Sales Connect AI Privacy Notice

Personal Data We Process

The personal data we collect depends on who you are and how you interact with the Services. We may collect the categories below (examples are illustrative and not exhaustive):

• Contact Information. Name, business name, email address, phone number, postal address; account credentials and profile details.
• Customer Account Data. Billing contact(s), subscription details, purchase history, workspace settings, users and roles, onboarding, and verification data (e.g., where required for messaging or telephony features).
• Lead, Client & Conversation Data. Lead and client records, pipeline and status information, notes, booking or appointment details, communication history, and other content uploaded to or generated by the Services for business use.
  If call recording, voicemail recording, or transcription features are enabled, data may include recordings and transcripts (where permitted by law and configured by the business customer).
• Payment Information. Tokenized payment method details and billing address processed by our payment processor(s) (e.g., Stripe). We receive limited billing details from processors to reconcile accounts; we do not store full card numbers.
• Communications Usage Data. Message/call metadata when you send SMS, email, or voice via integrated providers (e.g., time/date, sender/recipient, delivery status, IP addresses, routing information). The content of communications may be processed when necessary to provide Services you enable (such as generating summaries, providing support, troubleshooting delivery issues, preventing abuse, or complying with law).
• Device & Online Activity. IP address, device/browser type, operating system, general location (city/region), referring pages, pages viewed, and interactions collected via cookies, pixels, and similar technologies on our sites and app.
• Professional Information. Company, role/title, and related business details you provide to us.
• Support & Feedback. Information you provide in tickets, chats, calls, or screen shares with our support team, surveys, or reviews (which may be recorded, where permitted by law).
• Public/Third-Party Sources & Integrations. We may receive data from integrations enabled by our customers (e.g., advertising lead forms, calendars, CRMs), and from service providers consistent with settings and applicable law.
• Sensitive Information. We do not intentionally collect “sensitive” data (such as precise geolocation, government IDs, or health data) unless it is provided to a business customer through a lead form or communication flow configured by that business. If you believe sensitive information was submitted in error, contact us (and/or the business) to request deletion.

How We Process Personal Data

We use personal data where necessary to provide and improve the Services and operate our business, including:

• Creating and managing accounts; authenticating users; providing onboarding.
• Providing, maintaining, and improving features; troubleshooting and support.
• Processing orders and payments; billing and accounting; tax and audit compliance.
• Enabling communications (SMS, email, voice, and AI-powered calls) and related routing/metadata processing via integrated providers and telecom partners.
• Powering AI features (for example, suggested replies, call summaries, lead routing, and draft content) using inputs such as prompts and conversation data, in line with settings configured by the business customer and applicable law.
• Detecting, preventing, and investigating spam, fraud, abuse, and security incidents.
• Complying with legal obligations and enforcing terms and policies.
• Sending service-related notices and, where permitted, marketing communications in line with preferences.
• Analyzing usage of the Services, improving user experience, and developing new products and features.
• Conducting demos, trainings, webinars, events, and providing resources (e.g., playbooks, guides, and whitepapers).
• Aggregating, de-identifying, or anonymizing data to generate insights and improve the Services. We do not attempt to re-identify data once de-identified.

Where required, we rely on consent (for example, certain marketing/cookie uses or call recording where required by law). Otherwise, we process data to perform our contract with customers, to comply with law, and/or based on legitimate interests such as securing and improving the Services.

How We Disclose Personal Data

We disclose personal data in the following circumstances:

• Service Providers & Subprocessors. Vendors who help us deliver the Services (e.g., hosting and storage, communications, AI infrastructure, analytics, support, payment processing). They may access personal data only to perform services for us and must protect it appropriately.
• Communications & Telecom Partners. Where messaging or voice is enabled, routing may involve telecom carriers, aggregators, or over-the-top providers to deliver communications. Metadata necessary to transmit messages/calls is shared with those providers per their policies and applicable law.
• Business Customers. If you interact with a business using our platform, we share your data with that business as needed to provide the Services to them and to enable them to respond to you.
• Legal, Safety, and Compliance. To comply with law or legal process; to protect rights, safety, and security; to prevent fraud/abuse; or in emergencies.
• Business Transfers. In connection with mergers, acquisitions, or similar transactions, subject to appropriate protections.
• Aggregated/De-identified Data. We may share insights that do not identify individuals.

We do not sell personal information. Depending on your jurisdiction, certain sharing for advertising analytics may be considered “sharing” for targeted advertising. Where applicable, you can opt out via cookie controls or by contacting us.

International Data Transfers

We may transfer personal data to countries other than your own (including the United States) where we or our providers operate. When we do, we use appropriate transfer mechanisms and safeguards as required by applicable law (e.g., Standard Contractual Clauses and supplemental measures, or other approved mechanisms). If you are in the EEA, UK, or Switzerland, you may contact us for more information about these safeguards.

How We Secure Personal Data

We employ administrative, technical, and physical measures designed to protect personal data, taking into account the nature of the data and the state of the art. Controls include encryption in transit, least-privilege access, logging/monitoring, and security reviews. No system is perfectly secure; please use strong passwords and keep credentials confidential.

How Long We Retain Personal Data

We retain personal data only as long as necessary for the purposes described in this Notice (e.g., to provide the Services, meet legal/accounting obligations, resolve disputes), then delete or de-identify it in accordance with retention policies and applicable law.

Your Rights and Choices

Depending on your location, you may have rights to access, correct, delete, or port your personal data; object to or restrict certain processing; and withdraw consent. You may also have the right to opt out of targeted advertising or certain profiling.

• Account Controls. If you are an account holder (a business customer), you can access and update many data points in-app. For other requests, contact us using the details below.
• Marketing Preferences. You can unsubscribe via links in our emails or adjust preferences in your account. We may still send service/transactional messages.
• Cookies / Targeted Advertising. You can manage cookie preferences as described below. Where applicable, you may opt out of certain targeted advertising.
• California/US State Privacy. If you are a resident of California or other US states with privacy laws, you may have the rights described above. We do not knowingly sell personal information. You can exercise opt-out choices related to cookies/ads as described below.
• EEA/UK/Swiss Users. You have GDPR rights as stated above and may lodge a complaint with your data protection authority.

If we process your personal data on behalf of a business customer, we will direct you to that business to exercise your rights. You can also review our Data Deletion Instructions.

Cookies & Other Tracking Technologies

We use cookies, pixels, and similar tools on our websites and app to remember settings, keep you signed in, analyze usage, and personalize content/ads where permitted. You can manage preferences via our cookie banner/manager and your browser settings. Note that required cookies are necessary for core functionality and cannot be disabled.

• Manage Using Your Browser. Most browsers let you refuse or delete cookies. Doing so may affect site functionality.
• Universal Signals. Where legally required and technically feasible, we honor global privacy signals (e.g., GPC) for opt-out preferences.
• Advertising Choices. Interest-based advertising choices may also be available through third-party tools (e.g., DAA/NAI), where applicable.

Children

The Services are not directed to children under 18 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us and we will take appropriate steps to remove it.

Automated Decision-Making

We may use automated systems to help detect spam, fraud, or abuse and to safeguard the Services. We may also use automation to assist with lead scoring or prioritization as configured by a business customer. We do not make decisions with legal or similarly significant effects without human involvement where required by law. You may request information about certain automated processing by contacting us.

Meta/Facebook Lead Ads & Platform Data

Some businesses that use Sales Connect AI choose to connect advertising lead sources such as Meta (Facebook/Instagram) Lead Ads. When enabled by a business customer, we may receive lead information submitted by individuals through lead forms (for example, name, email, phone number, and answers to form questions) so that the business can follow up.

When we receive lead data from these platforms, we use it to provide the Services to the business customer (e.g., create a lead record, route the lead, trigger a follow-up workflow). Businesses are responsible for ensuring they have appropriate notices and permissions to contact leads (including for SMS and phone calls) and for configuring their compliance settings within Sales Connect AI.

If you submitted your information via a Meta lead form and want it deleted, you can contact the business you submitted it to, and/or follow our Data Deletion Instructions.

How to Contact Us

Questions or concerns about this Notice or our practices? Contact our privacy team at privacy@salesconnectai.com or write to:

Changes to This Notice

We may update this Notice from time to time to reflect legal, technical, or business developments. The updated version will be posted here with a new “Last Updated” date. If we make material changes that affect your rights, we will provide additional notice (e.g., in-app message or email) as required by law.