Privacy Policy

SimpleSend is a bulk SMS platform operated by EvoGov, LLC ("we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the SimpleSend platform and website. Please read this policy carefully. If you do not agree with its terms, please discontinue use of our services.

1. Overview

SimpleSend provides a managed bulk SMS messaging service exclusively for government agencies and other organizations ("Customers"). Our Customers use SimpleSend to send text messages to their own constituents, residents, and subscribers ("End Users"). This Privacy Policy covers both our Customers (organizations with accounts on our platform) and End Users (individuals who receive messages through our platform or sign up via an embedded signup widget).

SimpleSend acts as a data processor on behalf of our Customers with respect to End User data. Customers are the data controllers responsible for the lawful basis of their communications with End Users. We process data only as directed by our Customers and as necessary to operate the platform.

2. Information We Collect

2a. From Customers (Account Holders)

When an organization registers for or uses SimpleSend, we collect:

• Account information: organization name, authorized user names, email addresses, phone numbers, and job titles.
• Billing information: billing address and payment method details (processed by our third-party payment processor; we do not store full card numbers).
• Usage data: messages sent, delivery statistics, contact list activity, login timestamps, and feature usage logs.
• Technical data: IP addresses, browser type, device information, and session data collected automatically when you access our platform.

2b. From End Users (SMS Subscribers)

When individuals subscribe to SMS alerts through a Customer's signup widget or are added to a Customer's contact list, we collect:

• Phone number: the mobile phone number provided during sign-up (in E.164 format).
• Consent record: timestamp, opt-in confirmation method (e.g., SMS double opt-in reply), source domain, and IP address at time of subscription.
• Messaging history: delivery status of messages sent to the subscriber, opt-out events (STOP replies), and opt-in events (JOIN replies).
• Tags and metadata: any optional tags assigned by the Customer (e.g., "source: web widget," neighborhood, department).

2c. Automatically Collected Information

When you visit getsimplesend.com, we automatically collect standard server log data including IP address, browser type, referring URL, pages visited, and timestamps. We do not currently use third-party analytics tracking cookies.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, maintain, and improve the SimpleSend platform;
• Send and track SMS messages on behalf of our Customers;
• Process Customer account registrations, billing, and support requests;
• Maintain records of End User consent for regulatory compliance;
• Detect and prevent fraud, spam, abuse, and violations of our Terms of Service;
• Comply with applicable laws, regulations, and carrier requirements;
• Respond to legal process, court orders, and lawful requests from government authorities;
• Send transactional and administrative communications to Customers (e.g., billing notices, service updates).

We do not use End User phone numbers for our own marketing purposes. We do not sell End User data to third parties.

4. SMS Messaging & Consent

SimpleSend is designed to send SMS messages only to individuals who have provided prior express written consent to receive them, in compliance with the Telephone Consumer Protection Act (TCPA) and applicable regulations.

Opt-In (Subscribing)

End Users may subscribe to a Customer's SMS alerts through a web-based signup widget. The signup process uses a double opt-in flow: after entering their phone number, the End User receives a confirmation SMS and must reply JOIN to complete their subscription. No messages are sent until this confirmation is received. The subscriber's consent record — including timestamp, source domain, and confirmation method — is retained for compliance purposes.

Opt-Out (Unsubscribing)

End Users may opt out of SMS messages at any time by replying STOP to any message. Upon receipt of a STOP reply, the subscriber is immediately marked as opted out and will not receive further messages from that organization through SimpleSend. Standard message and data rates from the subscriber's mobile carrier may apply.

Message Frequency

Message frequency varies by organization and campaign type. Customers are responsible for disclosing expected message frequency to their subscribers at the time of opt-in.

Customer Responsibility

Our Customers are solely responsible for obtaining and documenting valid consent from their subscribers prior to adding them to any contact list. SimpleSend provides tools to assist with consent management but does not independently verify consent obtained outside our platform.

5. Sharing Your Information

We do not sell, rent, or trade personal information. We may share information in the following limited circumstances:

• Service providers: We share data with vendors who help us deliver the platform, including Amazon Web Services (cloud infrastructure and SMS delivery), payment processors, and email delivery services. These providers are contractually bound to use data only as directed by us.
• Customers: End User data (phone numbers, delivery status, consent records) is accessible to the Customer organization that collected or manages that data.
• Legal compliance: We may disclose information if required by law, subpoena, court order, or government request, or to protect the rights, property, or safety of SimpleSend, our Customers, or others.
• Business transfers: In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the successor entity. We will notify affected parties as required by law.

6. Data Retention

We retain personal data for as long as necessary to fulfill the purposes described in this policy, to maintain our Customer relationships, and to comply with legal obligations.

• Customer account data is retained for the duration of the customer relationship and for up to seven (7) years afterward for legal and audit purposes.
• End User contact records and consent logs are retained for the duration of the Customer's account and for at least four (4) years after the last interaction, as recommended for TCPA compliance documentation.
• Unconfirmed pending subscriber records (those that did not complete the double opt-in) are automatically purged after 24 hours.
• Message delivery logs are retained for up to 24 months, after which they may be archived or deleted.

Customers may request deletion of their organization's data upon account termination, subject to our legal retention obligations.

7. Your Rights & Choices

For End Users (SMS Subscribers)

If you have received SMS messages through SimpleSend and wish to:

• Opt out / Stop messages: Reply STOP to any message you receive. This is the fastest and most reliable method.
• Request removal of your phone number: Use our Support & Data Removal form to submit a removal request. We will forward your request to the relevant Customer organization and process the removal within 10 business days.
• Request information about data held about you: Contact us using the information in Section 13.

For Customers (Account Holders)

Customers may access, update, export, or delete their account data directly within the SimpleSend dashboard. For account termination and data deletion requests, please contact us as described in Section 13.

8. Security

We implement industry-standard technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256);
• Multi-factor authentication requirements for all administrative accounts;
• Role-based access controls limiting data access to authorized personnel;
• Regular security assessments and dependency updates;
• Hosting on SOC 2 Type II-certified AWS infrastructure.

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. In the event of a data breach affecting your information, we will notify you as required by applicable law.

9. Children's Privacy

The SimpleSend platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected personal data from a child under 18 without verified parental consent, we will take steps to remove that information. If you believe we may have any information from a minor, please contact us immediately.

10. Third-Party Services

SimpleSend uses the following key third-party service providers in the delivery of our platform:

• Amazon Web Services (AWS): Cloud hosting infrastructure and SMS delivery via AWS End User Messaging SMS. AWS processes SMS messages through U.S.-based carrier networks. AWS's privacy policy is available at aws.amazon.com/privacy.
• Mobile carriers: SMS messages are ultimately delivered by mobile network operators (e.g., AT&T, Verizon, T-Mobile). Carriers maintain their own data practices for message routing.

Our website does not embed third-party advertising, social media tracking pixels, or behavioral analytics tools. Links to third-party sites in our communications are governed by those third parties' own privacy policies.

11. California Residents (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information. This section describes those rights and explains how to exercise them.

Right to Know: You have the right to request that we disclose what personal information we have collected about you, the sources of that information, our business purpose for collecting it, and the categories of third parties with whom we share it.

Right to Delete: You have the right to request that we delete personal information we have collected from you, subject to certain exceptions (such as legal compliance obligations).

Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

Do Not Sell: We do not sell personal information as defined under the CCPA.

To exercise your California privacy rights, please submit a request via our Support & Data Removal form or contact us at the address in Section 13. We will respond to verifiable requests within 45 days as required by law.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the revised policy on this page with an updated "Last updated" date. For material changes, we will provide notice to Customers via email or a prominent notice within the platform at least 30 days before the changes take effect. Your continued use of SimpleSend after any changes constitutes acceptance of the updated policy.

13. Contact Us

For questions about this Privacy Policy, to exercise your data rights, or to report a privacy concern, please contact us:

We will respond to all privacy inquiries within 30 days. For urgent matters related to unauthorized SMS messages or data removal, please use the subject line "Urgent: Data Removal Request".