Policies

SparkPost Data FAQ

We leverage data generated by our customers’ use of SparkPost (called “exhaust data”) in order to provide better email results across our customer base. Our customer’s trust is paramount and everything we do is brand safe and built with privacy by design. This document provides details about how we use your data and exhaust data while keeping your recipients and your brand safe. If you have further questions I’m happy to discuss this with you personally, please get in touch with me here.

-Charlie Reverte, Chief Product Officer

Table of Contents

Why are you using my data?

What data are you using?

How do you use my data?

Do you sell my data?

Is my data visible to other customers?

Can my company opt-out of sharing data?

What do you mean by “brand safe?”

What do you mean by “privacy by design?”

Are you GDPR compliant?

What are examples of exhaust data?

Why are you using my data?

At SparkPost we’re on a mission to help you achieve the best possible email engagement and deliverability. We believe the way to do that is by optimizing our delivery and analytics with data, and at a much greater scale than you can access on your own. So we power our products with email exhaust data like bounces, opens, and pseudonymized (hashed) email address from your sending and the sending of other customers. For example, the SparkPost Signals Health Score uses data from thousands of other senders to predict your future engagement rates, and our Recipient Validation is powered by our global bounce data so we can help you filter out known bad addresses before they hurt your reputation.  And this is just the start – we have an exciting optimization roadmap ahead. As the world’s largest email sender, our unmatched data footprint can give you better email ROI than anyone else in the market.

What data are you using?

We use exhaust data and pseudonymized email address to power products that we bring to you and other SparkPost customers. We DO NOT use any data that is associated with your brand, customer interests, commercial behavior, or inferred demographics. We also DO NOT use the personal data of EU Data Subjects under GDPR. The table below summarizes the details of the data types we use to power products for all customers:

Data TypeExamplesUsed?
Routing, delivery, and engagement dataWhen emails are delivered, opened, clicked, unsubscribed, bounced, marked as spamYes
Pseudonymized (hashed) recipient email addresskSCZGbUPIDQNRjZxymBo0UYpRSo=Yes
GeoIP and user agentColumbia, Maryland, USA, Google Chrome, iOS 12.2, iPhone XYes
Message attribute data such as type, tone, length, layoutA message was transactional, playful, long, or contained imagesYes
Raw email dataSender email address, recipient email address, subject line, message bodyNo
Brand affinity or purchasing behaviorA recipient drinks soda from a particular brandNo
Recipient’s specific interestsA recipient is a frequent travelerNo
Inferred demographicsA recipient is maleNo
Any identifiers of customer as a source of the dataThis data is from “Customer.com”No
Offline & personal data onboardingLiveRamp-like services or setting third-party cookies on your recipientsNo
Personal data of EU data subjectsEU recipient email addressesNo

How do you use my data?

Our usage of your data falls into two categories. The first category is “first-party usage,” whereby we use data in ways that only you can access, for example providing you with delivery analytics.  The second category is “third-party usage,” whereby us we use your data in combination with data from other customers to power products that benefit everyone, for example the Signals Health Score and Recipient Validation.  It is important to reiterate that for third-party usage of your data, we ONLY use your exhaust data and pseudonymized (hashed) email address. The table below summarizes the details of our third-party data usage:

UsageExamplesPermitted?
Aggregate research statisticsPublishing an industry benchmarking guide, providing benchmark scoringYes
Optimizing delivery, engagement, and conversion of your and other customers’ emailsSending an email at a time the recipient is most likely to open, suppressing an email based on a recipient’s likelihood to complain or unsubscribe, sending a playful variant of an email rather than a serious variantYes
Internal business purposesData science, creating new analytics and optimization functionality, measuring product usageYes
Commercial / interest / demographic targetingAllowing customers to target emails based on recipient purchase behavior, engagement with emails about shoes, men age 23-35No
Sold to 3rd partiesSelling log files or providing direct access to the dataNo
Paid media targeting / re-targetingHelping other customers target your users with adsNo

Do you sell my data?

No.  SparkPost is an email intelligence platform.  We are not in the business of selling data to third parties, data licensing, or setting cookies. We also do not use your data for our own marketing purposes.

Is my data visible to other customers?

No. We never expose your data or your exhaust data.  This data is only used to train our machine learning models and power our algorithms – the data works “behind-the-scenes.”

Can my company opt-out of sharing data?

No. It’s important that all of our customers contribute to achieve maximum benefit from data-powered products. SparkPost delivers email at a much greater scale than any individual sender and in exchange for your contribution, you benefit from the data of thousands of other senders. Together, we will drive huge lift on your open and click rates. If you have further concerns we’re happy to discuss them with you, please reach out to us, here.

What do you mean by “brand safe?”

We will never use your data in a way that compromises your business or the brand and audience that you’ve worked hard to build. Your competitors will not be able to see or target your users, or leverage any data about their interests and behavior that is proprietary to your business. This is why we limit our data usage to “email exhaust” and focus on generic email interaction. We will also never identify your business as the source of particular data or sell your exhaust data directly to others. Your data will only be used in ways where it is blended with the data of many other customers and disconnected from your brand.

What do you mean by “privacy by design?”

Privacy by design means we integrate data protection into the design and implementation of our products, rather than it being an afterthought. Security is baked into our systems, services, and business practices to ensure the full lifecycle protection of your data. As a testament to our commitment to security and privacy, SparkPost is SOCII Type 2 certified.  And of course, SparkPost will comply with all applicable data protection laws and will assist you in doing so as well.

Are you GDPR compliant?

Yes. We are GDPR-compliant and we do not use the personal data of EU data subjects (including pseudonymized email address or IP address) for third-party usage.

What are examples of exhaust data?

Data AttributeDescriptionExample ValueFirst-party UsageThird-party Usage
accept_languageLanguage(s) accepted by the recipient during an engagement eventen-usYesYes
msg_sizeSize of message1337YesYes
raw_reasonRaw bounce/delay reason from the recipient’s domainnoSuchUser bj6si22015798plb.379 – gsmtpYesYes
transactionalWas the email self-identified as transactionalTRUEYesYes
tdateTimestamp for an email event (e.g., sent, open, click)2019-04-30 11:42:29YesYes
user_agentUser-agent identified by the recipient at time of engagementMozilla/5.0 (Linux; Android 8.0.0; ANE-LX1)YesYes
message_toneSparkPost-derived attribute via natural language processingplayfulYesYes
rcpt_to_hashA hashed version of the recipient’s addresskSCZGbUPIDQNRjZxkmRo0UYpRSo=YesYes, so long as not EU recipient
geo_ipGeoIP inferred from recipient IP address during engagement event{country=US, region=CA, city=Sunnyvale}YesYes, so long as not EU recipient
ip_addressRecipient’s IP address123.123.123.123YesNo
friendly_fromRaw sender email addressbob@bobsburgers.comYesNo
rcpt_toRaw recipient email addresssparky@sparkpost.comYesNo
subjectRaw email subject lineYour SparkPost ReceiptYesNo
message_contentRaw email bodyHello World!  It’s nice to meet you. Sincerely, SparkPostYesNo

A complete list of current Event types and included data attributes can be found on our Events API documentation.