Terms of Use Privacy Policy Cookie Policy Sub-processors Ethics Code GDPR Accessibility ISO 27001

Privacy Policy

Last Updated: May 6, 2024

This Privacy Policy governs how Oktopost and its affiliates such as its subsidiaries, its parent companies, or other controlled entities by them (collectively the "Company", or "we", "us" or "our") collect, use, maintain and disclose information collected from visitors browsing our Website (as defined below), or users of the Oktopost Platform (as defined below) (each, a “User”) in connection with the access to or use of our website (https://www.oktopost.com, or other related domains, collectively the “Website”), your interactions with it, and the use of Oktopost’s platform solutions (the “Platform”) or other services provided by us to our customers (the “Services”).

This policy sets out what personal data we might collect, how we process and protect that data, its purpose, and your related rights. As data protection law and practice are constantly developing, we’ll need to update this policy from time to time, which we’ll do by posting a new policy on the Website that takes effect from the date stated. It is your responsibility to return to the Website from time to time and check for changes.

Scope of this Policy

This privacy policy shall not apply to personal information the Company processes on behalf of our customers. In these cases, Company's processing activities of Personal Information on our Platform, are governed by the data processing addendum, and other written agreements executed between us, as applicable, which govern the access, process, and use of the personal information on behalf of our customers. It is hereby clarified, that the Company is acting as an independent data controller of Users' account information, registration details, or other information reasonably required, as submitted by the User, in order to provide our Users with our Services, including any personal information thereof, and the data processing addendum mentioned above shall not apply to this information.

What Types of Information We Collect

When browsing or otherwise using our Website or Service, we may collect the following information, automatically or otherwise:

Personal Information

The personal information we collect (i.e. information that may allow the identification of the User) includes information voluntarily submitted by the User, including the Users' name and email address, phone number, billing address, and other information either by submitting communication forms or contacting us through the Website including applying for careers through our careers’ section, creating accounts on our Platform, registrations, log-ins and other usages of our Platform (the “Personal Information”). We also process device information which is considered Personal Information: such information includes geolocation data, IP address, unique identifiers (e.g. MAC address and UUID) and other information which relates to your activity through the Website.

Non-Personal Information

“Non-Personal Information” is technical information we collect and may include: (i) technical information such as the type of version of your device is operating on, type of browsers, language, wireless internet connectivity, time stamps and visited pages, the operating system, utilized internet service provider and other similar information. We may also collect other general geolocation data, and cookies usage, and other technical information transmitted by the User’s device; (ii) “Behavioral Information”, which may include the user’s click-stream on the Website, user’s engagement with certain components on the Website and information of similar nature; (iii) other metrics used by us or third-party service providers, which do not include Personal Information.


When using our Service we assign the User's device with a log file, a cookie (session or persistent), web beacons, or other related technologies, to collect information with respect to the User's activity on our Service.

A "cookie" is a small piece of information that a website assigns to your device while you are viewing a website. Cookies are very helpful and can be used for various purposes. These purposes include allowing you to navigate between pages efficiently, enabling automatic activation of certain features, remembering your preferences, and making the interaction between you and our services quicker and easier. Cookies are also used to help customize your experience.

Cookies may locally store information on your device, and we and/or other third parties authorized by us may access such information to provide you access to our Website and provide our Services.

You can find more information about cookies at http://www.allaboutcookies.org. You may remove our cookie by following the instructions of your device preferences; however, if you choose to disable our cookie, some features of our Service may not operate properly, and your online experience may be limited.

A full list of cookies used by us and how you can manage them can be found in our cookie policy.

Legal Basis for Processing

Purpose Legal basis
Provision of our Services; support. We use your Personal Data, such as your name and email address, for consumer services purposes. This includes, for example, responding to your inquiries. The legal bases for processing this data are the performance of our contractual obligations towards you; your consent; compliance with our legal obligations; and our legitimate interests. Our legitimate interests in this case are enforcing our policies, protection against fraud and misuse of our Services.
Improve our Services. We collect and analyze information about you and your usage of our Services to improve the usability and effectiveness of our Services. The legal basis for processing this data is our legitimate interests, in this case – providing and improving our Services.
Marketing and Advertising. We may use Tracking Technologies (which may collect Personal Data) in order to provide you with personalized advertisements when you visit our Services. The legal bases for processing this data are your consent (where required) and our legitimate interests. Our legitimate interests in this case are providing you with tailored services, content and advertisements that better correspond with your interests.
Integrity. We may process certain information about you and your use usage of the Service in order to keep the integrity and security of the Services, prevent fraud, identify your identity and enforce our policies. The legal bases for processing this data are compliance with our legal obligations and our legitimate interests. Our legitimate interests in this case are keeping the integrity of our Services and the safety of our end-users.
Compliance with applicable laws. We may be required to collect, retain, or share your Personal Data, under applicable laws.

How We Use the Information We Collect

We use Personal Information in the normal course of our business, including to provide and improve our Services and meet any binding contractual or legal obligations:

  • to enable us to provide you the Services;
  • to enable us to answer your inquiries or other forms of communications;
  • conduct internal operations, troubleshooting, data analysis, and other methods to improve our service;
  • to enable us to comply with our legal obligations and protect your rights and legitimate interests; and
  • to market and sell our Services, including to communicate with you about same or similar services that we offer. If we do so, we will provide you with an easy and free way to opt-out of receiving such communications in the future.

With Whom We Share Information

We do not sell, trade, or rent Users' Personal Information to other parties. Our trusted service providers may have access to Personal or Non-Personal Information only to the extent required to fulfill the purposes outlined above. Such service providers include: storage providers, analytics and monitoring providers, marketing providers and payment processing. We will only provide our service providers the information which is reasonably required to support the purposes above.

We may also disclose Personal Information, or any other information submitted by our Users, if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to (i) comply with any applicable law, regulation, legal process, or governmental request; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of us, our users, yourself or any third party; or (vi) to collaborate with law enforcement agencies and/or in case we find it necessary to enforce intellectual property or other legal rights.

Non-Personal Information may be shared with other third parties (including retailers, ad networks, advertising companies, service providers, media, and other interested parties) in any of the above circumstances, as well as to develop or deliver advertising, or to improve our Service or Website, conduct business analysis or other business purposes.

The Company may share the information received in accordance with this privacy policy with its affiliates such as its subsidiaries, its parent companies, or other controlled entities, for the purposes outlined above under the “Legal Basis for Processing” Section.

Transfer of Personal Information from the EU

Since we operate globally, it may be necessary to transfer your Personal Information to countries outside of the European Union (EU), Switzerland or the UK. The data protection regulations of these countries may not be as comprehensive as those in the European Union, Switzerland or UK − in these instances, we will take steps to ensure that a similar level of protection is given to your Personal Information. To achieve this, we may transfer information to countries that are deemed to have adequate protection of data subjects, to organizations subject to the Data Privacy Framework (DPF) as described below, or as a default, execute a form of the Standard Contractual Clauses as pre-approved by the EU Commission or use any other legally approved legal mechanism.

Data Privacy Framework (DPF)

To the extent applicable to the Personal Information collected by the Company as part of the Services and under this Privacy Policy, the Company has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce, and as further outlined in our DPF certification. The EU-U.S. DPF, the UK Extension, and the Swiss-U.S. DPF shall apply to Personal Information originating from the European Union, the United Kingdom, and Switzerland respectively, including any data subjects who are subject to any of the mechanisms above. With respect to Personal Information received or transferred pursuant to the EU-US Data Privacy Framework, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, the Company commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and its applicable extensions. For the avoidance of doubt, in any event of any conflict between this Privacy Policy and the DPF principles, the DPF principles shall govern.

For any complaints or disputes about the transfers of data from the EU, UK, or Switzerland to the US under the DPF, kindly reach out to privacy@oktopost.com. If such privacy complaints were not resolved through this internal process, under certain conditions more fully described on the Data Privacy Framework (DPF) website mentioned below, you may invoke a free of charge binding arbitration by delivering a notice to privacy@oktopost.com or as detailed in https://www.dataprivacyframework.gov/.

Onward Transfers

In any event of a transfer in accordance with this Section titled "Transfer of Personal Information from the EU", the Company remains liable for any onward transfers to third-parties, and it will remain responsible for any failure to comply with the DPF principles by such third-parties unless the Company proves that it is not in any fault or default, or otherwise responsible for the event giving rise to the damage.

Retention Policy and User Rights

We respect your privacy rights and therefore you may contact us at privacy@oktopost.com at any time and request:

  • to access, delete, change or update any Personal Information relating to you (for example, if you believe that your Personal Information is incorrect, you may ask to have it corrected or deleted); or
  • to receive a copy of Personal Information you directly volunteer to us in a structured, commonly used, and machine-readable format;
  • that we will cease any further use of your Personal Information (for example, you may ask that we will stop using or sharing your Personal Information with third parties) or that we shall remove your Personal Information (subject to any other legal obligation that may require us to keep the information, such as transactional history and information which is required by anti-money laundering regulation).

We may rectify, replenish or remove incomplete or inaccurate information, at any time and at our discretion. If you wish to raise a complaint about how we have handled your Personal Information, please contact our DPO at privacy@oktopost.com.

If you are not satisfied with our response or believe we are collecting or processing your Personal Information not in accordance with the laws, you can complain to the applicable data protection authority.

We will retain your Personal Information for as long as necessary to operate our Websites or provide Services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods shall be determined taking into account the type of information that is collected and the purpose for which it is collected for, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.

Children Information

We will not knowingly collect Personal Information from children under the age of 16. If we become aware that a user is under the age of 16, we will remove its information from our servers. We reserve the right to request proof of age at any stage so that we can verify that children are not using the Service.


We use industry-standard security tools and measures, as well as internal guidelines and organizational procedures to prevent information misuse and data leakage.You may read more about our security practices in our Security and Customer Data Protection center.

While we strive to use commercially acceptable means and procedures to protect the information, which considerably reduces the risks of data misuse, we cannot guarantee that our systems will be absolutely safe. If you become aware of any security vulnerability or potential data breach, please contact us immediately at privacy@oktopost.com, and we will take the appropriate measures to address such incidents, as deemed necessary.


We may use your Personal Information, such as your name or email address, ourselves or by using our third-party subcontractors to provide you with promotional materials, concerning our Services, as well as products, services, websites, and applications, including news about product updates, contests, events, and other promotional materials.

If you have given us your consent, we may also send communications for unrelated products or services. In addition, we may elect to share your Personal Information with qualified third-party partners for marketing or other similar purposes but only where you agree to share such information. Such partners will be prohibited from disclosing or using such information except for the limited purposes to which the users have consented to.

Out of respect to your right to privacy, we provide you with such marketing materials with means to decline to receive further marketing offers from us. In addition, at any time, you may request to unsubscribe and discontinue receiving marketing offers by contacting by sending a blank message with the word "remove" to info@oktopost.com.

Please note that even if you unsubscribe from our mailing list, we may continue to send out periodic e-mails informing you of technical, service, or security issues related to a product or service you requested, confirming you requested a product or service or providing periodic updates or information relating to the product or service you requested.

Merger, Sale or Bankruptcy

In the event that we are acquired by or merged with a third-party entity, or other corporate transaction, re-organization, IPO, liquidation, or in the event of bankruptcy or a comparable event, we reserve the right to transfer or assign information, including Personal Information, in connection with the foregoing events. In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy.

Third-Party Platforms

Users may find advertising or other content on our Service that links to the sites and services of our partners, suppliers, advertisers, sponsors, licensors, and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Service. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites that have a link to our Service, is subject to that website's terms and policies.

To the extent applicable by the nature of the usage, Users of the Oktopost Platform are required to comply with privacy policies applicable to third party platforms accessed when using the Platform such as LinkedIn/Facebook/YouTube/Twitter/Instagram/TikTok, including the YouTube Security Settings located at www.youtube.com/t/terms and https://myaccount.google.com/permissions?pli=1 respectively, or any similar policies.

Amendment to the Privacy Policy

The Company has the discretion to update this privacy policy at any time. We encourage periodic review of our Privacy Policy for any changes to stay informed about how we are helping to protect the personal information we collect. The last amendments will be reflected in the "Last Updated" heading. The continued use of the Service following the posting of any amendments will be deemed as acceptance of those amendments.

Contacting Us

If you have any questions or concerns about this Privacy Policy, the practices of our Service, and how we handle your Personal Information, please contact us by email at privacy@oktopost.com.