Privacy Policy

1) Roles Under GDPR

• Controller (our own data): We are a controller for Account, billing, and platform usage data.
• Processor (your end users’ data): For Lead Data you collect via our Services, you are the controller and we act as your processor, processing that data under your instructions and our data processing terms.

2) Data We Collect

• Account & Profile: Name, email, password (hashed), company, role, contact details.
• Billing: Billing address and limited payment details via compliant processors; we do not store full card numbers.
• Technical/Log: IP address, device/browser info, pages viewed, timestamps, referrers, error logs.
• Usage: Feature interactions, limits/overages, workspace metadata, template selections.
• Cookies & Similar: Session, auth, A/B testing, analytics, and preference cookies. If disabled, parts of the Services may not function.
• Lead Data: Data your pages/funnels collect from end users (e.g., form submissions, events). You choose what to collect.

3) Legal Bases (EEA/UK)

• Contract: To provide and support the Services.
• Legitimate Interests: Security, fraud prevention, analytics, product improvement.
• Consent: Where required (e.g., certain cookies/marketing).
• Legal Obligation: Compliance with applicable laws and requests.

4) How We Use Data

• Provide, maintain, and improve the Services and customer support.
• Operate automation, analytics, and AI features (you should validate AI outputs).
• Communicate about important service notices (security, outages, billing). You cannot opt out of essential notices.
• Send optional product updates and marketing where permitted; you can opt out at any time.
• Detect, investigate, and prevent security incidents or abuse.
• Create Aggregated/Anonymized insights that do not identify individuals.

5) Sharing & Disclosures

• Processors/Sub-Processors: Hosting, analytics, email delivery, customer support, and payment providers bound by contracts to protect personal data.
• Integrations You Enable: If you connect third-party services (e.g., CRM, ESP, ad platforms), we share data as instructed by you. Those providers’ terms apply.
• Legal & Safety: To comply with law, enforce terms, or protect rights, safety, and security.
• Business Transfers: In mergers, acquisitions, or similar events, data may transfer subject to this Policy.
• No Sale of Lead Data: We do not sell your Lead Data.

6) International Transfers

We may process data globally. Where required, we use appropriate safeguards such as the EU Standard Contractual Clauses (SCCs) for transfers outside the EEA/UK. While abroad, data may be subject to local laws and authorities’ access.

7) Data Retention

We retain personal data for as long as necessary to provide the Services, comply with law, resolve disputes, and protect our rights. Unless you request otherwise, we aim to delete Account and Lead Data within 12 months after Account cancellation, subject to legal holds or archival requirements.

8) Security

We employ administrative, technical, and organizational measures designed to protect personal data. No system is 100% secure; you are responsible for maintaining the secrecy of your credentials and for configuring your pages and integrations securely.

9) Your Rights

• Access, rectify, or delete your Account data.
• Object to or restrict certain processing; portability for data you provided.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with a supervisory authority in your country/region.

Contact: [email protected] (Data Protection contact).

10) Children’s Privacy

The Services are not directed to children under 16. We do not knowingly collect data from children under 16. If you believe such data was provided, contact us to delete it.

11) Cookies & Tracking Preferences

You can control cookies through your browser. Some features require cookies. Do Not Track signals may not be honored due to industry inconsistency.

12) Regional Disclosures

California (CCPA/CPRA): Depending on your use, certain rights may apply (access, deletion, correction, opt-out of “sales/sharing”). We do not “sell” personal information as defined by CCPA/CPRA. Submit requests at [email protected].

13) Changes to This Policy

We may update this Policy from time to time. Material changes will be posted on the Site with a new “Last Updated” date.