Coupon code copied!
Book demo
Login
Start for free

DRIPIFY PRIVACY POLICY

Last Update: January 1, 2022

Dripify (“Dripify”, “We”, “Us”, “Our”) respects Your privacy and is committed to being transparent about Our data practices and to complying with applicable legislation to protect the confidentiality and security of Your personal data.

This Privacy Policy explains how We process the Customer’s and the Customer’s Authorised Users (“You”, “Your”) Personal Data when You use the Dripify platform at https://app.dripify.com/ (“Platform”).

PLEASE READ THIS PRIVACY POLICY CAREFULLY. By registering an account at the Dripify Platform, You confirm that You have read and understood this Privacy Policy. If You do not agree with this Privacy Policy, please do not use the Platform.

By registering an account on the Dripify Platform, You confirm that You have reached the age of legal majority in Your jurisdiction or are at least 18 years of age, whichever is greater. Please do not use Our Platform if You do not meet this requirement.

This Privacy Policy should be read together with Our Terms of Service usand Cookie Policy, which are incorporated herein by reference. Any capitalized terms not defined in this Privacy Policy shall have the meaning assigned to them in those documents.

  1. DEFINITIONS

The following terms shall have the following meanings:

Applicable Legislation: the legislation and regulations and/or (further) treaties, regulations, directives, decrees, policy rules, instructions, and/or recommendations from a competent public body to the extent they are legally binding and concerning the Processing of the Personal Data, also including future amendments of and/or supplements thereto.

Consent: any freely given, specific, informed, and unambiguous indication of the Data Subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the Processing of the Personal Data relating to them.

Controller: the natural or legal person, agency, or other body which, alone or jointly with others, determines the purposes and means of the Processing of the Personal Data.

Cookies: small files placed on Your device in connection with the use of the Platform, as further described in the Cookie Policy.

Customer: any natural person acting in a personal capacity or any legal entity that registers an account on the Platform and enters into an agreement with Dripify to access and use the Services. The term “Customer” as used in this Privacy Policy refers to both individual and business Customers, unless specified otherwise.

Customer’s Authorized Users: the Customer’s employees, contractors, agents, representatives, and other persons authorized by the Customer (Controller) to use the Services, who qualify as Data Subjects whose Personal Data is processed by Dripify (Processor) in the course of providing the Services.

Customer’s Personal Data: any Personal Data relating to the Customers or their Authorized Users, disclosed, transmitted, submitted, uploaded, stored, modified, or otherwise made available by the Customer to, within, or for the Processing by Dripify on the Customer’s behalf, and includes the Customer’s Authorized Users’ Personal Data and the Leads’ Personal Data.

Data Subject: the identified or identifiable natural person to whom the Personal Data pertain under the Applicable Legislation.

GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Instruction: documented instructions issued by the Controller to the Processor, in accordance with the Applicable Legislation, which define the scope, purpose, and conditions by which the Processor is permitted to process the Personal Data on behalf of the Controller.

Lead: any identified or identifiable natural person whose Personal Data is processed by the Customer via the Platform for the purposes of prospecting, outreach, sales engagement, or other business development purposes. Leads typically include individuals whose information is obtained from publicly available sources (e.g., social networking profiles) or imported by the Customer. Leads are not Users of the Platform and have no direct relationship with Dripify.

Lead’s Personal Data: any Lead’s Personal Data that is uploaded, imported by the Customer and/or Customer’s Authorized Users via the Platform during prospecting and outreach activities and/or other use of the Services.

Personal Data: any information relating to an identified or identifiable natural person (Data Subject); an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Platform: a Software-as-a-Service complex or system provided by the Processor through which the searching, identification, and pre-qualification of potential Leads are carried out, campaigns are created and managed, and access to the Services’ functionality is ensured.

Processing: any operation or set of operations performed on the Personal Data or on sets of the Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

Processor: a natural or legal person, agency, or other body which processes the Personal Data on behalf of the Controller.

Services: any services and functionalities provided by the Platform, including access to subscription features, tools, content, and interactions.

Supervisory Authority: one or more independent public bodies responsible for supervising the application of the Applicable Legislation, to protect the rights and fundamental freedoms of natural persons in connection with the Processing of their Personal Data.

Usage Data: data collected automatically and generated by the use of the Services or from the Service infrastructure itself.

  1. SERVICE OVERVIEW
    1. Dripify is the Software-as-a-Service automation Platform that enables Customers to manage and optimize outreach, lead generation, and sales engagement through social networking and email. The Platform provides tools for campaign creation, automation, analytics, integrations with relationship management systems, team collaboration, and secure data management, ensuring compliance with the Applicable Legislation. A full description of the Services is available in Our Terms of Service.
  1. SCOPE OF THIS PRIVACY POLICY
    1. This Privacy Policy applies to all individuals and entities who are registered on the Platform and access or use the Platform or otherwise interact with Dripify, including Customers, the Customer’s Authorized Users, and third parties whose Personal Data is processed through the Platform.
  1. THE PURPOSES, LEGAL BASIS, AND CATEGORIES OF THE CUSTOMER’S PERSONAL DATA PROCESSED
  1. When You use Our Services, We process certain information, including Personal Data, either directly or through automated means. For more information, please refer to Our Cookie Policy.
  2. During the provision of the Services, Dripify will process the following categories of the Customer’s and the Customer’s Authorized Users’ Personal Data exclusively for the purposes outlined in this Privacy Policy:
  1. User Account Registration and Identification Data: First name, last name, email address.
  2. Google Sign-In Data: First and last name, email address.
  3. Social Networking Data: social networking email address, social networking profile URL, social networking public ID, social networking message conversations in inbox, Gmail/G-Suite account, Location, social networking cookies, social networking account activity and behavioral data (e.g., profile views since last week). Such data is made available to Dripify solely through the Customer’s connected social networking accounts, subject to the Customer’s configuration. The social networking password is used for one-time authentication only and is not stored by Dripify. Where message or communication content (including email or inbox messages) is processed through the Platform, Dripify does not determine the content of such communications and does not use it for its own independent purposes. Such Processing is limited to what is necessary to provide the Services and is carried out in accordance with the Applicable Legislation and the roles of the parties as described in this Privacy Policy.
  4. The Technical and Usage Data: IP address or other device identifiers, browser and operating system, referral URLs, search terms, visited areas within the Services, and other data typically exchanged when browsers communicate with websites.
  5. Billing and Subscription Data: Billing name, email, country, and billing address, subscription plan details, transaction history (dates, amount, status, provided via FastSpring), and financial data securely managed by FastSpring, which is PCI-DSS compliant.
  6. Company Information: role within the company (e.g., Owner, CEO).
  1. The aforementioned Customer’s and the Customer’s Authorized Users’ Personal Data are necessary for the proper provision of the Services by Dripify. Specifically, User Account Registration, Identification Data, and the Social Networking Data are used for creating, modifying, and managing Accounts, granting access to the Services, simplifying password recovery, and sending important non-marketing notifications related to the Services. The Social Networking Data is used for authentication and authorized access to connected social networking accounts. If You sign in using the “Sign in with Google” option, We process Your first and last name, email address, and language settings from Google. This data is used only for authentication and account creation. 
  2. When the Customer and the Customer’s Authorized Users use the «Contact Us» form or other request forms available through the Platform to send a request to Dripify, Dripify requests their first and last name and email address. This information is necessary to respond to requests and is used for this limited purpose only.
  3. The Technical and Usage Data are automatically processed when the Customer and the Customer’s Authorized Users access or interact with the Services. This data is used primarily in aggregated form to ensure the functioning and quality of the subscription, enable security monitoring and session management, optimize performance, and improve the Services, including their functionality and analytics. While certain identifiers (e.g., IP addresses) may constitute the Personal Data, such data is aggregated and processed primarily for security, analytics, and service improvement purposes.
  4. Billing and Subscription Data are crucial for subscription management, invoicing, transaction history, and compliance with tax/accounting regulations. If the Customer provides credit card data, Dripify does not collect or store it. Such data is processed and stored exclusively by the Sub-processor in compliance with PCI DSS standards, solely for payment processing, invoicing, and fraud prevention.
  5. Dripify will not intentionally process any special or sensitive categories of the Customer’s and the Customer’s Authorized Users’ Personal Data (such as health data, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, or data concerning sex life or sexual orientation). The Customer undertakes not to provide such data when using the Services. 
  6. During the provision of the Services, Dripify shall process the Customer’s Authorised Users’ Personal Data on behalf of the Customer in accordance with Article 28 of the GDPR and solely on the basis of the Customer’s Instructions.
  7. Dripify processes the individual Customer’s Personal Data based on the following legal grounds under Article 6 of the GDPR, acting as the Controller: 

(i) performance of a contract under Article 6 cl.1(b) of the GDPR: Dripify processes the User Account Registration and the Identification Data, the Google Sign-In Data, the Social Networking Data, and the Company Information in accordance with Sections 4.3, 4.4; 

(ii) compliance with legal obligations under Article 6 cl. 1(c) of the GDPR: Dripify processes the Billing and Subscription Data in accordance with Section 4.7 of this Policy; 

(iii) legitimate interests under Article 6 cl. 1(f) of the GDPR: Dripify processes Technical and Usage Data for technical data processing, localization, and communications to secure, maintain, and improve the Services, in accordance with Section 4.6.

  1. THE PURPOSES, LEGAL BASIS, AND CATEGORIES OF THE LEAD’S PERSONAL DATA PROCESSED
  2. During the Services provision, and for the purposes set out in this Privacy Policy and the Terms of Service, Dripify processes the Lead’s Personal Data strictly in accordance with the Customer’s Instructions and the authorization granted under the Terms of Service in compliance with Article 28 of the GDPR. To enable the effective delivery of the Services, the following categories of Personal Data may be processed:
  1. Identification and Contact Information: Unique identifiers used within the Platform (ID, public ID, tracking ID, recruiter ID, Sales Navigator ID), first name, last name, photo, email, and phone number.
  2. Professional Data: Current position, company name, industry, location, city, country.
  1. The listed Lead’s Personal Data is essential for Dripify to provide the Services, as such Processing is necessary for searching, identifying, and technically filtering potential Leads through the Platform and creating campaigns, as well as for providing technical functionalities that allow the Customer to contact such Leads on behalf of the Customer’s Authorized Users to perform these actions in their name. This Lead’s Personal Data is also used to enable access to the Platform and its functionality, support the technical transmission of communication with Leads on behalf of the Customer and the Customer’s Authorized Users (including updates and important notifications), and for Account management purposes. Additionally, it is used for audience segmentation in campaigns to enable the Customer to configure and send messages and requests, as well as for analytics and reporting, including the collection of aggregated data, evaluation of campaign effectiveness, and preparation of reports for the Customer.
  2. At the Customer’s Instructions, the Customer expressly instructs and authorizes Dripify to process the Lead’s email addresses by using the Platform’s built-in “Find email” functionality. Dripify does not determine or control the scope, content, or nature of any Lead’s Personal Data that the Customer’s Authorized Users upload, generate, or manage on the Platform. Such information is fully determined by the Customer and remains under its sole responsibility.
  3. The Lead’s Personal Data is not used by Dripify for its own independent marketing purposes, and Dripify does not conduct targeted advertising based on the Lead’s Personal Data.
  4. The Lead’s Personal Data is not shared, disclosed, transferred, or otherwise made accessible to any other Customer, and remains exclusively associated with the Customer on whose behalf it was processed.
  5. Dripify does not process any special categories of the Lead’s Personal Data as defined under Article 9 of the GDPR.
  6. Dripify processes the Lead’s Personal Data based on the following legal grounds under Article 6 of the GDPR: 

(i) performance of a contract under Article 6 cl. 1(b), in connection with the provision of the Services to the Customer, and strictly in accordance with the Customer’s Instructions pursuant to Article 28 of the GDPR and the authorization granted under the Terms of Service.

  1. MARKETING
  1. For Dripify’s own marketing activities, We may process the following Marketing Data: first and last name, email address, role within the company (e.g., Owner, CEO), marketing preferences, IP address, online identifier, location, and details on how You interact with Our Platform (including Website and email interactions). 
  2. This Marketing Data is collected directly from the Customer and the Customer’s Authorised Users during their interactions with the Platform and related emails.
  3. Dripify processes Marketing Data to send newsletters and other communications related to the Services, including product updates and promotions, to optimize the Platform experience and tailor subscription offers.
  4. You can opt out of marketing emails at any time by using the “unsubscribe” link, updating the Account settings, or contacting support@dripify.com. Even if You opt out, We may still send essential service emails such as security notices or Account updates. Essential technical or legal notifications, including updates to the Terms of Service or the Privacy Policy, are not marketing emails and may still be sent.
  5. We use strictly necessary Cookies to operate the Services. Any analytics or marketing Cookies and similar technologies are used only where We have a valid, lawful basis and can be managed via Our Cookie banner. See Our Cookie Policy.
  6. To execute marketing, We may use Sub-processors’ services. Our current Sub-processors are listed in Section 15 of this Policy. We do not sell the Customer’s Personal Data.
  7. Dripify processes Marketing Data based on the following legal grounds under Article 6 of the GDPR:

(i) Consent under Article 6 cl. 1(a) for marketing communications and non-essential Cookies;

(ii) performance of a contract under Article 6 cl. 1(b) for necessary service communications that are not marketing; 

(iii) legal obligations under Article 6 cl. 1(c) to maintain records of the Consent, opt-outs, and to comply with the Applicable Legislation. 

  1. DATA PROCESSING PRINCIPLES
  2. Dripify applies core principles to ensure the Personal Data is processed lawfully, fairly, and securely under the Applicable Legislation:
  1. Purpose Limitation. The Personal Data is processed only for specific, explicit, and legitimate purposes described in this Policy. The Processing for any new purpose will occur only with notice and, where required, the Consent or communication and approval of the Controller, Data Processing Agreement, or the Instructions.
  2. Lawfulness, Fairness, and Transparency. The Processing is carried out on valid legal grounds, in a fair and transparent manner. We provide clear information about the categories of the Personal Data We process, the purposes, and the recipients.
  3. Data Minimization. We limit the Processing of the Personal Data to what is necessary for the purposes described.
  4. Accuracy. Reasonable steps are taken to keep the Personal Data accurate and up to date. Customers are responsible for ensuring submitted information remains current.
  5. Storage Limitation. The Personal Data is retained only as long as necessary to fulfill its purposes or comply with legal requirements, after which it is securely deleted as specified in Section 11.
  6. Security and Confidentiality. Appropriate technical and organizational measures protect the Personal Data against unauthorized access, alteration, or loss. Security practices are reviewed and updated regularly.
  7. Respect for Individual Rights. Dripify respects the rights of Data Subjects, including rights of access, rectification, erasure, restriction, and objection, as set out in this Privacy Policy.
  1. No Sale of the Personal Data. Dripify does not sell the Personal Data to third parties. The Personal Data is shared only as required to provide the Services or as permitted by the Applicable Legislation.
  2. Ongoing Commitment. The Personal Data protection practices are periodically assessed and updated to align with legal standards and industry best practices.
  1. ROLES OF THE PARTIES
  1. In relation to the Personal Data of the business Customers, Dripify acts as the Processor within the meaning of the Applicable Legislation. Dripify processes the Customer’s Authorized Users’ Personal Data solely on behalf of and under the Instructions of the business Customer, who acts as the Controller. For the avoidance of doubt, where the Customer is a business entity, the Customer’s Authorized Users act on behalf of and under the authority of the Customer as the Controller, and any actions performed by such Customer’s Authorized Users within the Platform are deemed to be actions of the Customer.
  2. In relation to the Personal Data of the individual Customers, Dripify acts as the Controller. In this capacity, Dripify determines the purposes and means of the Processing as outlined in Sections 4.2 – 4.7 of this Policy. All the Processing activities performed by Dripify as the Controller are conducted in compliance with the Applicable Legislation.
  3. In the Processing of the Lead’s Personal Data, Dripify acts as the Processor in relation to both the business and the individual Customers. For the avoidance of doubt, Dripify does not determine the purposes or means of Processing the Lead’s Personal Data. All such decisions are made solely by the Customer acting as the Controller, and Dripify acts strictly on the Customer’s Instructions.
  4. As the Processor, Dripify shall:
  1. Process the Customer’s Personal Data only on the Customer’s Instructions lawfully, fairly, and transparently, in compliance with the Applicable Legislation.
  2. Implement appropriate technical and organizational measures to protect the Customer’s Personal Data.
  3. Ensure that personnel authorized to process the Customer’s Personal Data are bound by confidentiality obligations.
  4. Not access, use, or disclose the Customer’s Personal Data for any purpose other than providing the Services, except where required by the Applicable Legislation.
  5. Assist the Customer in fulfilling its obligations as the Controller, including under Article 28 of the GDPR, where applicable.
  6. As the Controller, Dripify shall:
  1. Process the Personal Data lawfully, fairly, and transparently, in compliance with the Applicable Legislation.
  2. Collect and retain only Personal Data necessary for the Service provision specified and on the basis of relevant legal grounds.
  3. Implement appropriate technical and organizational measures to ensure confidentiality, integrity, and availability.
  4. Ensure that personnel authorized to access the Personal Data are bound by confidentiality obligations.
  5. Respect and facilitate the Data Subject’s rights.
  6. Retain the Personal Data only for as long as required in accordance with Section 11.
  1. When Dripify conducts its own marketing activities, Dripify does not use the Lead’s Personal Data for Dripify’s marketing activity.
  2. Where Dripify processes metadata (such as technical logs or error reports), such Processing is limited to maintaining the security, availability, and functionality of the Platform. Such Processing does not involve the use of the Customer’s Personal Data for purposes other than the provision and maintenance of the Services and is carried out in accordance with the Applicable Legislation.
  1. DATA ACCURACY
  2. Customers are responsible for ensuring that the Customer’s Personal Data provided to the Platform is accurate and kept up to date. Customers may update such data through the Account settings or by contacting Dripify at support@dripify.com. Dripify shall not be responsible for inaccuracies resulting from information provided by Customers, provided that Dripify has not been notified of such inaccuracies and has no reasonable grounds to believe that the Personal Data is inaccurate.
  1. SOURCES OF THE PERSONAL DATA
  1. Dripify receives the Customer’s Personal Data from different sources, depending on the category of the Personal Data.
  2. The Customer’s Personal Data is provided by the Customer and the Customer’s Authorised Users when creating or managing the Account, completing forms, including contact or support requests, subscribing to communications, or submitting or uploading information in connection with campaigns or the Platform features.
  3. Dripify processes the Technical and Usage Data through a combination of Cookies, as well as through direct interactions with the Platform, system logs, and the Services functionality, subject to applicable lawful bases and Cookie preferences, as described in the Cookie Policy.
  4. In the context of providing the Services, Dripify may also process Personal Data obtained from publicly available sources, such as social networking, or received from Sub-processors, including payment service providers, in accordance with the Applicable Legislation, contracts, and the Instructions of the Customer, where applicable.
  1. DATA RETENTION
  1. Dripify retains the Personal Data only for as long as necessary to fulfill the purposes for which it is processed, as described in this Privacy Policy, and in accordance with the Applicable Legislation.
  2. The retention period depends on the category of the Personal Data, the purpose of the Processing, the role of Dripify, and applicable legal, regulatory, contractual, and compliance requirements.
  3. The Customer’s and the Customer’s Authorized Users’ Personal Data is retained for the duration of the provision of the Services. In cases of Account inactivity, the Customer’s and the Customer’s Authorized Users’ Personal Data is retained for up to 180 calendar days from the date of the Customer’s last Account activity to support Account administration, security, compliance with legal obligations, and the resolution of any outstanding matters, after which it is deleted in accordance with the Applicable Legislation. Dripify will notify the Customer in advance of the Account deletion in accordance with the Terms of Service.
  4. Where the Account remains active, the Customer’s and the Customer’s Authorized Users’ Personal Data is retained for the duration of the provision of the Services and no longer than 3 years from the Customer’s last use of the Services.
  5. Dripify will delete the relevant Customer’s and the Customer’s Authorized Users’ Personal Data within 1 month following receipt of a valid deletion request, upon termination of the Agreement or documented Instruction, as applicable. Where permitted under the Applicable Legislation, this period may be extended by up to 2 months in cases of complexity or volume, in which case the requester will be informed of the extension and the reasons for it without undue delay. Where deletion is not permitted or required under the Applicable Legislation, Dripify will restrict further Processing.
  6. The Lead’s Personal Data processed by Dripify as the Processor is retained solely in accordance with the Customer’s Instructions or deleted or returned.
  7. The Billing and Subscription Data are retained for the period required to comply with applicable tax, accounting, and financial regulations, up to 7 years following the end of the relevant financial year, unless the Applicable Legislation requires otherwise.
  8. The Marketing Data is processed and retained in accordance with the Applicable Legislation and only for as long as a lawful basis for such Processing exists. Upon receipt of a valid request, Dripify ceases marketing processing without undue delay in accordance with Applicable Legislation. Certain marketing-related records, such as suppression records and delivery metadata, may be retained for compliance and audit purposes for up to 3 years from the date of unsubscribe to marketing, and are deleted in accordance with the storage limitation principle under the Applicable Legislation.
  9. Where required by the Applicable Legislation, Dripify may retain certain Personal Data for longer periods to comply with legal obligations, respond to regulatory or law enforcement requests, establish, exercise, or defend legal claims, or ensure compliance with data protection requirements.
  1. YOUR RIGHTS AND HOW TO EXERCISE THEM
  2. If the Processing of the Personal Data relating to You is subject to European Union, United Kingdom, or Swiss data protection laws, You may have certain rights in respect of that Personal Data, subject to applicable legal conditions and limitations. Depending on the Applicable Legislation, these rights may include:
  1. The right to access Your Personal Data and obtain confirmation as to whether such Personal Data is being processed.
  2. The right to request rectification of inaccurate or incomplete Your Personal Data.
  3. The right to request erasure of Your Personal Data in certain circumstances.
  4. The right to restrict the Processing of Your Personal Data in certain circumstances.
  5. The right to object to the Processing of Your Personal Data in certain circumstances.
  6. The right to data portability, where the Processing is based on Your Consent or a contract and is carried out by automated means.
  7. The right to withdraw the Consent at any time, where the Processing is based on the Consent, without affecting the lawfulness of the Processing prior to such withdrawal.
  8. The right not to be subject to automated individual decision-making, including profiling, where the Applicable Legislation provides such safeguards.
  9. The right to lodge a complaint with the competent Supervisory Authority.
  10. If the Processing of Personal Information (as defined under the California Consumer Privacy Act (“CCPA”)) relating to You is subject to CCPA, You may have certain rights in respect of that Personal Information, subject to applicable legal conditions and limitations. Depending on the applicable law, these rights may include:
  1. The right to know what categories and specific pieces of Personal Information are collected about You, and the purposes for which such Personal Information is used.
  2. The right to access Your Personal Information and receive it in a readily usable format, where required by the Applicable Legislation.
  3. The right to request correction of inaccurate Personal Information maintained about You.
  4. The right to request deletion of Your Personal Information, subject to statutory exceptions.
  5. The right to opt out of the sale or sharing of Your Personal Information, including sharing for cross-context behavioral advertising.
  6. The right not to receive discriminatory treatment for exercising any of Your privacy rights.
  7. The right to exercise Your rights through an authorized agent acting on Your behalf.
  8. The right to seek enforcement of Your rights under the Applicable Legislation through the competent data protection authority.
  1. Dripify may act as the Controller or the Processor depending on the specific Processing activity. Where Dripify processes Personal Data on behalf of its Customers, Data Subjects should primarily direct their requests to the relevant Customer, unless otherwise required by the Applicable Legislation.
  2. You may exercise Your rights by contacting Us at support@dripify.com. We may need to verify Your identity before responding, and We will handle requests in accordance with the Applicable Legislation.
  3. We may reserve the right, to the extent permitted by the Applicable Legislation, to refuse, limit, or delay a request in certain circumstances, including where the request is manifestly unreasonable or excessive, where We are unable to verify the identity of the requester, or where legal obligations prevent Us from fulfilling the request or could adversely affect the privacy or other rights of another person.
  1. DATA TRANSFERS AND INTERNATIONAL TRANSFERS OF PERSONAL DATA
  1. Your Personal Data may be transferred to and processed in countries outside Your jurisdiction, including countries outside the European Union and the European Economic Area, such as the United States, where Our infrastructure and certain Sub-processors are located.
  2. Where such transfers occur, We ensure that an appropriate level of protection is maintained in accordance with the Applicable Legislation. Such safeguards may include, as applicable:
  1. transfers to countries recognized by the European Commission as providing an adequate level of protection pursuant to Article 45 of the GDPR;
  2. the implementation of Standard Contractual Clauses adopted by the European Commission, together with supplementary technical and organizational measures, in accordance with Article 46 of the GDPR;
  3. the application of other lawful transfer mechanisms expressly permitted under the Applicable Legislation, where strictly required
  1. We apply appropriate technical and organizational measures to safeguard the Personal Data in connection with international transfers, proportionate to the risks identified and consistent with the Applicable Legislation.
  2. By using Our Services, You acknowledge that Your Personal Data may be transferred to and processed in jurisdictions where Our facilities and trusted Sub-processors operate. Further information regarding Our international data transfer safeguards may be provided upon request by contacting support@dripify.com.
  1. PERSONAL DATA PROTECTION
  1. Dripify is committed to protecting Your Personal Data and implements appropriate technical and organizational safeguards designed to ensure a level of security appropriate to the nature of the Processing, in accordance with the Applicable Legislation.
  2. These safeguards are intended to protect the Personal Data against unauthorized or unlawful Processing, as well as against accidental loss, destruction, or damage, and to support the ongoing confidentiality, integrity, and availability of the Services.
  3. Dripify maintains processes to monitor, review, and improve the security of its Services, taking into account technological developments, evolving threats, and applicable legal and regulatory requirements.
  4. You are responsible for maintaining the confidentiality of the credentials used to access the Services and for taking reasonable steps to prevent unauthorized access to Your Account. If You believe that the security of Your interaction with the Services has been compromised, please contact Us without undue delay at support@dripify.com.
  1. SERVICE PROVIDERS AND CONTRACTORS
  2. We engage carefully selected Sub-processors to help Us operate, deliver, and improve Our Services. Where they process the Personal Data, they do so solely on Our behalf and under Our instructions, pursuant to written agreements requiring compliance with the Applicable Legislation. The current list of Sub-processors is available upon request by contacting support@dripify.com and is set out below:
Sub-processor engaged by Dripify for the Processing of thePersonal Data Sub-processor’s role (purpose to transfer data for the Processing)Contractual and legal frameworkEntity geographical location
Amazon Web Services Inc.Amazon Web Services Inc., as the hosting provider and cloud services supplier, is responsible for hosting the Services, storing data, and ensuring their uninterrupted operation.Processing is carried out under the Data Processing Agreement.Northern Virginia, United States of America
HubSpot Inc.HubSpot Inc. processes the Customer’s Personal Data on behalf of Dripify for purposes such as CRM management, marketing automation, and analytics.Processing is carried out under the Data Processing Agreement.United States of America
FastSpring Bright Market LLCAs a Sub-processor, FastSpring Bright Market LLC processes the Customer’s Personal Data to facilitate online transactions, subscription billing, and Account management for the Services. Processing is carried out under the Data Processing Agreement.California, United States of America
Google Cloud EMEA Limited (Firebase Authentication)Firebase Authentication acts as an identity management and authentication provider by Processing the Customer’s credentials, verifying identities, and enabling secure access to the Services.Processing is carried out under the Data Processing Agreement.Republic of Ireland
Twilio Inc. (Sendgrid)Twilio Inc., through its SendGrid service, acts as an email delivery provider by Processing the Customer’s email addresses and related message content for the purpose of sending emails (e.g., user A invited You to join the team, password reset notifications, account confirmations).Processing is carried out under the Data Processing Agreement.United States of America
Clearout LLCClearout LLC, through its Clearout service, acts as an email verification system by Processing the Customer’s Personal Data to validate and verify the accuracy, format, and deliverability of email addresses submitted through the Services.Processing is carried out under the Data Processing Agreement.California, United States of America
  1. We share the Customer’s Personal Data with Sub-processors only to the extent necessary for the purposes set out in this Policy. Sub-processors are contractually bound by confidentiality, security, and data protection obligations. Where international data transfers occur, Dripify applies appropriate safeguards, as described in this Policy.
  2. The list of active Sub-processors may be updated from time to time. Dripify engages Sub-processors under a general authorisation model and maintains the list of Sub-processors. Where required under the Applicable Legislation, Customers may be informed of material changes.
  1. CHILDREN
  1. Our Services are not intended for or directed at individuals under the age of 18 or under the age of legal majority in their jurisdiction, whichever is greater. We do not knowingly collect or process the Personal Data from such individuals.
  2. If You are a parent or legal guardian and believe that Your child has provided Us with the Personal Data without Your Consent, please contact Us at support@dripify.com. We will promptly review the matter and take reasonable steps to delete the Personal Data and prevent further Processing.
  3. If We become aware that We have collected the Personal Data from a child under the age defined by the Applicable Legislation, We will take reasonable measures to delete such Personal Data as soon as possible and prevent further Processing.
  1. PRIVACY POLICY CHANGES
  1. We reserve the right to update or revise this Privacy Policy at any time. We encourage You to review it periodically to stay informed about Our privacy practices.
  2. All changes will take effect upon posting the updated Privacy Policy on Our Platform or within the Services, unless otherwise required by the Applicable Legislation. Your continued use of the Services after such changes constitutes Your acceptance of the revised Privacy Policy.
  1. GOOGLE API USER DATA COMPLIANCE
  1. If You connect Your Google account to Dripify, We request only the minimum access necessary to provide the authorized features enabled by You. We do not use Google user data for advertising purposes and do not sell such data.
  2. Google user data is processed solely to provide the enabled Services and is not independently stored or cached beyond what is technically necessary for that purpose or required by the Applicable Legislation, in accordance with the Google API Services User Data Policy. We apply appropriate technical and organizational safeguards to protect such data.
  1. LINKS TO OTHER WEBSITES
  1. Our Platform may contain links to third-party websites, applications, or services. Please note that Dripify is not responsible for the privacy practices, content, or security of such external resources.
  2. When You follow a link to a third-party website, application, or service, the Processing of Your Personal Data is governed by the privacy policy of that third party, not by this Privacy Policy. We encourage You to review the privacy policies of any third-party websites, applications, or services You visit before providing them with Your Personal Data.

If You have any questions or concerns about this Privacy Policy or Our data practices, please contact Us by email at support@dripify.com.

CONTACT US