Privacy Policy

Last updated: 2024-01-15 | Effective date: 2024-01-15

1. Introduction

ColdCopy ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cold outreach automation platform.

We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our services, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

  • Account information (name, email, company details)
  • Payment information (processed securely through Stripe)
  • Lead data you upload or import
  • Email content and campaigns you create
  • Communication preferences and settings

2.2 Information We Collect Automatically

  • Usage data and analytics
  • Device and browser information
  • IP addresses and location data
  • Cookies and similar tracking technologies
  • Email engagement metrics (opens, clicks)

2.3 Information from Third Parties

  • Enrichment data from authorized providers
  • Social media profiles (when connected)
  • CRM integration data

3. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Contract: To provide our services and fulfill our agreement with you
  • Consent: For marketing communications and optional features
  • Legitimate Interests: For business operations, security, and service improvement
  • Legal Obligation: To comply with applicable laws and regulations

4. How We Use Your Information

  • Provide and maintain our services
  • Process transactions and send related information
  • Send administrative and technical notices
  • Respond to your comments and questions
  • Analyze usage and improve our services
  • Detect and prevent fraud or abuse
  • Comply with legal obligations
  • Send marketing communications (with consent)

5. How We Share Your Information

We may share your information in the following circumstances:

5.1 Service Providers

  • Hosting providers (Vercel, Digital Ocean)
  • Database services (Supabase)
  • Email delivery services (Amazon SES)
  • Payment processors (Stripe)
  • Analytics providers (with consent)

5.2 Business Transfers

In case of merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5.3 Legal Requirements

We may disclose information when required by law, court order, or to protect our rights and safety.

6. Your Data Protection Rights (GDPR)

Under GDPR, you have the following rights:

Your Rights Include:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Request limited processing of your data
  • Right to Portability: Receive your data in a portable format
  • Right to Object: Object to certain types of processing
  • Right to Withdraw Consent: Withdraw consent at any time
  • Right to Complain: Lodge a complaint with supervisory authorities

To exercise any of these rights, please visit your Privacy Settings or contact us at privacy@coldcopy.cc.

7. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

  • Account data: Until account deletion + 30 days
  • Email campaign data: 2 years
  • Analytics data: 1 year
  • Financial records: 7 years (legal requirement)
  • Marketing consent: Until withdrawn

You can request deletion of your data at any time, subject to legal retention requirements.

8. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) with service providers
  • Adequacy decisions by the European Commission
  • Your explicit consent for specific transfers

9. Security Measures

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Employee training and confidentiality agreements
  • Incident response procedures

10. Cookies and Tracking

We use cookies and similar technologies to improve your experience. You can manage cookie preferences through our cookie banner or browser settings.

Types of Cookies We Use:

  • Essential: Required for basic functionality
  • Functional: Remember your preferences
  • Analytics: Understand usage patterns (with consent)
  • Marketing: Personalized advertising (with consent)

11. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal information from children. If you believe we have collected such information, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through our platform. The "Last updated" date at the top indicates the most recent revision.

13. Contact Information

For privacy-related questions or to exercise your rights, contact us at:

ColdCopy Privacy Team

Email: privacy@coldcopy.cc

Address: [Your Company Address]

Data Protection Officer: dpo@coldcopy.cc

14. Supervisory Authority

If you are in the EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.

Have Questions?

We're committed to transparency and protecting your privacy. If you have any questions about this policy or how we handle your data, please don't hesitate to contact us.

Manage Privacy SettingsContact Us