starWe've been acquired by Terminus! Click here to read all about it!

Sigstr is a software platform that unlocks the potential of employee email. We turn employee email into an owned marketing channel and a source for relationship intelligence.

We are committed to being transparent with our customers regarding the data we collect from you and how it is used and shared. By using the services provided by Sigstr (“the Service”) you accept and agree to our use of your data under this Privacy Policy.

This Privacy Policy applies to any of the services of Sigstr, Inc. (Sigstr) and other Sigstr-related sites, apps, communications and services (“Services”). Sigstr has multiple product offerings that this Privacy Policy applies to, and may add new applications over time.

Sigstr’s Applications:

  • Email Signature Marketing - a marketing platform that offers branded signatures and targeted/dynamic campaign banners.

  • Sigstr Relationships - a relationship intelligence platform that provides insight into B2B company relationships.

Data Controllers & Processors

Under GDPR, data controllers are responsible for the management of data, while data processors are responsible for data security and processing data on behalf of the controllers. Depending on the Services purchased, Sigstr may act as a data processor or co-controller of data (more detail listed in sections 4 and 5 below). At Sigstr, we have chosen to to adopt GDPR as a global standard for our Services, as we do not track whether someone is an EU citizen or not.


By using our Services, you agree to the terms of this Privacy Policy and to any applicable terms of service. We provide you choices that allow you to opt-out or control how your data is used.

1. Information We Collect

Sigstr collects Employee Data, which contains Personal Information. This is done (voluntarily) to help build personalized email signatures and to map out relationship networks and insights. This section outlines the data that we collect and what we use it for.

1.1 Personal Information

Personal Information refers to any information that you voluntarily submit to us and that identifies you personally, including contact information, such as your name, e-mail address, address, phone number, and other information about yourself.

At the time of collection, we will clearly identify the information being collected and the purposes for which it will be used. For example, to create an account you provide data including your name, email address and/or mobile number, and a password. It is always your choice whether or not to provide Personal Information. Your choice not to provide certain other Personal Information may mean that you will not be able to use certain features of the Services.

1.2 Company & Employee Data

In order to build personalized email signatures and relationship scores between accounts and contacts, some employee data is required. The amount of employee data depends on what you voluntarily provide to Sigstr, and the features being utilized. Customers typically provide email address, name, and title, but may provide more data depending on the desired signature, or features being utilized.

Please note that because users agree to provide us with Contact Information voluntarily, such information does not constitute “harvested” emails under the CAN-SPAM Act of 2003.

1.3 Collection, Storage, and Use of Email Messages - Sigstr Relationships

If you take advantage of Sigstr’s Relationship Intelligence features, we analyze and store metadata about your company email and calendar events in order to build your company’s relationship network.

Sigstr stores the email and calendar metadata (to, from, header, and timestamp) in order to build your corporate relationship graph and to personalize/enhance the overall experience. Sigstr does not store the email body, subject line or attachments at rest. The service inspects the email body in memory only for the purpose of removing spam and automated messages that clutter up the data.

1.4 Contact & Company Data Enhancement

Sigstr has optional features that help track who views and engages with Sigstr campaign banners. This recipient tracking is used to understand who is engaging with your email content. Sigstr also has optional integrations with various marketing platforms, which send engagement data back to the marketing platform to help track conversions.

For customers who elect advanced functionality, Sigstr stores recipient email addresses that Sigstr CTAs (Calls to Action) are sent to. This is done so that Sigstr can provide richer analytics and identify individuals who are engaging with specific CTAs.

When building out B2B relationship scores and contact information of individuals you email, we may receive supplemental information about users and data subjects from other sources, including publicly available databases, and third parties from whom we have purchased data. This helps us to update, expand, and provide further value when using the platform to target prospective and current customers.

Examples of the types of Personal Information that may be obtained from public sources or purchased from third parties and combined with information we already have about you may include business contact information such as your business email address, phone number, and job title.

1.5 Cookies

A cookie is a small amount of data which often includes an anonymous unique identifier that is sent to your browser from a web site’s computers and is stored on your computer’s hard drive. Sigstr may use cookies to uniquely identify your browser and user preferences while logged in, and if you click “remember me” at login, Sigstr will use cookies to populate your credentials. We use non-permanent cookies that last for up to two weeks, after which you will be required to log in to the Service again.

Sigstr also uses pixel tags (also called web beacons) which are small blocks of code placed on websites and emails. Sigstr uses cookies and other technologies like pixel tags to help us identify and track visitors, usage, and access preferences for our Services, as well as track and understand email campaign effectiveness and to deliver targeted ads.

Sigstr uses cookies to analyze trends and usage of various features while using the app. This helps Sigstr to optimize the app and make the user experience better. You can control cookies through your browser settings and other tools.

2. How We Use Your Data

How we use your personal/employee data will depend on which features you use. We use the data for the following:

  • Build branded, personalized email signatures

  • Create Account Based Marketing campaigns (ABM functionality using recipient email lists)

  • Provide campaign analytics (views, clicks, etc)

  • For billing and accounting services

  • Build and maintain your network of contacts

  • Build Account and Contact relationship scores

  • To present products and offers, which we believe would enhance your use of our Services (you can unsubscribe to these types of communications at any time).

  • User login and management

  • To measure, gauge, and improve the effectiveness of our advertising

  • Help communicate with the Sigstr support team

3. Information Ownership and Disclosures

3.1 Legal Disclosures

It is possible that we will need to disclose information about you when required by law, subpoena, or to assist government enforcement agencies: (1) enforce our agreements with you, (2) investigate and defend ourselves against any third-party claims or allegations. We attempt to notify you about legal demands for your personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.

3.2 Ownership Of Information

In your use of the Service, you may upload data, images, graphics, photos, links, and text (“Content”) to the Service. Although Sigstr owns the code, databases, and all rights to the Sigstr application, you retain all rights to your Content.

Company/Customer Owns:

  • Click and display data for signature and employee email marketing banners

  • Account and Contact Relationship Intelligence data

  • Corporate/Employee Email & Calendar Data

  • Campaign targeting rules and banner images

  • Employee Data (email signatures and organizational groups)

  • Recipient, Account, Contact lists (for targeting banners or performing Relationship Intelligence analysis)

Sigstr Owns:

There are certain data sources that when aggregated and anonymized across the Sigstr customer base, it creates value for all customers who use the platform. For example, when someone changes jobs, and your company has a relationship with that person, we can tell you when that job change happens. We maintain this data in order to make our product more valuable to our customers.

  • Contact and Company Record metadata sourced from public sources and Sigstr proprietary processing used to enrich list creation, filtering, and performance analysis.

  • Aggregate Anonymized Data (such as average click through rate across all Sigstr customers)

Individual & Data Subjects Own:

  • Personal Information - name, personal email, etc.

What if your contract ends and you no longer use the Sigstr services?

Sigstr is able to remove your company’s information upon request or termination of a previously specified agreement.

What happens if an Employee Leaves?

If an employee leaves the company, the email data is retained and owned by the company. Individuals retain the right to have their personal information removed, if requested.

4. Your Choices & Obligations

4.1 Data Retention

We retain the personal data you provide while your account is in existence or as needed to provide you Services. We will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Clients. Sigstr will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Data can be removed upon request of a customer at the end of a predetermined agreement.

Sigstr provides tools around data retention that allow customers to set configurable data retention policies within the Services that will clear out data after the specified timeframe. Upon completion of a predetermined agreement, company data will be removed.

4.2 Rights to Access and Control Your Personal Data

Sigstr admins have the ability to download and export all data in the application. This includes employee data, recipient data (if applicable), and campaign engagement details. Personal data of employees can be modified by Sigstr admins or by specified employees, when given permission by the Sigstr admin.

Users (and data subjects) have the ability to request an export and/or delete of their Personal Information in the Sigstr app as well, in accordance with Article 17 of GDPR. You can also inquire about Personal Information that Sigstr has about you by emailing You may be asked additional information to confirm your identity prior to disclosing any PII.

4.3 Sharing Information

We do not sell your personal information. We can share data in the following limited circumstances, with appropriate permissions and safeguards that focus on your privacy.

  • Aggregated or de-identified information - This is information that cannot be tied back to an individual for the purpose of aggregate statistics.

  • Third party vendors (voluntary) - Sigstr customers can provide data to specific third party entities. For example, customers can share campaign engagement data with 3rd party companies for improved ad targeting on other platforms.

  • Legal Requests - We may disclose information about your company in response to a subpoena, court order, or other governmental request. Data subjects will be notified if their personal information is disclosed as a part of a legal request, to the extent legally permitted by law.

Sigstr is potentially liable under the EU-U.S. and Swiss-U.S. Privacy Shield Principles in cases of onward transfer of data about EU and Swiss individuals to a third party acting on behalf of Sigstr as its agent if the third party engages in a manner inconsistent with the Privacy Shield Principles and Sigstr is responsible for the event giving rise to damages.

Sigstr shall ensure that any third party to which we disclose personal information provides the same level of privacy protection as is required by the Privacy Shield Principles and agrees in writing to provide an adequate level of privacy protection. Prior to disclosing personal information to a third party that is not acting as Sigstr’s agent, we will notify you of such disclosure and provide you with the choice to opt-out of the disclosure.

5. GDPR Information

With the enforcement of GDPR on May 25, 2018, Sigstr is committed to helping its customers be GDPR compliant. Depending on the Services you use, Sigstr may be a co-controller or data processor. Sigstr provides GDPR features to help in both scenarios for data access, portability and data retention (as stated in sections 4.1 and 4.2 above).

Sigstr also has a Data Processing Addendum (DPA) that can be added to the Master Services Agreement (MSA).

6. Privacy Shield Compliance

Sigstr complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Frameworks, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Sigstr has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit

Sigstr is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

6.1 Right to complain

In compliance with the Privacy Shield Principles, Sigstr commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Sigstr at:

Sigstr, Inc.

20 N Meridian St, Floor 4

Indianapolis, IN 46204

Sigstr has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU and Switzerland in the context of the employment relationship.

Sigstr uses the BBB EU PRIVACY SHIELD, an independent dispute resolution mechanism, for unresolved complaints. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

7. Other Important Information

7.1 Data Storage and Security

While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so, such as monitoring our Services for potential vulnerabilities and attacks.

Sigstr uses secure third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, credit card processing, and related technology required to run the Service. Compliance and various certifications of our hosting partners can be provided upon request. Credit Card Processing is managed by Cheddar. For more information on their servers and security, please visit

Sigstr’s databases are located in the United States in multiple regions. Sigstr’s third party cloud provider is Privacy Shield Certified and SOC 2 Compliant (among other certifications).

7.2 Disclosure

Sigstr may disclose Personal Information under special circumstances, such as to comply with subpoenas when a user’s actions may violate the Terms of Service. Data subjects will be notified if their personal information is disclosed as a part of a legal request, to the extent legally permitted by law.

7.3 Changes to this Privacy Policy

Sigstr reserves the right to update this policy at any time without prior notice. You will be notified of changes or updates when you access your account. Your continued use of our Services after we publish or send a notice about our changes to this Privacy Policy means that you are consenting to the updated Privacy Policy. Any new features or tools which are added to the current Service shall also be subject to the Privacy Policy. You can review the most current version of the Privacy Policy at any time at:

If you have any questions regarding this Privacy Policy, please contact us through email at

Version Description Writer Approved by: Approved on:
Version 1 Initial document creation Sam Smith Dan Hanrahan (President/Founder) 11/3/14
Version 2 Added language around GDPR, data processing, and data retention. Brent Mackay & Amber Jedamzik Robert Harris (VP of Product/Engineering) 5/16/18
Version 3 Added details around Sigstr Pulse and more detail on data collection and cookies Brent Mackay & Amber Jedamzik Robert Harris (VP of Product/Engineering) 8/1/18
Version 4 Added Privacy Shield Certification information, changed the name of Sigstr Pulse to Sigstr Relationships, and added language around legal disclosures Brent Mackay Bryan Wade (CEO) 1/15/19
© 2020 Sigstr. All rights reserved.