Privacy Policy

• Account Information: Name, work email, company details, phone number (optional)
• Authentication Data: Password (hashed), OAuth tokens (Google, GitHub, Microsoft)
• Lead & Contact Data: Prospect information, company names, job titles, LinkedIn URLs
• Email Data: Message content, metadata, conversation threads, email credentials (encrypted)
• Payment Information: Billing details (processed by Stripe), invoice history

• Usage Data: IP address, browser type, device info, access times, pages viewed
• Mobile App Data: Device token, app version, crash logs, performance metrics
• Cookies & Tracking: Session cookies, CSRF tokens, analytics cookies (optional)

• Provide the Service: Create accounts, process authentication, enable email sending, generate AI insights
• Improve & Optimize: Analyze usage patterns, monitor performance, fix bugs, develop features
• Communicate: Send transactional emails, provide support, product updates (with consent for marketing)
• Security & Compliance: Prevent fraud, monitor threats, enforce policies, comply with legal obligations

We share data only with trusted service providers:

• Email Services: Nylas, Mailgun (email delivery)
• AI Services: OpenAI, Anthropic (content generation)
• Payment Processing: Stripe (PCI DSS compliant)
• Cloud Infrastructure: AWS, Supabase (secure hosting)

We DO NOT sell your data to third parties for advertising or marketing purposes.

Encryption:

• • Password hashing using bcrypt (cost factor 12)
• • OAuth tokens encrypted with AES-256-GCM
• • Email credentials encrypted using Fernet symmetric encryption
• • TLS 1.2+ for all data in transit

Access Controls:

• • Role-based access control (RBAC)
• • Multi-factor authentication (MFA) available
• • Regular access audits and reviews

Infrastructure Security:

• • ISO 27001 certified data centers
• • SOC 2 Type II compliance
• • Regular security audits and penetration testing

You have the right to:

• • Access: Request a copy of your personal data
• • Rectification: Correct inaccurate or incomplete data
• • Erasure: Request deletion of your data ("right to be forgotten")
• • Portability: Receive your data in a machine-readable format
• • Restriction: Limit how we process your data
• • Objection: Opt out of direct marketing communications

To exercise your rights, contact us at [email protected]

We retain your data for as long as necessary to provide the Service and comply with legal obligations:

• • Account data: Retained while your account is active
• • Email & campaign data: Retained for 90 days after account deletion
• • Payment records: Retained for 7 years (UK tax requirements)
• • Usage logs: Retained for 12 months

SalesBee's use of information received from Google APIs adheres to Google API Services User Data Policy, including the Limited Use requirements.

We DO NOT:

• • Read emails without your explicit authorization
• • Share Google data with third parties
• • Use Google data for advertising or marketing
• • Store OAuth tokens in plaintext (encrypted with AES-256)

We use cookies for authentication and analytics. See our Cookie Policy for details.

You can manage cookie preferences in your browser settings.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. Your continued use after changes constitutes acceptance.

For privacy enquiries, data access requests, or concerns: