Privacy Policy

1. Introduction

‍

Sellestial is a B2B SaaS company that enables users to connect their HubSpot workspaces and Google or Microsoft email accounts to our platform. 

2. Information We Collect

‍

We collect various types of information to provide and improve our Services:

‍

‍

2.1 Information You Provide to Us

• Account Information: When you register for an account, we collect your name, email address, and other contact details.
• Communications: If you contact us directly, we may receive additional information such as your name, email address, phone number, and the content of your message.

‍

2.2 Information We Receive from Third Parties

‍

When you connect third-party services to our platform, we collect and process the following data:

‍

Data from Google LLC:

• User and Prospect Data:
  • First name, last name, profile picture
  • Email address
  • Email messages:
    • Date, sender, recipients, subject line, message body
  • Inbox settings:
    • Vacation settings, email signature, labels

Data from Microsoft Outlook 365:

• User and Prospect Data:
  • First name, last name, profile picture
  • Email address
  • Email messages:
    • Date, sender, recipients, subject line, message body
  • Inbox settings:
    • Vacation settings, email signature, labels

Data from HubSpot, Inc.:

• HubSpot ID
• Deals:
  • Deal name, amount, close date, stage, pipeline, deal owner, closed lost reason, last contacted, deal score, custom fields (as configured by the user)
• Contacts:
  • First name, last name, email, job title, employment status, phone number, lead status, lifecycle stage, contact owner, LinkedIn profile URL, custom fields (as configured by the user)
• Companies:
  • Company name, domain, industry, company owner, city, state/region, postal code, number of employees, annual revenue, time zone, description, LinkedIn company page, custom fields (as configured by the user)
• Notes and Communications:
  • Emails, calls, meetings, LinkedIn messages, SMS messages, WhatsApp messages, postal mail

‍

Data from ProAPIs, Inc.:

• Personal LinkedIn profile
• Company LinkedIn profile

‍

Data from ZenLeads Inc. d/b/a Apollo.io:

• Email address
• Phone number

‍

‍

2.3 Cookies and Tracking Technologies

‍

We use cookies and similar tracking technologies to collect information about your interaction with our website and Services. The cookies we use include:

‍

• Website Cookies:
  • _reb2bgeo: This cookie is used to store the visitor's geographical location. It expires after 1 week.
  • _ga: A Google Analytics cookie used to distinguish users. It expires after 2 years.
  • _ga_<id>: Similar to the _ga cookie, this one also helps persist session state and expires after 2 years.
  • reb2bsessionID: This cookie stores the visitor's RB2B session ID. The duration is 1 week.
  • hjSessionUser_<id>: A Hotjar cookie that assigns a unique user ID for tracking interactions. It lasts for 1 year.
  • _hjSession_<id>: This cookie tracks the user's session with Hotjar and typically has a duration of 30 minutes.
  • _reb2buid: This cookie is used to store the visitor's RB2B user ID and expires after 1 week.

• Product Cookies:
  • access_token: This cookie is used to authenticate and authorize a user. The duration is 24 hours.
  • fs_lua: This cookie is used by Fullstory software to assist with the Fullstory session lifecycle, ensuring user activity extends the session. The duration is 30 minutes.
  • fs_uid: This cookie is used by Fullstory software to track the user across sessions and pages. The duration is 1 year.
  • refresh_token: This cookie is used to get a new access token when the current one expires. The duration is 30 days.

For more details on how we use cookies and how you can manage your cookie preferences, please see Section 9 of this Privacy Policy.

3. How We Use Your Information

‍

We use the information we collect for various purposes, including:

• Providing and Maintaining Services: To operate and maintain our Services, including processing transactions, authenticating users, and providing customer support.
• Improving Services: To analyze usage and trends to improve the quality and performance of our Services.
• Data Enrichment: To enhance prospect data using identifiers such as first name, last name, email, and LinkedIn ID in order to provide better services.
• Communications: To send you updates, security alerts, and support messages.
• Legal Obligations: To comply with legal requirements, resolve disputes, and enforce our agreements.
• Analytics: To monitor and analyze trends, usage, and activities in connection with our Services.

Aggregated Data: We may use aggregated, anonymized data for any purpose, such as analyzing trends or providing insights.

4. Legal Basis for Processing

‍

Under the General Data Protection Regulation (GDPR), we rely on the following legal bases for processing your personal data:

• Consent: When you connect third-party services to our platform, you provide consent for us to access and process the data described in Section 2.2.
  
  
• Contractual Necessity: Processing is necessary to perform the contract between you and Sellestial (e.g., to provide and maintain our Services).
  
  
• Legitimate Interests: We process anonymized data for analytics and service improvement, which are in our legitimate interests and do not override your data protection rights.
  

Legal Compliance: Processing is necessary for compliance with our legal obligations.

5. How We Share Your Information

‍

We do not sell or rent your personal data. However, we may share your information in the following circumstances:

‍

‍

5.1 Service Providers

‍

We share data with third-party service providers who perform services on our behalf, such as:

• OpenAI: We use OpenAI's APIs, which may involve processing the data described in Section 2. OpenAI may process data outside the European Union.
  
  
• Data Enrichment Providers: We share identifiers like first name, last name, email, and LinkedIn ID with data enrichment providers (Apollo.io and ProAPIs, Inc.) to enhance prospect data.

• Payment and Accounting Software: We share identifiers like first name, last name, and email with a payment provider (Stripe, Inc.) and accounting software provider (Xero Limited).

‍

Note: Sellestial's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the "Limited Use" requirements.

‍

‍

5.2 Legal Requirements

‍

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

‍

‍

5.3 Business Transfers

‍

In the event of a merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of assets, or transition of service to another provider, your personal data may be transferred or disclosed as part of such a transaction, as permitted by law and/or contract. In such cases, we will notify you via email and/or a prominent notice on our Services before your personal data becomes subject to a different privacy policy.

‍

‍

5.4 With Your Consent

‍

We may share your information with third parties when we have your consent to do so.

6. International Data Transfers

‍

While we store and process your personal data primarily within the European Union (EU) on our Digital Ocean servers, some of our third-party service providers may process data outside of the EU. Specifically:

• OpenAI: When we use OpenAI's APIs, your data may be processed in countries outside the EU, including the United States.

‍

When we transfer personal data outside of the EU, we take appropriate measures to ensure compliance with data protection laws, such as:

• Standard Contractual Clauses: We may rely on standard data protection clauses approved by the European Commission, which are binding legal commitments to protect your data.
• Other Safeguards: We may use other legally recognized mechanisms to ensure your data is adequately protected.

7. Data Retention

‍

We retain your personal data for as long as your account is active or as necessary to provide you with our Services. If you decide to terminate your account, we will delete your data from our servers. However, we may retain certain information for legitimate business purposes or as required by law, such as:

• To comply with legal, regulatory, or compliance obligations.
• To resolve disputes or enforce our agreements,
• In the course of regular backup procedures, until such backup copies are deleted.

8. Your Rights and Choicesn

‍

Under applicable data protection laws, particularly the GDPR, you have certain rights regarding your personal data:

• Access: You have the right to request access to the personal data we hold about you.
• Rectification: You can request that we correct any inaccurate or incomplete personal data.
• Erasure: You have the right to request the deletion of your personal data under certain circumstances.
• Restriction: You can ask us to restrict the processing of your personal data in certain situations.
• Data Portability: You have the right to obtain a copy of your personal data in a structured, commonly used, and machine-readable format.
• Objection: You can object to the processing of your personal data in certain cases, such as for direct marketing purposes.
• Withdrawal of Consent: If we process your data based on consent, you have the right to withdraw that consent at any time.

‍

To exercise any of these rights, please contact us at info@sellestial.com. We will respond to your request within the timeframes required by law.

‍

If you are a resident of European Economic Area, you can submit a complaint to the Information Commissioner or other competent authority in your state.

9. Cookies and Tracking Technologies

‍

We use cookies and similar tracking technologies to enhance your experience on our website and platform. Cookies are small data files stored on your device that help us understand how you use our Services.

‍

9.1 Types of Cookies We Use

• Essential Cookies: Necessary for the operation of our Services (e.g., session cookies).
• Analytics Cookies: Help us understand how visitors interact with our website by collecting and reporting information anonymously.
• Functionality Cookies: Enable us to remember choices you make (e.g., language preferences).
  ‍

9.2 Managing Cookies

‍

You can control cookies through your browser settings. However, disabling cookies may affect the functionality of our Services.

‍

For more detailed information about the cookies we use and how to manage them, please refer to our Cookie Policy [if available].

10. Security Measures

‍

We are committed to protecting your personal data and implement appropriate technical and organizational security measures, including:

• Data Encryption: Encryption of data both in transit and at rest to prevent unauthorized access.
• OAuth Authentication: Secure authentication protocols using Google's OAuth services.
• Access Controls: Limiting access to personal data to authorized personnel who need to know that information to operate, develop, or improve our Services.
• Security Audits: Regular assessments of our security practices to identify potential vulnerabilities.

Please note that while we strive to protect your personal data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.

11. Children's Privacy

‍

Our Services are intended for use by professionals and are not directed to individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you become aware that a child has provided us with personal data, please contact us at info@sellestial.com, and we will take steps to delete such information.

12. Changes to This Privacy Policy

‍

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.

• Notification of Changes: If we make material changes, we will notify you by email (sent to the email address specified in your account) or by posting a notice on our Services prior to the change becoming effective.
• Effective Date: The date at the top of this Privacy Policy indicates when it was last updated.

We encourage you to review this Privacy Policy periodically to stay informed about our data practices.

13. Contact Us

‍

If you have any questions, concerns, or comments about this Privacy Policy or your personal data, please contact us:

‍

Sellestial
Attn: Privacy Officer
Email: info@sellestial.com

14. Regulatory Compliance

‍

We comply with the General Data Protection Regulation (GDPR) for users located within the European Union. Should regulations such as the California Consumer Privacy Act (CCPA) become applicable to our operations, we will update our practices accordingly.

16. Use of User Data for Analytics and Service Improvement

‍

We may use anonymized and aggregated data derived from your personal data for internal analytics and to improve our Services. This data does not identify you personally and is used to understand trends, monitor the effectiveness of our Services, and enhance user experience.

17. Marketing Communications

‍

We currently do not send marketing or promotional communications. If we decide to do so in the future, we will provide you with the option to opt out or unsubscribe from such communications.

18. Compliance with Google API Services User Data Policy

‍

Sellestial's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the "Limited Use" requirements. We will not use data obtained from Google APIs for any purposes other than providing and improving our Services as described in this Privacy Policy.