Legal docs

Postcards.ai Third-Party Provider Terms

Last Modified: May 18, 2026

These Third-Party Provider Terms are incorporated by reference into the Customer Terms that link to this page. As used in these Third-Party Provider Terms, "Third-Party Provider" means the entity providing the applicable Third-Party Product. These Third-Party Provider Terms control in the event of any conflict with the remainder of the Customer Terms regarding Third-Party Products.

(a) Limited License

Data provided by Third-Party Providers is for Customer's own use in the United States, unless otherwise expressly authorized in writing, and not for resale, sublicense, disclosure, or further distribution. Customer receives only the limited rights expressly granted in the Agreement, applicable Order, and these Third-Party Provider Terms.

(b) Representations and Warranties

Customer represents and warrants that Third-Party Products will be used solely to support the marketing of Customer's own products and services and will not be used in connection with:

  • individual reference services, skip tracing, electronic directory assistance, e-data lookups, or verification of record accuracy, unless expressly permitted in the applicable Order;
  • employment, employee records, recruiting, promotion, retention, termination, or other employment decisions;
  • credit, lending, insurance, underwriting, tenant screening, housing, education admissions, government benefits, or other eligibility determinations;
  • debt collection, debt relief, credit repair, or locating debtors;
  • background checks, criminal records, fraud scores, risk scores, or similar determinations about individuals;
  • healthcare, medical, insurance, financial, or other regulated decisions;
  • marketing that violates applicable law, consumer choices, or provider requirements; or
  • any purpose prohibited by FCRA, GLBA, HIPAA, COPPA, CAN-SPAM, TCPA, do-not-call laws, state privacy laws, or similar laws.

Customer further represents and warrants that:

  • Customer has all rights necessary to enter into the Agreement;
  • Customer's collection, provision, and use of Third-Party Products will comply with applicable laws, regulations, self-regulatory standards, and industry guidelines;
  • Customer will provide all legally required notices and obtain all legally required consents;
  • Customer will honor consumer opt-outs, suppression requests, do-not-contact requests, and other applicable consumer choices; and
  • Customer will not use Third-Party Products in a deceptive, discriminatory, harmful, or unlawful manner.

Customer also represents that all advertising and promotional materials used in connection with Third-Party Products will comply with applicable law, industry guidance, and Customer's own privacy policies, and that Customer will not provide Postcards.ai or any Third-Party Provider with data that Customer is not authorized to use for the requested purpose.

(c) Use Restrictions

The following are prohibited with regard to data obtained from Third-Party Providers:

  • disclosure, distribution, resale, sublicense, or transfer to any third party;
  • duplication, modification, reverse engineering, decompiling, disassembly, decoding, or creation of derivative datasets, except as expressly permitted;
  • placing any portion of the data on a website, database, retrieval system, or system accessible outside Customer's immediate organization;
  • use for adverse terms, eligibility decisions, or legally significant decisions about individuals;
  • use for credit, employment, insurance, housing, education, government benefits, healthcare, debt collection, or similar regulated decisions;
  • use to contact individuals who have opted out of or objected to Customer's marketing;
  • use in violation of applicable law, postal requirements, provider requirements, Data Owner requirements, or the Agreement; and
  • use after termination, expiration, or completion of the permitted purpose, except as expressly permitted in writing.

Third-Party Providers that provide data may be obligated to comply with restrictions and requirements imposed by their data suppliers, licensors, postal providers, or other data owners ("Data Owners"). Customer will strictly comply with all restrictions and requirements imposed by Data Owners and made known to Customer by Postcards.ai or the applicable Third-Party Provider.

To the extent permitted by law, Third-Party Providers and Data Owners are intended third-party beneficiaries of these Third-Party Provider Terms and may enforce terms applicable to their Third-Party Products.

Customer will defend, indemnify, and hold harmless Postcards.ai, Third-Party Providers, Data Owners, and their affiliates, officers, directors, employees, agents, contractors, and licensors from and against all claims, demands, judgments, liabilities, damages, losses, costs, and expenses, including reasonable attorneys' fees, arising out of or relating to Customer's misuse or unauthorized use of Third-Party Products.

(d) Prohibited Data

Unless expressly authorized in writing, Customer will not provide any of the following information in connection with the use of Third-Party Products ("Prohibited Data"):

  • government-issued identification numbers, such as Social Security numbers, driver's license numbers, state identification numbers, or passport numbers;
  • financial institution, bank account, credit card, debit card, or customer account numbers;
  • health, medical, insurance, prescription, treatment, diagnosis, or condition information;
  • information about children or individuals under 18;
  • criminal history, arrest, conviction, or allegation information;
  • biometric, genetic, precise geolocation, or similar sensitive data;
  • account passwords, authentication credentials, security questions, or secrets;
  • information subject to HIPAA, GLBA, COPPA, FCRA, FERPA, or similar laws; or
  • any other data prohibited by the Agreement, DPA, Acceptable Use Policy, applicable law, or Third-Party Provider requirements.

(e) Consumer Elections/Inquiries

In any use of Third-Party Products, Customer must honor all consumer elections not to receive marketing solicitations from Customer. Customer is responsible for responding to any communication initiated by a consumer arising out of Customer's use of Third-Party Products.

Upon receipt of an express request from a consumer for the source of the consumer's personal information used in a marketing solicitation, Customer may reference Third-Party Providers as a source only to the extent permitted by applicable law and provider requirements. Customer will promptly notify Postcards.ai of consumer complaints, opt-outs, deletion requests, suppression requests, source inquiries, regulatory inquiries, or similar communications related to Third-Party Products.

(f) Mailers and Scripts

Customer agrees to use Third-Party Products only in compliance with applicable law, regulations, industry guidelines, and published policies, including ANA and DAA principles where applicable.

Customer authorizes Postcards.ai to retain a non-customized copy of each template mail piece, email, advertisement, or telemarketing script used in connection with Customer's use of Third-Party Products for at least twelve (12) months after the applicable mail drop date, email or advertisement deployment date, or script use. Customer further authorizes Postcards.ai, upon request from the applicable Third-Party Provider or Data Owner, to deliver requested materials for review.

Customer is solely responsible for ensuring that mailers, scripts, emails, ads, offers, disclosures, disclaimers, and other materials comply with law and provider requirements.

(g) Pixels

Pixels, tags, cookies, web beacons, or similar technologies must not be used in connection with any website directed to children under 16 or in any manner implicating COPPA. Customer may not install or use a pixel or similar technology without all notices, consents, permissions, and privacy disclosures required by law.

Customer may not install a pixel without prior written consent from Postcards.ai where consent is required by the Agreement, an Order, or Documentation. Customer will provide notice if it removes an active pixel. Customer acknowledges that personal information originating from outside the United States may not be processed or may be restricted for certain Third-Party Products.

(h) Online Audiences

If expressly permitted in the Agreement, Customer may use Third-Party Products to create, segment, or select a marketing-campaign audience ("Online Audience") for a marketing campaign. The Online Audience may be distributed directly to a publisher or through an onboarding service provider, but only as permitted by the applicable Order and Third-Party Provider requirements.

Customer may not use Online Audiences to infer sensitive characteristics, target prohibited categories, make eligibility decisions, or violate applicable law, self-regulatory rules, platform policies, or consumer choices.

Customer may not combine Online Audiences with other data in a manner that re-identifies individuals or expands the permitted use beyond the applicable Order, except where expressly authorized in writing and permitted by law. Customer is responsible for ensuring publishers, onboarding providers, and advertising platforms used at Customer's direction comply with applicable restrictions.

(i) Security

Customer represents and warrants that it has implemented and maintains an information security program containing administrative, technical, and physical safeguards appropriate to Customer's size and complexity, activities, and the sensitivity of the information at issue, sufficient to protect Third-Party Products and related data.

Customer will provide for logical and physical security of Third-Party Products, restrict access to personnel with a need to know, maintain access controls, protect credentials, monitor use, and promptly notify Postcards.ai of any unauthorized access, use, disclosure, loss, or compromise involving Third-Party Products.

(j) Recordkeeping

Customer will maintain current, accurate, and complete books and records relating to its use of Third-Party Products and compliance with the Agreement. Postcards.ai, Third-Party Providers, Data Owners, or their designees may examine, inspect, audit, review, and copy relevant books, records, and source documents during normal business hours upon reasonable notice, subject to reasonable confidentiality protections.

Customer will cooperate with reasonable compliance reviews and promptly remediate any non-compliance identified by Postcards.ai, Third-Party Providers, or Data Owners.

(k) Suspension

Postcards.ai may suspend or discontinue performance of the Services or delivery of Third-Party Products if, in its reasonable and documented judgment, performance, delivery, or use would violate applicable law, rule, regulation, provider requirements, Data Owner requirements, postal requirements, or the Agreement. Such suspension or discontinuation will not constitute a default if reasonable under the circumstances.

(l) Updates

Postcards.ai may update these Third-Party Provider Terms with reasonable notice to Customer. Continued use of Third-Party Products after updated terms become effective constitutes acceptance of the updated terms.