Privacy Policy

Modern Postcard Privacy Policy

Last updated: 6/3/2026

At Modern Postcard, we respect your privacy. Please read this Privacy Policy carefully to learn how we collect, use, share, and otherwise process your information (“personal information”), and to learn about your rights and choices regarding your personal information.

This Privacy Policy applies to Iris Group, Inc. d/b/a Modern Postcard and its relevant affiliates, including Modern iO (“Modern Postcard,” “we,” “our,” or “us”). This Privacy Policy explains how we collect, use, disclose, share, and otherwise process personal information that we gather through our websites, products, services, communications, and business operations.

This Privacy Policy is intended to describe our privacy practices and the privacy rights available to certain individuals under applicable laws, including the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, “CCPA/CPRA”), where applicable. This Privacy Policy has also been updated to reflect our review of current privacy requirements and regulatory updates, including CCPA/CPRA regulations effective January 1, 2026.

This Privacy Policy applies to personal information collected through https://www.modernpostcard.com/, related subdomains and affiliated websites (the “Sites”), our products and services, branded social media pages, direct mail campaigns, emails, telephone calls, text messages, online forms, customer support interactions, and employment-related activities.

A reference to “Modern Postcard,” “we,” “us,” “our,” or the “Company” is a reference to Iris Group, Inc. d/b/a Modern Postcard and its relevant affiliates, including Modern iO, involved in the collection, use, sharing, or other processing of personal information.

This Privacy Policy also describes the privacy rights available to certain individuals under applicable law and explains how those rights may be exercised. Additional information regarding Modern iO privacy practices is available in the Modern iO Privacy Policy.

Please click the following links to learn more about our Privacy Policy:

1. Processing Activities Covered
2. Information We Collect
3. How We Use Your Information
4. How We Share Your Information
5. SMS Messaging Terms
6. How We Respond to ‘Do Not Track’ Signals
7. Cookies
8. Children’s Privacy
9. Change of Control
10. Data Security
11. Data Retention
12. International Transfers of Data
13. Policy Updates
14. Contact Information
15. Privacy Rights & Additional Disclosures for Certain U.S. Residents
16. Modern iO Services

1. Processing Activities Covered

This Privacy Policy applies to the processing of personal information collected by us when you:

• Visit our websites that display or link to this Privacy Policy;
• Visit our branded social media pages;
• Submit information through our online forms, surveys, or customer service channels;
• Receive communications from us, including direct mail postcards, emails, phone calls, chats, text messages, or faxes; or
• Apply for employment opportunities with us.

Third Party Links and Websites

Our Sites may contain links to and from third-party websites. If you follow a link to any of these websites, please note that they maintain their own privacy policies and practices. We do not accept responsibility or liability for the privacy practices or content of third-party websites. We encourage you to review the privacy policies of any third-party website before submitting personal information.

2. Information We Collect

Information You Give Us.

You may provide us with information by creating an account, submitting information through online forms or surveys, placing orders, requesting information, contacting customer service, applying for employment opportunities, or otherwise communicating with us.

The categories of personal information we may collect include:

• Identifiers: Real name, postal address, Internet Protocol (“IP”) address, email address, or other similar identifiers.
• Personal Information (Cal. Civ. Code § 1798.80(e)): Name, address, telephone number, employment information, payment information, or other information described in California law.
• Commercial Information: Products or services purchased, obtained, or considered, and purchasing histories or tendencies.
• Internet or Other Electronic Network Activity Information: Browsing history, search history, and information regarding interactions with our websites, applications, emails, advertisements, or services.
• Professional or Employment-Related Information: Employment history, job application information, resumes, and related information.
• Inferences: Information derived from the categories above to help us better understand customer interests, preferences, and service needs.

The categories of sensitive personal information we may collect include:

• Account log-in information, when combined with any required security or access code, password, or credentials allowing access to an account.

We do not collect sensitive personal information for the purpose of inferring characteristics about individuals.

Information We Automatically Collect.

Like many website operators, we automatically collect certain information when you visit our websites or interact with our online services.

This information may include:

• IP address
• Browser type and version
• Device information
• Pages visited
• Date and time of visits
• Time spent on pages
• Referring websites
• Email campaign interactions
• Advertising interactions

We may collect this information through cookies, web beacons, pixels, analytics tools, and similar technologies used to improve website functionality, user experience, marketing effectiveness, and security.

You may control certain cookie preferences through your browser settings or other available privacy controls.

Information We Collect From Third Parties.

We may receive information from third parties when:

• You interact with our content through social media platforms;
• You connect third-party services to our websites;
• We receive information from service providers, business partners, or publicly available sources; or
• Third-party platforms provide information consistent with your privacy settings and permissions.

The information we receive depends on the policies and settings of the applicable third-party service.

3. How We Use Your Information

We use your personal information for business and commercial purposes that are reasonably necessary and proportionate to providing our products and services, operating our business, complying with legal obligations, and supporting our customers.

We may use your personal information for the following purposes:

• To provide products and services, including:
• Maintaining and servicing customer accounts;
• Providing customer support;
• Processing and fulfilling orders and transactions;
• Verifying customer information;
• Processing payments;
• Providing requested products, services, and communications.
• To improve and develop our products and services, including:
• Analytics and reporting;
• Customer experience improvements;
• Service development and testing;
• Market research and planning.
• To maintain security and integrity, including:
• Detecting, investigating, and responding to security incidents;
• Protecting against fraudulent, unauthorized, or illegal activity;
• Debugging, troubleshooting, and repairing errors;
• Maintaining the safety, availability, and reliability of our systems and services.
• To communicate with you regarding:
• Customer service inquiries;
• Order status and account-related notifications;
• Product updates and service announcements;
• Employment opportunities and recruiting activities.
• To comply with legal, regulatory, accounting, contractual, and reporting obligations.
• To exercise and defend legal claims and protect the rights, property, and safety of Modern Postcard, Modern iO, our customers, and others.

Marketing Communications

We may use your personal information to send newsletters, direct mail, promotional communications, marketing materials, and information about products or services that may be of interest to you.

You may opt-out of marketing communications at any time by:

• Following the unsubscribe instructions included in applicable communications;
• Contacting us using the information provided in the “Contact Information” section of this Privacy Policy; or
• Submitting a request through our Privacy Rights & Opt-Out Request page.

Even if you opt-out of marketing communications, we may continue to send you transactional, service-related, security, or account-related communications where permitted by law.

4. How We Share Your Information

Affiliates and Service Providers

We may disclose personal information to our affiliates, service providers, contractors, and business partners as necessary to operate our business, provide products and services, fulfill customer requests, maintain our websites, and support our business operations.

Examples of service providers and contractors include those that assist with:

• Website hosting and technology services;
• Payment processing;
• Customer support and communications;
• Analytics and reporting;
• Marketing and advertising activities;
• Printing, mailing, and fulfillment services;
• Security monitoring and fraud prevention;
• Professional services such as legal, accounting, and consulting support.

We require service providers and contractors to protect personal information and to use it only for authorized business purposes consistent with applicable agreements and legal requirements.

Some service providers may collect information directly from you in accordance with their own privacy policies. For example, payment processors may collect billing and payment information necessary to complete transactions. In such cases, the collection and use of information by those providers is governed by their respective privacy policies.

Aggregated and De-Identified Information

We may aggregate, anonymize, or de-identify information so that it can no longer reasonably be associated with an individual. We may use and disclose such aggregated, anonymized, or de-identified information for lawful business purposes, including analytics, reporting, service improvement, research, and operational planning.

Legal and Compliance Disclosures

We may disclose personal information when required to:

• Comply with applicable laws, regulations, legal processes, or governmental requests;
• Enforce our agreements, policies, and terms;
• Protect the rights, property, or safety of Modern Postcard, Modern iO, our customers, employees, or others;
• Detect, investigate, prevent, or respond to fraud, security incidents, or other unlawful activity.

Business Transactions

If Modern Postcard or Modern iO is involved in a merger, acquisition, financing, reorganization, sale of assets, bankruptcy proceeding, or similar business transaction, personal information may be transferred as part of that transaction, subject to applicable legal requirements.

Sale or Sharing of Personal Information

Modern Postcard does not sell personal information for monetary consideration.

We may utilize analytics, advertising, communication, customer relationship management, and website technologies provided by trusted service providers and business partners to help operate our websites, understand website usage, improve our services, communicate with customers, and measure the effectiveness of our marketing efforts. Depending on applicable law and the specific technology involved, certain data disclosures associated with these activities may be considered “sharing” under California privacy laws.

Individuals may exercise applicable privacy rights, including submitting requests related to the sale or sharing of personal information, through our Privacy Rights & Opt-Out Request page located at:

https://www.modernpostcard.com/about/privacy-policy/privacy-request

You may also submit privacy-related requests by contacting us using the information provided in the “Contact Information” section of this Privacy Policy.

5. SMS Messaging Terms

Modern Postcard and Modern iO may communicate with customers, prospects, vendors, or other business contacts using text messaging when requested by the recipient or when reasonably necessary to provide customer service, support, account-related communications, scheduling, project coordination, or other business-related communications.

We do not currently operate a standalone SMS marketing program. If we introduce SMS marketing communications in the future, we will provide any required notices, disclosures, consent mechanisms, and opt-out options as required by applicable law.

Recipients may request that text message communications cease by notifying the sender directly or by contacting us using the information provided in the “Contact Information” section of this Privacy Policy.

Message and data rates may apply depending on your mobile carrier and service plan.

6. How We Respond to ‘Do Not Track’ Signals

Some web browsers offer a “Do Not Track” (“DNT”) setting that allows users to express a preference regarding the collection of information about their online activities over time and across websites.

Because there is currently no universally accepted standard for how websites should interpret or respond to DNT signals, Modern Postcard and Modern iO do not currently respond to browser-initiated DNT signals.

Certain browsers and browser extensions may also support Global Privacy Control (“GPC”) signals or similar privacy preference technologies. We continue to evaluate applicable legal requirements and technical standards relating to such signals. Individuals may exercise applicable privacy rights and submit privacy-related requests through our Privacy Rights & Opt-Out Request page or by using the contact information provided in this Privacy Policy.

For more information regarding your privacy choices, please refer to the sections of this Privacy Policy describing your privacy rights and available opt-out mechanisms.

7. Cookies and Similar Technologies

To help our websites and services function properly, we use cookies and similar technologies. A cookie is a small text file stored on your computer, mobile device, or browser when you visit a website. Cookies help websites remember information such as login preferences, settings, and other information that improves your experience when you return to the site.

We may use cookies, pixels, web beacons, analytics tools, tags, and similar technologies to:

• Operate and maintain our websites and services;
• Remember user preferences and settings;
• Improve website functionality and performance;
• Analyze website traffic and user interactions;
• Measure the effectiveness of marketing campaigns;
• Enhance security and detect fraudulent activity.

Analytics

We may use analytics providers to help us understand how visitors interact with our websites and services. These technologies may collect information such as IP address, browser type, device information, pages visited, referring websites, and interactions with our content.

This information helps us improve website performance, user experience, content, products, and services.

For more information regarding Google’s privacy practices, please visit:

https://policies.google.com/privacy

Google also provides tools that may allow you to manage certain analytics preferences, including the Google Analytics Opt-out Browser Add-on.

Managing Cookies

Most web browsers allow you to control cookies through browser settings. You may be able to:

• View stored cookies;
• Delete cookies;
• Block cookies;
• Configure notifications when cookies are placed.

Please note that disabling certain cookies may affect the functionality, performance, or availability of portions of our websites and services.

Information about managing cookies may be available from your browser provider, including:

• Google Chrome
• Mozilla Firefox
• Microsoft Edge
• Apple Safari

Advertising and Marketing Technologies

We may use advertising, marketing, customer relationship management, analytics, and communication technologies provided by trusted service providers and business partners to better understand customer interests, improve our marketing efforts, measure campaign performance, and provide relevant content and communications.

Depending on applicable law and the specific technology involved, certain data disclosures associated with these activities may be considered “sharing” under California privacy laws.

Individuals who wish to exercise applicable privacy rights, including requests related to the sale or sharing of personal information, may do so through our Privacy Rights & Opt-Out Request page:

https://www.modernpostcard.com/about/privacy-policy/privacy-request

8. Children’s Privacy

Our websites, products, and services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from individuals under 16 years of age.

If you believe that a child under the age of 16 has provided personal information to us, please contact us using the information provided in the “Contact Information” section of this Privacy Policy.

If we become aware that we have collected personal information from a child under the age of 16 without appropriate authorization, we will take reasonable steps to delete such information in accordance with applicable law.

9. Change of Control

Personal information may be transferred to a third party as part of a sale, acquisition, merger, financing, reorganization, bankruptcy proceeding, or other change of control involving Modern Postcard, Modern iO, or their affiliated businesses.

If all or a portion of our business, assets, or operations are sold, merged, transferred, or otherwise reorganized, personal information may be included among the transferred assets, subject to applicable legal requirements and appropriate protections.

10. Data Security

Modern Postcard and Modern iO maintain administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, disclosure, alteration, loss, misuse, or destruction.

Our security program includes measures such as:

• Access controls designed to limit access to authorized personnel on a need-to-know basis;
• Encryption technologies used to protect data in transit and, where appropriate, at rest;
• Security monitoring and logging systems;
• Vulnerability management and patch management processes;
• Authentication and account security controls, including multi-factor authentication where appropriate;
• Employee security awareness and training programs;
• Incident response, business continuity, and disaster recovery procedures.

We also utilize trusted service providers and technology partners that are contractually required to implement appropriate safeguards for the protection of personal information.

Where file transfers are required, secure transfer methods may be used, including encrypted file-sharing platforms and other secure transmission technologies.

While we take reasonable measures to protect personal information and maintain an information security program designed to reduce risk, no method of transmission over the Internet, electronic storage system, or security control can guarantee absolute security. Accordingly, we cannot guarantee or warrant the security of information transmitted to us or stored within our systems.

11. Data Retention

We retain personal information only for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, provide requested products and services, comply with legal obligations, resolve disputes, enforce agreements, protect our rights, and support legitimate business operations.

When determining appropriate retention periods, we consider factors such as:

• The nature and sensitivity of the information;
• The purpose for which the information was collected;
• The length of our relationship with the individual or organization;
• Applicable legal, regulatory, accounting, tax, and contractual requirements;
• Applicable statutes of limitation;
• Security, fraud prevention, and business continuity requirements; and
• The impact that deletion may have on our ability to provide services or maintain business records.

When personal information is no longer required for these purposes, we will securely delete, anonymize, or de-identify the information unless retention is required or permitted by law.

Additional information regarding our data retention practices, retention periods, deletion procedures, and consumer rights is available in our Data Retention Policy:

https://www.modernpostcard.com/about/privacy-policy/data-retention

Consumers may also submit requests to delete personal information through our Privacy Rights & Opt-Out Request page:

https://www.modernpostcard.com/about/privacy-policy/privacy-request

12. International Transfers of Data

Modern Postcard and Modern iO operate primarily within the United States. Personal information may be accessed, processed, stored, or transferred within the United States by Modern Postcard, Modern iO, their affiliates, service providers, contractors, and technology partners as necessary to provide products and services, fulfill contractual obligations, support business operations, or comply with legal requirements.

As a result, personal information may be transferred across state, national, or international borders. Privacy and data protection laws in the jurisdictions where information is processed may differ from those in your jurisdiction and may not provide the same level of protection.

Where required by applicable law, we implement reasonable administrative, technical, contractual, and organizational safeguards designed to protect personal information and support lawful transfers of data.

By providing information to us or using our websites, products, or services, you acknowledge that your information may be transferred to and processed in the United States and other jurisdictions where our service providers and business partners operate.

13. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our business practices, technologies, legal requirements, products, services, or privacy obligations.

When updates are made, the “Last Updated” date at the beginning of this Privacy Policy will be revised accordingly. We encourage you to periodically review this Privacy Policy to remain informed about our current privacy practices.

Any changes will become effective upon posting the updated Privacy Policy to our website unless otherwise required by applicable law.

For material changes that significantly affect how we collect, use, disclose, or protect personal information, we may provide additional notice where required by applicable law.

14. Contact Information

If you have questions about this Privacy Policy, wish to exercise your privacy rights, submit a privacy-related request, or have concerns regarding our collection, use, retention, or disclosure of personal information, please contact us using one of the methods below.

Privacy Rights & Requests

Privacy-related requests, including requests to:

• Access personal information;
• Correct personal information;
• Delete personal information;
• Opt-out of marketing communications; or
• Submit requests related to the sale or sharing of personal information, may be submitted through our Privacy Rights & Request Portal:
  https://www.modernpostcard.com/about/privacy-policy/privacy-request

Email

privacy@modernpostcard.com

Mail

Modern Postcard
Attn: Privacy Policy
1675 Faraday Avenue
Carlsbad, CA 92008

15. Privacy Rights & Additional Disclosures for Certain U.S. Residents

Residents of certain U.S. states, including California residents covered by the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), may have privacy rights regarding their personal information. This section supplements the other provisions of this Privacy Policy and applies solely to individuals entitled to such rights under applicable law.

Information regarding the categories of personal information we collect, sources of information, purposes of collection and use, and categories of third parties with whom information may be disclosed is provided throughout Sections 2 through 4 of this Privacy Policy.

Your Privacy Rights

Depending on your state of residence and applicable law, you may have the following rights:

Right to Know and Access

You may request information regarding:

• The categories of personal information we collect about you;
• The categories of sources from which personal information is collected;
• The business or commercial purposes for collecting, using, disclosing, or processing personal information;
• The categories of third parties to whom personal information is disclosed; and
• The specific pieces of personal information we have collected about you.

Right to Delete

You may request deletion of personal information we have collected about you, subject to applicable legal exceptions.

Right to Correct

You may request correction of inaccurate personal information maintained by us.

Right to Data Portability

Where applicable, you may request a portable copy of personal information that you have provided to us.

Right to Opt-Out of Sale or Sharing

Depending on applicable law, you may have the right to direct us not to sell or share personal information for certain advertising or marketing purposes.

Right to Limit the Use of Sensitive Personal Information

California residents may have the right to limit the use and disclosure of sensitive personal information. Modern Postcard and Modern iO do not use sensitive personal information for purposes beyond those reasonably necessary to provide requested products and services or as otherwise permitted by applicable law.

Right to Non-Discrimination

You have the right to receive equal service and pricing even if you choose to exercise your privacy rights.

Automated Decision-Making and Profiling

Modern Postcard and Modern iO do not currently engage in automated decision-making or profiling activities that produce legal or similarly significant effects concerning consumers. If such practices are implemented in the future, additional disclosures will be provided as required by law.

How to Exercise Your Rights

You may submit a verifiable privacy request through any of the following methods:

Privacy Rights & Request Portal:
https://www.modernpostcard.com/about/privacy-policy/privacy-request

Email:
privacy@modernpostcard.com

We will verify your identity before processing applicable requests and may request additional information as necessary to complete the verification process and protect against fraud.

Where required by law, we will respond to verifiable consumer requests within applicable statutory timeframes.

Authorized Agents

Authorized agents may submit requests on behalf of a consumer where permitted by law. We may require proof of authorization and may verify the identity of both the consumer and the authorized agent before fulfilling a request.

Appeal Process

If we deny a request to exercise a privacy right, we will provide an explanation of the basis for the decision and, where required by applicable law, information regarding any available appeal process.

California “Shine the Light” Rights

California Civil Code Section 1798.83 permits California residents to request information regarding disclosures of personal information to third parties for their direct marketing purposes. Requests may be submitted using the contact information provided in Section 14 of this Privacy Policy.

16. Modern iO Services

Modern iO is a marketing technology and direct mail solution offered by Modern Postcard. Modern iO may assist clients in identifying, analyzing, and engaging website visitors and prospective customers through direct mail and related marketing services.

Depending on the services utilized, Modern iO may use website technologies, analytics tools, cookies, pixels, and information obtained from trusted service providers and data partners to support audience identification, campaign measurement, marketing attribution, and direct mail marketing activities.

Modern iO provides tools, resources, disclosures, and operational support intended to assist clients in addressing applicable privacy and data protection requirements. However, each client remains responsible for maintaining its own privacy notices, consent mechanisms, website disclosures, and compliance with applicable laws and regulations.

Additional information regarding Modern iO privacy practices is available in the Modern iO Privacy Policy.

Individuals seeking to exercise privacy rights related to Modern iO services may submit a request through our Privacy Rights & Request Portal or by using the contact information provided in this Privacy Policy.