1. Introduction
Welcome to Infireach ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience on our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our email automation service.
By using Infireach, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
2.1 Account Information
- Email address and password (for authentication)
- Account creation and last login dates
- User preferences and settings
2.2 Contact and Lead Data
- Contact information you upload (names, email addresses, phone numbers, companies)
- Lead status and interaction history
- Custom tags and categorization data
- Communication preferences and engagement metrics
2.3 Campaign Data
- Email campaign content and templates
- Campaign names, descriptions, and configurations
- Delivery, open, and click-through rates
- A/B testing results and performance analytics
2.4 Payment Information
- Billing addresses and payment method details (processed securely through Stripe)
- Transaction history and subscription information
- We do not store complete credit card numbers on our servers
2.5 Technical Information
- Authentication cookies necessary for service functionality
- Session data and security tokens
- Error logs and system performance data (anonymized)
3. How We Use Your Information
- Service Delivery: To provide and maintain our email automation platform
- Account Management: To create and manage your account, authenticate users
- Campaign Management: To send emails, track performance, and provide analytics
- Payment Processing: To process subscriptions and manage billing
- Customer Support: To respond to your inquiries and provide technical assistance
- Service Improvement: To analyze usage patterns and improve our platform
- Legal Compliance: To comply with applicable laws and regulations
4. Third-Party Services
We work with trusted third-party service providers to deliver our services:
Supabase (Database & Authentication):
Hosts our database and handles user authentication securely.
SendGrid (Email Delivery):
Delivers your email campaigns and tracks opens and clicks.
Stripe (Payment Processing):
Processes payments securely and handles subscription management.
All third-party providers are carefully selected for their security standards and GDPR compliance.
5. Email Tracking
Our platform tracks email opens and clicks to provide you with campaign performance analytics. This includes:
- When emails are opened by recipients
- Which links are clicked within emails
- Email delivery status and bounce rates
- Engagement metrics for campaign optimization
This data is used solely to provide you with service analytics and improve email deliverability.
6. Data Retention
We retain your personal data only as long as necessary to provide our services and fulfill legal obligations:
- Active Accounts: Data is retained while your account is active
- Account Deletion: Upon account deletion, your data may remain for up to 90 days for backup and recovery purposes
- Legal Requirements: Some data may be retained longer if required by law
- Anonymized Data: Aggregated, anonymized analytics may be retained indefinitely
7. Your Rights Under GDPR
As a data subject under GDPR, you have the following rights:
Right to Access
Request a copy of your personal data we hold
Right to Rectification
Correct inaccurate or incomplete personal data
Right to Erasure
Request deletion of your personal data
Right to Data Portability
Receive your data in a structured, machine-readable format
Right to Object
Object to certain types of data processing
Right to Restrict Processing
Limit how we use your personal data
To exercise any of these rights, please contact us at contact@infireach.com. We will respond within 30 days.
8. Data Security
We implement appropriate security measures to protect your personal data:
- Data encryption in transit and at rest
- Secure authentication and access controls
- Regular security audits and monitoring
- Limited access to personal data on a need-to-know basis
- Secure hosting infrastructure with enterprise-grade security
9. Cookies
We use only essential cookies necessary for the functioning of our service:
- Authentication Cookies: To keep you logged in and secure your session
- Security Tokens: To prevent cross-site request forgery and ensure secure communications
We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
10. International Data Transfers
As we are based in the EU, your data is primarily processed within the European Economic Area. When we use third-party services that may process data outside the EU, we ensure:
- Adequate safeguards are in place (such as Standard Contractual Clauses)
- Service providers comply with GDPR requirements
- Data protection standards equivalent to those in the EU
11. Children's Privacy
Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we discover that we have collected personal information from a child under 16, we will delete such information immediately.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Updating the "Last updated" date at the top of this policy
- Sending an email notification for significant changes
- Displaying a prominent notice on our platform
Your continued use of our service after changes become effective constitutes acceptance of the revised policy.
13. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Email: contact@infireach.com
Subject Line: Privacy Policy Inquiry
Data Protection Officer: For GDPR-related inquiries, please mention "DPO" in your subject line.
We are committed to resolving any privacy concerns you may have and will respond to your inquiry within 30 days.