie management settings as a website visitor, withdraw consent to our processing of your data if applicable, control and review your personal data, object to the processing of personal data when this is done on the legal basis of legitimate interest, or obtain restriction of the processing of data if necessary in accordance with applicable data protection laws.
8.1 Exercising your data protection rights: control your personal data.
Customer of MessageBird or SparkPost. If you have an account for any of our products or services at Messagebird.com or Sparkpost.com you can view, amend, delete, and transfer the personal data you control (including the personal data of your End Users). If you want to exercise control over your or your End Users’ personal data, you can do so via the privacy dashboard on your online account. We provide all of our customers with reasonable assistance to fulfill their obligations as a data controller towards the recipients of the communications you have sent over our platform. In order to verify your identity, or the validity of a request you make on behalf of the end-user whose data you control, we have made technical and organizational measures available that allow you to fulfill these obligations via your online account. For the avoidance of doubt, you as a customer acting as a data controller are responsible for processing any requests or complaints on behalf of your End Users whose personal data you control.
Customers of 24sessions, Pusher, or Telvox, and all other individuals. If you do not have an account for any of our products or services, and therefore do not have access to the privacy dashboard you can exercise your personal data rights by sending a request to privacy[at]messagebird.com or via written request addressed to our headquarters in Amsterdam.
8.2 Withdraw consent to our processing of your personal data. If you have provided us with your personal data on a consent basis and you no longer want us to use that personal data for any reason then you are always free to change your mind and revoke consent. If you make a legitimate withdrawal of consent request to us, we will always comply with your request, unless we're legally required to keep your personal data (such as to demonstrate that we have acted upon a withdrawal of consent request).
8.3 Object to and restrict the processing of data. If we are processing your personal data using a legitimate interest basis, you have the ability to object to this processing and can exercise your right to restrict this processing. If you exercise your right to restrict personal data we process on a legitimate interest basis, we will assess each request on a case-by-case basis according to the rules set out by applicable data protection laws. If we reject your request we will demonstrate that we have compelling grounds to do so or that there’s a legal claim which allows us to retain personal data. If you do not agree with how we’ve handled your request, you can file a complaint with the Data Protection Supervisory Authority of The Netherlands, the authority related to the European member state you live or work in, or the country in which the suspected infringement of your right to restrict personal data has taken place.
8.4 Processing time of data subject requests. Under normal circumstances, we will process your request as soon as possible but no later than within one (1) month of receiving the request. If a request is complicated or we receive too many requests during a given time period, our response time may be extended up to two (2) months from the date the request was received. We will inform you if you should expect a two (2) month response time. When you choose to delete your personal data, we may hold onto fully anonymised and aggregated data. If we do so, this anonymised and aggregated data will not be able to identify you as a person in any way. If we’re required to retain your information for legal reasons, we will let you know when we respond to your request.
Specifically for California based individuals, consumers shall not be discriminated because of the exercise of their rights under the CCPA.
When you use one of our websites we will ask you to confirm your cookie preferences. Depending on your choice, this allows us to place cookies or similar technologies on your device. A cookie is a small text file saved on your device that collects information about your interactions on our web pages.
When you use our website, we place small data files, called cookies, or similar technologies on your browser. A cookie is a small text file saved on your computer or mobile device when you visit a website.
Cookies are divided into three categories: mandatory cookies that do not involve personal data and are strictly necessary for the operation of our web pages, opt-out cookies that do not involve personal data and are helpful for our analytics, and opt-in cookies which do involve the processing of personal data and we use for marketing and advertising purposes.
9.1 Types of cookie categories. Our websites primarily use four types of cookies; strictly necessary, performance, functional, and marketing cookies. These include first and third party cookies: first party cookies are set and controlled by us, while third party cookies are set and controlled by a third party tool or service provider. The duration for which a cookie is set varies. Session cookies disappear from your computer or browser when you logout of your account or close your browser, while persistent cookies are stored even after you have closed the page. The retention periods for cookies are specified below. With the exception of strictly necessary cookies, cookies will only be placed on your device and/or browser after you confirm or update your preferences through the cookie management settings.
If you decide to not allow opt-in performance and functional cookies on a site, the site may not function fully as designed. For example, you may face issues logging in or retaining set preferences, such as the preferred language the website displays.
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
IP Addresses: when you visit our website or account portal or use our products and services, we process your IP address. We use IP addresses to track and analyze information about the devices that interact with our systems and to know where these devices are located. For example, for the purpose of detecting the location of customer account logins to help us combat potential fraud or malicious activity.
Web Beacons: a web beacon is an object placed in a web page or email we use to check whether a user has accessed its content. We use web beacons along with cookies to gather data about your use of our site and account portal. For example, we may use web beacons in marketing emails that notify us when you open an email or click on a link.
9.2 Change your cookie settings. When you visit one of our websites for the first time, you can either allow us to place all the cookies we use on your browser, decide to accept specific cookies, or deny all cookies that are not strictly necessary. You can always change your preferences either in your browser settings or in the cookie settings on our website. Within our cookie management settings, we outline each cookie type in use on our site and provide an explanation of the implications of accepting each cookie type.
9.3 Manage cookies from your browser. Find out more on how to update, activate, deactivate, or remove cookies using your browser by visiting the links below:
Our services and products are not directed to or intended for children under the age of 18. We never knowingly collect and/or process any personal data from children below the age of 18. If we discover that we have received personal data from a child without parental or legal consent, we will take reasonable steps to delete that information as quickly as possible. If you believe we have any information from or about a child, please contact us at privacy[at]messagebird.com with the subject: ‘Children’.
Our online services and communications may embed hyperlinks to websites that are not owned or controlled by us. We are not responsible for the privacy practices, policies, notices, or content that are not owned or controlled by us. We encourage you to read and understand the privacy practices, policies, notices, and content of any linked sites that you visit.
This privacy statement is subject to change. We reserve the right to change, update, modify, or remove any part of this privacy statement at any time. If any modifications substantially affect your rights under this privacy statement, we will notify you where possible. You can always decide to discontinue your use of our services if you disagree with any updates we may make to this privacy statement.
If you have any dispute with us relating to our privacy practices, please contact our legal team at privacy[at]messagebird.com with the subject: ‘Dispute’. If we are unable to reach an understanding via email, please refer to the Terms, which describes how disputes will be resolved between us. Please be sure to review the Terms before you use any of our products and services.
An overview of the third-parties used for the processing of personal data can be found here. In addition, the Help Center page contains a ‘subscribe’ button that allows you to subscribe to notifications of changes to our use of third-party (sub)processors.
If you have any questions left regarding the processing of personal data after reading this privacy statement, or when you have feedback or suggestions to make this privacy statement better, please do not hesitate to contact us.
If you’re not satisfied with our reply, you may refer your complaint to the relevant regulator in your jurisdiction.
If you’re not satisfied with our reply, you may refer your complaint to the relevant regulatorYou can reach our Data Protection Officer at privacy[at]messagebird.com or at our HQ address:
attn. Legal Department (Data Protection)
Trompenburgstraat 2C1079 TX Amsterdam
Do you live in the USA, Singapore, Germany, China, Colombia, Australia or in the UK? Check out our local addresses if you prefer old-fashioned mail.