Policies

Terms of use
Privacy policy

Terms of use

Effective date: 4 May 2022

Pigeon is a mailing list and mail archive host created by DinoSource ApS. That's us! We place certain conditions on using our website and services, such as not permitting illegal activity. You may only use our website and services if you abide by these terms of use in full as described below. We hope you find the terms reasonable. Please feel free to contact us if you have any questions.

Please also refer to our privacy policy, which is a separate legal document also included on this page. It does not form part of our terms of use.

Modification of terms

We may modify these terms of use at any time and post a new version with a new effective date either here or linked from the welcome page. We may not necessarily notify our users that our terms of use have been updated because such messages are typically ignored or even flagged as spam, and therefore it is your responsibility to review our terms of use regularly to ensure adequate compliance. We recommend using a website change monitoring service such as Visualping or Versionista.

User restrictions

You must be at least 18 years old to sign up for a Pigeon account. You must not use our site or services for any purpose which is classed as illegal, and you must not sign up if to do so would be illegal. In these terms of use illegal activity refers to any action which is forbidden by the laws of your country, or which is forbidden by the laws of Denmark where our company is based. You must not send unsolicited commercial email, phishing, or scam emails to any of our users, regardless of whether doing so is legal in the aforementioned jurisdictions.

You must not attempt to reverse engineer, perform penetration or other security testing, audit, obtain the source, or otherwise inspect the proprietary software used to run this site. We work hard on keeping this site and our users safe and secure, and if you do find a security issue then you must report it to us immediately. You must not disclose security issues in public until we have had a chance to fix the issue for our users.

Content policy

You may post text and multimedia to your mailing lists, and so may your mailing list members. You are solely responsible for all content which is posted to your mailing lists. You must take reasonable steps to ensure that no illegal content is posted to your mailing lists, and if notified that such content has been posted you must delete it immediately and ban the user responsible for posting it.

We are not responsible for any loss or damages as a result of user posted content. Nor are we responsible for the accuracy of any content on the site, or the content of any third party site linked to from this site. You agree to indemnify, defend, and hold harmless DinoSource ApS in the event of any claims resulting from user content posted to your mailing lists.

Payments, billing, and service

Our services are offered on a monthly subscription basis. If our fees rise, we may offer you the choice of accepting the new fees or cancelling your subscription. We may cancel your subscription by default if you make no choice. If you miss a payment, we may cancel your service and delete your account and data. In general, however, we aim to keep your data for as long as possible because we'd like you to continue to use our service! But if you do not have an active paid subscription then we cannot guarantee retention of your data because hosting your data has a material cost.

We may cancel your subscription at any time, for example if our company goes out of business. We take our moral obligations to our users very seriously however, and intend to stay in business. We do not plan to discontinue service for any reason, for example by being acquired by a larger company. We created this service because we believe in the benefits of email for team communication.

Disclaimer of warranty

Our website and services are provided as is, with no warranty either express or implied. In other words, we do our best to provide good service to you but we are under no obligation to provide any specific kind of service.

Limited liability

In the event that we are found liable for damages to you by a court in Denmark, we will pay up to 100 EUR.

Cancellation terms

You can cancel a monthly subscription at any time by going to the "Change plan" section in your account page, and following the link to "Cancel your current plan".

If you decide to cancel your subscription:

• You will be issued pro rata credit for your remaining time on the subscription.
• The pro rata credit may be exclusive of Stripe payment processing fees, currency conversion differences, and other administrative costs.
• The pro rata credit cannot be redeemed on subscriptions paid in a different currency. This is due to a limitation of the Stripe API whereby different currencies must be handled with different customer objects.
• If Stripe cannot compute the pro rata credit, then credit will not be issued.
• There may be a significant delay in how long it takes Stripe to compute or to apply your credit. Any purchases made before Stripe makes the credit available will not retroactively have the credit applied to them, but the credit will be available for future purchases.
• The pro rata credit expires if your account is deleted, if your account is banned for violation of the Pigeon terms of use, if you ask us to redact user data relating to your billing under the GDPR, or at our discretion after six months without being redeemed.
• All of your quotas will be set to zero immediately, unless you are still in the taster account period.
• You will not be able to send any mail to any of your lists.
• Your card will no longer be charged, unless you resubscribe.
• Your card details will still be kept on file by Stripe, our payment processor. When using our service you agree to the Stripe terms of service in addition to our own.
• We do not offer refunds to users who violated these terms of service.

By signing up to a Pigeon plan, you agree to this cancellation policy.

Privacy policy

Effective date: 4 May 2022

We are a Danish company called DinoSource ApS, and we created Pigeon because friends kept telling us they'd pay for a hosted mailing list service. We thought, let's build that then! This privacy policy explains what personal information we collect, why we collect it, and how you can manage that information.

Collected data

Your IP address and access times are kept for security purposes. Your OAuth username is kept unless requested to provide a service and potential discounts to you. Your email address is kept for financial auditing. You may also be collecting personally identifiable data from your list users, and we store that data on your behalf, but you are considered the controller of that data and must act responsibly and legally with respect to that data.

Website visitors

If you are visiting this website, we keep server logs of your interactions with us which record your IP address and the time of visit. We do that because sometimes websites are attacked by bandits who try to infiltrate and steal your information, and keeping logs helps to see who might be attempting that. Sometimes people also try to interrupt service to a website by doing something called a denial of service attack. Keeping logs helps us to mitigate any such attacks.

We keep IPs and times indefinitely in case we ever need to audit past attacks. If somebody infiltrated the website and we deleted the logs, we'd never know who did it! Of course we take security very seriously and aim to prevent infiltration in a variety of ways, and keeping logs is just part of the process of being responsible about security. The logs themselves are kept secure, and are not published.

Our role in this is as a data controller.

Website users

We class you as a user if you've signed up to Pigeon, even if you're just on the free introductory plan.

Username and email

As well as collecting the same information that we do of website visitors, we also collect your OAuth username and verified OAuth email address of website users. OAuth is a system invented to make it easier for people to log into websites. It means you can use your existing login details with one site, e.g. Google, to log into a new site, e.g. ours, without ever giving your password to the new site. That means that we don't collect your password, because we don't need to! But we do need your username and email address.

We need your username because that's how we identify you as a user. When you log in, we need to know who you are in order to give you access to your account. We need your email address because this is a mailing list hosting service. If we don't know your email address, we could not subscribe you to your own lists for example. We don't share your username, but we may share your email address if you have a mailing list with a public archive and you send a message to that list.

We keep your username and email for as long as you have an account with us. When you close your account we keep your username and email by default, for two reasons. One is so that we can potentially give you a discount if you sign up with us again! The other is so that we have a record of our financial account with you, i.e. so that our invoices can be linked to our records in case of disputes etc.

You may request that we delete your OAuth username at any time. To do so means closing and erasing your account, because without the username we are of course unable to provide a service to you! Your email address is retained as part of our financial records, which is described in more detail in the following section.

Our role in this is as a data controller.

Card details

Pigeon has a number of paid plans, and to pay for these you use your credit or debit card. We use Stripe, a well regarded San Francisco based US payment processing company, to not only store your card details but also handle your recurring subscription charges for us. This means that we do not collect or store your card details. Stripe also does not ever provide us access to your card details. We do not know your card number, and cannot know it. Therefore it is important that you are aware of Stripe's own worldwide privacy policy, because that is in effect whenever you give them your details so that they can charge you on our behalf.

We retain the information of all of our financial transactions with you, including after you stop using our service, in order to have evidence for arbitration in case of any financial disputes which may arise. This information may include your email address or any other information that you give to Stripe, excepting of course your card details.

Stripe's role in this is as a data controller for your card details, and a data processor for our financial transactions with you.

Emails

Pigeon is a public email archiving service. When you create a public mailing list, and send email to that list, we archive it and provide public access to copies of email sent to that list. Be aware that once emails are made public, other internet users may make copies that email (legally or otherwise) which we cannot control. For example, the digital Internet Archive library may copy our website, and indeed any website. Google may copy our website to keep it in their cache. Once you have made an email public, it can be very difficult if not impossible to erase all copies of it, as these copies are not under our control.

You therefore give consent not only for us to host these emails in public for you, but you also recognise that there is nothing we can do about third parties accessing, having accessed, or making copies of your data. If third parties act illegally, then you must take it up with those third parties independently of us. We cannot, in other words, pursue on your behalf the resolution of any copyright, privacy, trademark, or other rights violations committed by third parties.

Your users

When you create a mailing list, you may have users. A user is anybody who's subscribed or sent an email to one of your mailing lists. You may have responsibilities to your users with regards to privacy. It is your responsibility to ensure that your users' rights are not violated. We store personally identifiable information of your users on your behalf.

Our role in this is as a data processor.

In case of emergency

The worst case scenario for any website is that bandits infiltrate their systems and make copies of their users' personally identifiable data. This would mean that your personal data would be in the hands of potentially some very bad people. We try to mitigate this risk as much as possible by not collecting from you anything of value, such as your card details. Since we do have your OAuth username and email, however, we of course need a plan for what happens if that data is stolen by the aforementioned bandits. Since we are based in the EU, which has very good privacy laws, we follow the requirements of those laws and promptly notify the local data authorities when information is stolen. As long as the information wasn't erased, we also notify all of our affected users. Unfortunately beyond that there isn't much else that we'd be able to do. Again, we take many measures to ensure that this doesn't happen in the first place, which is the best policy.

Questions?

This privacy policy was written by a human, not a lawyer. We hope it's been legitimately helpful. If you do have any questions, though, please contact us.