SparkPost Data FAQ

We leverage data generated by our customers’ use of SparkPost (called “exhaust data”) in order to provide better email results across our customer base. Our customer’s trust is paramount and everything we do is brand safe and built with privacy by design. This document provides details about how we use your data and exhaust data while keeping your recipients and your brand safe. If you have further questions I’m happy to discuss this with you personally, please get in touch with me here.

-Charlie Reverte, Chief Product Officer

Table of Contents

Why are you using my data?

What data are you using?

How do you use my data?

Do you sell my data?

Is my data visible to other customers?

Can my company opt-out of sharing data?

What do you mean by “brand safe?”

What do you mean by “privacy by design?”

Are you GDPR compliant?

What are examples of exhaust data?

Why are you using my data?

At SparkPost we’re on a mission to help you achieve the best possible email engagement and deliverability. We believe the way to do that is by optimizing our delivery and analytics with data, and at a much greater scale than you can access on your own. So we power our products with email exhaust data like bounces, opens, and pseudonymized (hashed) email address from your sending and the sending of other customers. For example, the SparkPost Signals Health Score uses data from thousands of other senders to predict your future engagement rates, and our Recipient Validation is powered by our global bounce data so we can help you filter out known bad addresses before they hurt your reputation. ?And this is just the start – we have an exciting optimization roadmap ahead. As the world’s largest email sender, our unmatched data footprint can give you better email ROI than anyone else in the market.

What data are you using?

We use exhaust data and pseudonymized email address to power products that we bring to you and other SparkPost customers. We DO NOT use any data that is associated with your brand, customer interests, commercial behavior, or inferred demographics. We also DO NOT use the personal data of EU Data Subjects under GDPR. The table below summarizes the details of the data types we use to power products for all customers:

Data Type Examples Used?
Routing, delivery, and engagement data When emails are delivered, opened, clicked, unsubscribed, bounced, marked as spam Yes
Pseudonymized (hashed) recipient email address kSCZGbUPIDQNRjZxymBo0UYpRSo= Yes
GeoIP and user agent Columbia, Maryland, USA, Google Chrome, iOS 12.2, iPhone X Yes
Message attribute data such as type, tone, length, layout A message was transactional, playful, long, or contained images Yes
Raw email data Sender email address, recipient email address, subject line, message body No
Brand affinity or purchasing behavior A recipient drinks soda from a particular brand No
Recipient’s specific interests A recipient is a frequent traveler No
Inferred demographics A recipient is male No
Any identifiers of customer as a source of the data This data is from “Customer.com” No
Offline & personal data onboarding LiveRamp-like services or setting third-party cookies on your recipients No
Personal data of EU data subjects EU recipient email addresses No

How do you use my data?

Our usage of your data falls into two categories. The first category is “first-party usage,” whereby we use data in ways that only you can access, for example providing you with delivery analytics. ?The second category is “third-party usage,” whereby us we use your data in combination with data from other customers to power products that benefit everyone, for example the Signals Health Score and Recipient Validation. ?It is important to reiterate that for third-party usage of your data, we ONLY use your exhaust data and pseudonymized (hashed) email address. The table below summarizes the details of our third-party data usage:

Usage Examples Permitted?
Aggregate research statistics Publishing an industry benchmarking guide, providing benchmark scoring Yes
Optimizing delivery, engagement, and conversion of your and other customers’ emails Sending an email at a time the recipient is most likely to open, suppressing an email based on a recipient’s likelihood to complain or unsubscribe, sending a playful variant of an email rather than a serious variant Yes
Internal business purposes Data science, creating new analytics and optimization functionality, measuring product usage Yes
Commercial / interest / demographic targeting Allowing customers to target emails based on recipient purchase behavior, engagement with emails about shoes, men age 23-35 No
Sold to 3rd parties Selling log files or providing direct access to the data No
Paid media targeting / re-targeting Helping other customers target your users with ads No

Do you sell my data?

No. ?SparkPost is an email intelligence platform. ?We are not in the business of selling data to third parties, data licensing, or setting cookies. We also do not use your data for our own marketing purposes.

Is my data visible to other customers?

No. We never expose your data or your exhaust data. ?This data is only used to train our machine learning models and power our algorithms – the data works “behind-the-scenes.”

Can my company opt-out of sharing data?

No. It’s important that all of our customers contribute to achieve maximum benefit from data-powered products. SparkPost delivers email at a much greater scale than any individual sender and in exchange for your contribution, you benefit from the data of thousands of other senders. Together, we will drive huge lift on your open and click rates. If you have further concerns we’re happy to discuss them with you, please reach out to us, here.

What do you mean by “brand safe?”

We will never use your data in a way that compromises your business or the brand and audience that you’ve worked hard to build. Your competitors will not be able to see or target your users, or leverage any data about their interests and behavior that is proprietary to your business. This is why we limit our data usage to “email exhaust” and focus on generic email interaction. We will also never identify your business as the source of particular data or sell your exhaust data directly to others. Your data will only be used in ways where it is blended with the data of many other customers and disconnected from your brand.

What do you mean by “privacy by design?”

Privacy by design means we integrate data protection into the design and implementation of our products, rather than it being an afterthought. Security is baked into our systems, services, and business practices to ensure the full lifecycle protection of your data. As a testament to our commitment to security and privacy, SparkPost is SOCII Type 2 certified. ?And of course, SparkPost will comply with all applicable data protection laws and will assist you in doing so as well.

Are you GDPR compliant?

Yes. We are GDPR-compliant and we do not use the personal data of EU data subjects (including pseudonymized email address or IP address) for third-party usage.

What are examples of exhaust data?

Data Attribute Description Example Value First-party Usage Third-party Usage
accept_language Language(s) accepted by the recipient during an engagement event en-us Yes Yes
msg_size Size of message 1337 Yes Yes
raw_reason Raw bounce/delay reason from the recipient’s domain noSuchUser bj6si22015798plb.379 – gsmtp Yes Yes
transactional Was the email self-identified as transactional TRUE Yes Yes
tdate Timestamp for an email event (e.g., sent, open, click) 2019-04-30 11:42:29 Yes Yes
user_agent User-agent identified by the recipient at time of engagement Mozilla/5.0 (Linux; Android 8.0.0; ANE-LX1) Yes Yes
message_tone SparkPost-derived attribute via natural language processing playful Yes Yes
rcpt_to_hash A hashed version of the recipient’s address kSCZGbUPIDQNRjZxkmRo0UYpRSo= Yes Yes, so long as not EU recipient
geo_ip GeoIP inferred from recipient IP address during engagement event {country=US, region=CA, city=Sunnyvale} Yes Yes, so long as not EU recipient
ip_address Recipient’s IP address 123.123.123.123 Yes No
friendly_from Raw sender email address [email protected] Yes No
rcpt_to Raw recipient email address [email protected] Yes No
subject Raw email subject line Your SparkPost Receipt Yes No
message_content Raw email body Hello World! ?It’s nice to meet you. Sincerely, SparkPost Yes No

A complete list of current Event types and included data attributes can be found on our Events API documentation.