Web Project s.r.o. ID No.: 28596935, registered seat at Dlouhá 730/35, Prague 1 - Old Town, 110 00, the Czech Republic, incorporated in the Commercial register maintained by the Municipal Court in Prague, section C, file 306366 (collectively, "Leadspicker," "we," or "us") offers a sales engagement platform called "Leadspicker" that aims to help businesses improve their marketing strategies by effectively engaging with potential prospects and other interested parties. Leadspicker may provide other services involving data and marketing as well. User's privacy is the most important goal, so the private policy describes the rights that apply to the information clients submit to us or that we collect and use to provide our Services as defined below.
Leadspicker's Services are defined as the sales engagement platform "Leadspicker," provided to clients based on Terms of Service of Leadspicker platform that is offered, made available, and facilitated through the website www.leadspicker.com. Any services or content provided through a website or app that is owned and operated by a third party are not considered part of Leadspicker's "Services."
By accessing the Service, you acknowledge the collection, use, disclosure and other handling of your information as described below.
I. Opening statements
This Privacy Policy covers the handling of non-public, personally identifiable information received through the website www.leadspicker.com or in relation to the Services, including personal data of data subjects.
We process personal data in order to fulfill contracts with clients and on the basis of legitimate interest. We only process it to the extent necessary for the purpose. We process and manage personal data through computer systems and the computer systems of our processors.
Our legitimate interest is therefore to enter into a contract with a client and to provide the client with Services, and furthermore, after the contract has been fulfilled, it is a legitimate interest to protect our rights arising from our relationship with the client.
The data provided is an essential element of the contract and must therefore be provided in order to conclude such a contract. The only ramification of non-providing of personal data is the inability to conclude and fulfill the contract and to provide Services.
According to Art. 21 of the General Data Protection Regulation (GDPR), a data subject can express an objection. In case a data subject expresses an objection against the processing of personal data for the abovementioned purposes, the controller shall not process personal data of the data subject for such purposes anymore.
Leadspicker may carry out automated individual decision-making within the meaning of Article 22 of the GDPR.
II. Data collection
Leadspicker may receive the following types of information from its clients:
Enrollment details. Information about client’s contact details when registering for the Services on webpage leadspicker.com such as first and last name, e-mail addresses, professional title, company name, and password that is being hashed on our backend.
Billing information. When purchasing a subscription of the Services, such as billing name and address, credit card number and other information to validate payment method and identity.
Email communications. When contacting us via a messaging platform (such as Linkedin), we may retain your message, contact details, and username or email address. For newsletter sign-up, we will use your name and email address to send the newsletter to you. You have the option to discontinue receiving our marketing emails or newsletter by clicking the unsubscribe link in the email or changing your email preferences in your account settings. It is not possible to opt-out of receiving transactional emails that are related to your account or usage of our services.
User Engagement Data: As you navigate our Leadspicker platform on the website www.leadspicker.com, we may gather information using common data collection tools, including Cookies, Web beacons, and Log Data. This information may include basic details from your web browser, such as browser type and language, your Internet Protocol ("IP") address, and your actions on our website, such as pages viewed and links clicked. We process this information to monitor your interaction with links within our website and email messages, as well as links to our website on other companies' websites and email messages. Cookies are designed to store information about your browsing activity on the website, such as preferences and login details. You may have the ability to alter your browser or mobile device settings to prevent or limit the acceptance of cookies. Log Data could include your computer's IP address, browser type, the webpage you were on before visiting our website, pages you view, time spent on those pages, search queries on our website, access times and dates, and other statistics. This Privacy Policy does not cover the use of cookies by any third parties. Cookies are short-term "session cookies," which are stored in your browser only until you close it, and long-term "persistent cookies," which remain stored on your computer for a longer duration (depending on the settings of the cookie itself and the browser) or unless you delete them yourself. Cookies are stored within clients' devices and therefore with data subjects. The web interface cannot utilize this personal data unless the data subject revisits webpages of the controller. Data subjects can delete cookies from their devices at any time.
Customer client records. Information about client’s business contacts, such as contacts list or customer list; for instance, first and last name, email address, telephone number, professional title, and company name. The use of information provided by the client is governed by Terms and Conditions of the Services.
To engage in email communications and to provide user-facing features that are prominent in Leadspicker's user interface, it is necessary to obtain explicit consent from the Client for the purpose of sending and receiving emails through the Client's inbox. This consent is included as an integral part of our privacy policy and is required from every Client who wishes to utilize the Services. We limit our use of data to providing or improving user-facing features that are visible and prominent in Leadspicker's user interface. We do not allow humans to read the data, except in the limited circumstances outlined in the IX. Limited Use section of our Privacy Policy.
Information from Third-Party Sources: We may obtain information from trustworthy data providers or from public sources and methods, such as information available on public APIs and the internet. Public information may include details like social media user profiles, public likes or posts, and the user's followers or those they follow. Because this information is already publicly available, we reserve the right to use it to provide or improve user-facing features that are visible and prominent in Leadspicker's user interface, in accordance with the IX. Limited Use section of our privacy policy. We do not transfer or sell user data to third parties like advertising platforms, data brokers, or any information resellers, and we do not use user data for serving ads, including retargeting, personalized, or interest-based advertising.
Do Not Track: Web browsers, such as Chrome, Internet Explorer, Firefox, and Safari, currently have a "do not track" (DNT) option that sends a signal to websites indicating the user's DNT preference setting. However, we do not modify our behavior in response to a web browser's DNT signal as we strive to offer you a personalized experience that complies with the IX. Limited Use section of our privacy policy.
We process personal data based on your consent or our legitimate interests. We may also process data to fulfil a contract you entered with us or to comply with legal obligations. If you have any questions regarding the legal basis for processing your personal data, you can email us at [email protected]
Data Transfer to Third-Party AI Model for Sequence Generation
In enhancing our AI sequence generator feature, Leadspicker utilizes OpenAI's GPT-4 for crafting sequence templates. We are committed to upholding your privacy and only transfer data to GPT-4 after receiving your explicit consent. This consent is obtained through a clear, user-initiated action by ticking a box within our application.
When you opt to utilize the 'Generate Sequence' feature and activate the corresponding checkbox, you provide informed consent for the transfer of the specific data you input to GPT-4, exclusively for the purpose of sequence template creation.
Rest assured, this data interaction with GPT-4 is confined to sequence generation. Your data is not used for any other purpose, nor is it shared with any additional third parties. Our partnership with OpenAI includes robust data protection protocols to safeguard the confidentiality and integrity of your data during this process.
For inquiries or additional information regarding our use of GPT-4 for sequence generation, please reach out to us at [email protected].
III. Data storage
By submitting information to us, you agree to this transfer, storing or processing using Google Cloud Services to host our Services, including parts of the Services we use to store and process information we receive from website visitors, third parties, and individuals with whom we interact through email, other messaging systems, or telephone. The data and information are stored and maintained in accordance with Google Cloud Services’ Privacy notice - https://cloud.google.com/terms/cloud-privacy-notice. Our Privacy Policy does not create any obligation on the part of Google.
We keep personal data for the time we actually need the data. That is, for as long as is strictly necessary to fulfill the purpose of data processing. Furthermore, we keep the personal data for a period of 5 years from the fulfillment of the contract to exercise potential legal claims, and we are also obliged to keep your personal data for 5 years from the end of the accounting period within the accounting system and to archive the tax documents for 10 years.
We limit our use of data to providing or improving user-facing features that are visible and prominent in Leadspicker's user interface.
The client undertakes to:
1. ensure that provided personal data is always processed in accordance with the GDPR, that the data is up-to-date, accurate and true, and that the data is relevant to the stated purpose of the processing;
2. take appropriate measures to provide data subjects with all information, to inform them of their rights and to make any disclosures required by the GDPR in a concise, transparent, comprehensible and easily accessible manner using clear and plain language;
3. comply with any other obligations imposed by the GDPR.
Leadspicker undertakes to:
1. process personal data only on the basis of documented instructions from the client, in particular should the personal data be transferred to a third country or an international organization;
2. ensure that the persons authorized to process personal data undertake to observe confidentiality, unless they are subject to a legal obligation of confidentiality;
3. take all measures required by Article 32 of the GDPR and assist the client in complying with the obligations under Articles 32 to 36 of the GDPR, taking into account the nature of the processing and the information available to Leadspicker;
4. take into account the nature of the processing of personal data and assist the client in complying with the obligation to respond to requests to exercise the data subject's rights as well as other obligations under the GDPR;
5. ensure that the systems for automated processing of personal data are used only by authorized persons who will only have access to personal data corresponding to the authorization of such persons, on the basis of specific user authorizations established exclusively for such persons;
6. ensure that its employees process personal data only under the terms and to the extent specified by the client and consistent with this Privacy Policy;
7. at the request of the client, provide the client at any time with any information necessary to demonstrate that the obligations set out in the GDPR have been complied with and to allow an audit or inspection to be carried out in relation to the processing of personal data;
8. upon termination of the provision of Services under the Terms of Service of Leadspicker platform, in accordance with the client’s decision, either delete all personal data or return it to the client and delete existing copies, unless it is under a legal obligation to store the personal data;
9. comply with any other obligations imposed on it by the GDPR.
Leadspicker and the client further undertake:
1. to implement such technical, organizational, personnel and other appropriate measures within the meaning of the GDPR to ensure and be able to demonstrate at any time that the processing of personal data is carried out in accordance with the GDPR so as to prevent accidental or unauthorized access to, alteration, destruction or loss of, unauthorized transmission of, or other unauthorized processing of, personal data and data media containing such data, as well as other misuse of such data, and to review and update such measures as necessary;
2. keep and review and update records of the processing of personal data in accordance with the GDPR;
3. report any personal data breaches to the data protection authority in a proper and timely manner and cooperate with the data protection authority to the extent necessary;
4. keep each other informed of all circumstances relevant to the performance of its obligations under this article;
5. maintain the confidentiality of personal data and security measures, the disclosure of which would compromise the security of personal data, even after the termination of the contract according to the Terms of Service of Leadspicker platform.
The client grants Leadspicker general permission to engage other processors to process personal data. If we engage such additional processor to process personal data, the additional processor shall be contractually bound to the same obligations to protect personal data as set out in this Privacy Policy. In addition, we are obliged to inform the client of any intended changes regarding the engagement of additional processors or their replacement and to provide the client with an opportunity to object to such changes.
IV. Data sharing
We may share the service information with the following parties:
blank
1. Trusted third parties that perform services for us, with us, or on our behalf, including without limitation providers of technical infrastructure and technical and customer support, hosting providers, billing support, and payment providers. We limit our use of data to providing or improving user-facing features that are prominent in Leadspicker's user interface, and we obtain your consent for such use.
2. For security purposes, such as efforts to detect and address fraud, credit risk, security, or technical issues. We may allow access to data if necessary for security purposes, for example, investigating a bug or abuse.
3. To comply with applicable laws, legal processes, or other legal requirements. We may share data when necessary to comply with the law or respond to legal requests.
4. As part of a merger, acquisition, or sale of assets of Leadspicker, after obtaining explicit prior consent from the user. We may transfer data in connection with significant business events, subject to obtaining your affirmative agreement.
5. When we believe in good faith that such sharing is reasonably necessary in order to investigate, prevent, or take action regarding possible unlawful activities or to comply with legal process or other legal requirements; when we deem disclosure appropriate in situations involving potential threats to the physical safety of any person, potential violations of our terms (such as our Terms of Service), or claims of violation of the rights of third parties; or when we deem disclosure appropriate to protect the rights, property and safety of us, our employees, users, or another person or entity (the disclosures described here may involve the good faith sharing of your information with, for example, law enforcement, government agencies, courts, or other parties); and
6. In any other circumstance where we have appropriate consents or are otherwise permitted by law to share it.
We do not allow humans to read the data, except in the limited circumstances outlined above. Additionally, we prohibit the following:
1. Transferring or selling user data to third parties like advertising platforms, data brokers, or any information resellers.
2. Transferring, selling, or using user data for serving ads, including retargeting, personalized, or interest-based advertising.
3. Transferring, selling, or using user data to determine credit-worthiness or for lending purposes.
We do not transfer your personal data to any other country, except as stated above if they are foreign persons. We ensure that our employees, agents, contractors
V. Data security
We strive to safeguard the confidentiality of your account and other personally identifiable information maintained in our records. Nevertheless, we are unable to provide an absolute assurance of complete security. While we employ transport layer security (TLS) to encrypt the transmission of information when it is submitted on our website, it is important to note that transmitting information over the Internet carries inherent risks. Factors such as unauthorised access or use, hardware or software malfunction, and other unforeseeable circumstances may compromise the security of user information at any given moment.
In accordance with the applicable legal standard, we ensure the protection of the personal data we process and store through appropriate technical and organizational measures. In addition to our authorized personnel, third parties who provide us with services (e.g. processors - IT service providers, carriers) also have access to the data.
VI. Rights of data subjects
Right of access by the data subject
In accordance with Article 15 of the General Data Protection Regulation (GDPR), the data subject is entitled to obtain confirmation from the data controller as to whether or not personal data pertaining to them is being processed. If such processing is taking place, the data subject has the right to access the personal data and obtain the following information:
1. The purposes for which the personal data is being processed;
2. The categories of personal data concerned;
3. The recipients or categories of recipients to whom the personal data has been or will be disclosed, including any recipients in third countries or international organisations;
4. Where feasible, the envisaged timeframe for which the personal data will be retained, or if this is not possible, the criteria utilised to determine such a period;
5. The existence of the right to request rectification or erasure of personal data, or the restriction of processing of personal data pertaining to the data subject, as well as the right to object to such processing;
6. The right to lodge a complaint with a supervisory authority;
7. If the personal data has not been obtained from the data subject, any available information regarding its source;
8. The existence of automated decision-making, including profiling, as referred to in Article 22(1) and (4) of the GDPR, and at least in these cases, meaningful details about the logic employed, as well as the significance and the anticipated consequences of such processing for the data subject.
Right to rectification
In accordance with Article 16 of the General Data Protection Regulation (GDPR), the data subject has the right to request the rectification of any inaccurate personal data pertaining to them from the controller without undue delay. Considering the purposes for which the personal data is being processed, the data subject also has the right to have incomplete personal data supplemented by providing a supplementary statement.
Right to erasure
In accordance with Article 17 of the General Data Protection Regulation (GDPR), the data subject is entitled to request the controller to erase personal data concerning them without undue delay, and the controller has an obligation to do so where one of the following grounds apply:
1. The personal data is no longer required for the purposes for which it was collected or otherwise processed;
2. The data subject withdraws their consent to the processing of personal data based on Article 6(1)(a) or Article 9(2)(a) of the GDPR, and there is no other legal basis for the processing;
3. The data subject objects to the processing pursuant to Article 21(1) of the GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR;
4. The personal data has been unlawfully processed;
5. The personal data must be erased to comply with a legal obligation under the laws of the European Union or Member State to which the controller is subject;
6. The personal data has been collected in relation to the provision of information society services as referred to in Article 8(1) of the GDPR.
Right to restriction of processing
In accordance with Article 18 of the General Data Protection Regulation (GDPR) the data subject has the right to request the controller to restrict the processing of their personal data in certain circumstances. These circumstances include situations where the accuracy of the personal data is contested by the data subject, and the controller needs time to verify the accuracy of the data. Another situation is where the processing of personal data is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead. Additionally, if the controller no longer needs the personal data for processing purposes, but the data subject requires them for legal claims, they can request the restriction of processing. Lastly, the data subject can object to the processing of their personal data while the verification of the legitimate grounds of the controller is pending.
Right to object
In accordance with Article 21 of the General Data Protection Regulation (GDPR), the data subject is entitled to object, on grounds related to their particular situation, to the processing of personal data concerning them which is based on the legitimate interests pursued by the controller. In the present scenario, the legitimate interest solely involves processing personal data for the purpose of sending information and advertisements to clients. If a data subject objects to the processing of their personal data for the purpose of direct marketing, the controller must cease processing their personal data for such purposes, unless the data subject gives unrestricted and informed consent to the processing.
The right to lodge a complaint with a supervisory authority
In accordance with Article 77 of the General Data Protection Regulation (GDPR), it is within the rights of every data subject to file a complaint with a supervisory authority. In the Czech Republic, the designated supervisory authority is the Úřad pro ochranu osobních údajů. The webpage of this supervisory authority is provided for reference purposes:https://www.uoou.cz/
VII. Private policy changes
It is within our right to modify this Privacy Policy periodically. Any information we currently collect is subject to the Privacy Policy that is currently in effect at the time of collection. In the event that we make significant revisions or alter the manner in which Personal Information is utilised, we will provide notice to you by either posting an announcement on our Website or transmitting an email prior to the amendment taking effect. Upon using our website subsequent to the initial posting of any such alterations, you are beholden to adhere to any adjustments made to the Privacy Policy.
blank
VIII. Policy Towards Children
Our Services are not intended for individuals under the age of 13, and we do not intentionally gather personal information from children under the age of 13. Should we become aware that a child under the age of 13 has furnished us with personal information, we will take appropriate measures to delete said information and terminate the child's account. In the event that you discover that your child has disclosed personal information to us without your authorization, please contact us at [email protected]
If you have any questions or concerns regarding our privacy policies, please send us a detailed message by email to [email protected].
IX. Limited Use
GOOGLE COMPLIANCE
Leadspicker app's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. By using Leadspicker, you agree to these terms. To learn more about the Google API Services User Data Policy, please visit Google API Services User Data Policy including the Limited Use requirements.
If you choose to connect a Gmail account to Leadspicker, we will ask you to grant Leadspicker application permissions to access your Gmail account. These permissions are necessary to sustain the functionality of our Services, as intended and described in the Terms of Service. In particular, we will need to access your inbox folder in order to send emails by your name and to detect replies to those emails.
Additionally, Leadspicker has the capability to send emails on your behalf, but only for emails that you choose to send within the Leadspicker app. While utilizing our services, such as crafting email campaigns and managing contact lists, Leadspicker gains access to the information within the email contact lists you create in your Leadspicker account and the subject lines and content of the emails sent through the Leadspicker platform.
This data is securely stored on our servers. Our employees, contractors, and any human, in general, are not allowed to access your personal information, including the data obtained via Google API. We could access user data only after obtaining the user’s affirmative agreement. We may need access to the user data to resolve a support issue, provide advice on service usage or provide any other help, requested by the user. Also, we can access such information when/if necessary for a security investigation or comply with applicable laws.
You can effortlessly retrieve your contact lists from your Leadspicker account at any moment by clicking the "export" button. Additionally, you have the option to modify or delete contacts from your account at any time.
Leadspicker never sells, shares, or rents your contact lists to third parties, nor does it use them for purposes other than those outlined in this policy. We utilize the information from your contact lists solely for legal obligations, invoicing, compiling internal statistics, and providing customer support services.
In compliance with Google's limited use policy, Leadspicker's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
1. Leadspicker will limit its use of data obtained from Google APIs to providing or improving user-facing features that are visible and prominent in the Leadspicker application's user interface.
2. Leadspicker will not transfer data obtained from Google APIs to third parties, including advertising platforms, data brokers, or information resellers, except in the following cases:
-To provide or improve user-facing features that are visible and prominent in the Leadspicker application's user interface, with the user's consent.
-For security purposes, such as investigating abuse.
-To comply with applicable laws.
-As part of a merger, acquisition, or sale of assets of Leadspicker, after obtaining explicit prior consent from the user.
3. Leadspicker will not use data obtained from Google APIs for serving ads, including retargeting, personalized, or interest-based advertising. Additionally, Leadspicker will not use such data to determine credit-worthiness or for lending purposes.
4. Leadspicker will ensure that its employees, agents, contractors, and successors comply with the Google API Services User Data Policy, including the Limited Use requirements.
By using Leadspicker, you agree to these terms. To learn more about the Google API Services User Data Policy, please visit Google API Services User Data Policy, including the Limited Use requirements.
X. Final Statements
If you have any questions or concerns regarding our privacy policies, if you wish to be provided with more detailed information on any of the points, request deletion or redaction of incorrect data, please send us a detailed message by email to [email protected]
You can contact us at any time to request details of the processing of your personal data and we will provide you with detailed information free of charge or provide you with a copy of the data processed. This is your right to access your personal data. However, we must advise you that in the event of repeated or unreasonable requests, we are entitled to charge you for the cost of providing the information or to refuse to provide the information.
Leadspicker does not fulfil the characteristics of Article 37(1) of the GDPR and is therefore not obliged to appoint a data protection officer in this sense.
No automated profiling shall take place.