Privacy Policy

Introduction

Skyp LLC ("we," "our," or "us") is committed to protecting your privacy and ensuring transparency about how we collect, use, and protect your personal information. This Privacy Policy explains our practices regarding personal data when you use our email campaign management platform.

This policy complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable privacy laws. This privacy statement applies to citizens and legal permanent residents of the United States, the European Economic Area, and all other jurisdictions.

Data Controller: Skyp LLC
Contact: privacy@skyp.ai

In this privacy statement, we explain what we do with the data we obtain about you via https://skyp.ai. We recommend you carefully read this statement. In our processing, we comply with the requirements of privacy legislation. That means, among other things, that:

• We clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
• We aim to limit our collection of personal data to only the personal data required for legitimate purposes;
• We first request your explicit consent to process your personal data in cases requiring your consent;
• We take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
• We respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions or want to know exactly what data we keep about you, please contact us.

1. Purpose and Categories of Data

We may collect or receive personal information for a number of purposes connected with our business operations, which may include the following:

1.1 Newsletters, Content Subscriptions, and Opt-in Marketing

The following categories of data are collected:

• A first and last name
• An email address
• A telephone number
• IP Address

Retention Period: We retain this data until the service is terminated.

1.2 Service Data Collection

We collect information from you about your company, customers, their contact information (as provided by you), and other professional information that is not considered personal in order to provide the service.

The following categories of data are collected:

• Company name
• Customer contact details (as provided by you)
• Business-related professional information such as LinkedIn URL, URL of the company, etc.

Retention Period: We retain this data for as long as necessary to provide the service or as required by applicable laws.

1.3 Technical Information

The following categories of data are collected:

• Device information, IP addresses, and browser data
• Usage analytics through PostHog (anonymized where possible)
• Application logs for security and performance monitoring
• Session data and authentication tokens
• Geolocation data

Retention Period: Usage logs are retained for 12 months; other data retained while your account is active.

1.4 Legal Basis for Processing (GDPR)

We process your data based on:

• Contract Performance: Processing necessary to provide our services to you
• Legitimate Interests: Improving our platform, security, and preventing abuse
• Consent: Where required for specific processing activities (e.g., marketing communications)
• Legal Obligations: Compliance with applicable laws and regulations

2. How We Use Your Information

2.1 Service Provision

• Creating and managing your account
• Processing and sending email campaigns
• Generating AI-powered email content and personalization
• Providing campaign analytics and performance insights

2.2 Service Improvement

• Analyzing usage patterns to improve our platform
• Developing new features and functionality
• Ensuring platform security and preventing abuse

2.3 Communication

• Sending service updates and important notifications
• Weekly performance summaries (if enabled in preferences)
• Responding to support requests

3. Data Sharing and Third Parties

3.1 Service Providers

We work with trusted third-party service providers to deliver our services:

• OpenAI/LiteLLM: AI content generation (data processed according to their privacy policies)
• Gmail API: Email sending functionality
• Stripe: Payment processing (PCI-compliant)
• PostHog: Analytics and product insights
• Slack: Notification delivery (webhook only)

3.2 Online Data Partners and Visitor Tracking

We use specialized online data partners to enhance our sales and marketing efforts:

• RB2B (Retention.com): Website visitor identification and engagement tracking. When you visit our website, RB2B may use cookies and similar technologies to associate your browsing activity with other information they or their partners have about you, including your email address or professional profile.
• SyftData.com: Lead enrichment and business intelligence data to better understand and serve our business customers.

These partners help us identify potential business prospects who visit our website and may route them into our sales workflows or send them relevant communications. This processing is based on our legitimate business interests in marketing our services to potential customers.

3.3 Data Protection Measures

• All third-party integrations are bound by data processing agreements
• Data is encrypted in transit and at rest
• Access is limited to necessary personnel only
• Regular security audits and monitoring

No Data Sales: We never sell, rent, or trade your personal information to third parties for marketing purposes.

3.4 Legal Disclosures

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organization is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

4. Your Privacy Rights

Under GDPR and other privacy laws, you have the following rights:

• Right of Access: View and download all your personal data
• Right to Rectification: Correct inaccurate personal information
• Right to Erasure: Delete your account and all associated data
• Right to Data Portability: Export your data in JSON, CSV, or ZIP format
• Right to Object: Object to certain types of data processing
• Right to Restrict: Limit how we process your data
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

Exercise Your Rights

• Log into your account and visit Account Management
• Use the Privacy Dashboard to manage your data preferences
• Contact us at privacy@skyp.ai for additional requests

5. Data Security

5.1 Technical Safeguards

• End-to-end encryption for sensitive data using Fernet encryption
• Secure password hashing with industry-standard algorithms
• HTTPS encryption for all data transmission
• Regular security updates and vulnerability assessments

5.2 Access Controls

• Role-based access control with minimal necessary permissions
• Multi-factor authentication for administrative access
• Regular access reviews and deprovisioning
• Audit logging of all data access and modifications

5.3 Incident Response

In the unlikely event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by GDPR, and provide clear information about the incident and steps taken to address it.

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

6. Data Retention

6.1 Retention Periods

• Account Data: Retained while your account is active
• Campaign Data: Retained for service provision and analytics
• Financial Records: 7 years (legal requirement)
• Usage Logs: 12 months for security and performance monitoring

6.2 Deletion Process

When you delete your account, all personal data is permanently removed within 30 days, except for financial records required by law. You can track deletion status through your account dashboard or by contacting privacy@skyp.ai.

7. International Data Transfers

Skyp LLC is based in the United States. If you are located in the European Economic Area (EEA) or other regions with data protection laws, your personal information may be transferred to and processed in the United States.

7.1 Transfer Safeguards

• Standard Contractual Clauses (SCCs) with all international service providers
• Adequacy decisions where applicable
• Additional safeguards for sensitive data transfers

8. Cookies and Tracking

Our website uses cookies. For detailed information about our cookie usage, types of cookies, and how to manage your preferences, please see our Cookie Policy.

8.1 Types of Cookies

• Essential Cookies: Required for authentication and basic functionality
• Analytics Cookies: PostHog analytics for improving user experience
• Preference Cookies: Remember your settings and preferences
• Marketing/Tracking Cookies: Online data partners (RB2B/Retention.com, SyftData.com) for visitor identification and lead enrichment

8.2 Visitor Identification and Tracking

When you visit or interact with our website, cookies and similar technologies may be used by our online data partners (including RB2B/Retention.com and SyftData.com) to:

• Identify you or your company based on your IP address and browsing behavior
• Associate your website activity with other publicly available information about you or your company
• Match your visit with professional profiles or email addresses
• Enrich our understanding of your business needs and interests

This information may be used by us or our service providers to send you communications, route you into our sales workflows, or provide you with personalized marketing content.

8.3 Managing Tracking and Opt-Out

You have the right to opt out of this tracking:

• RB2B/Retention.com Opt-Out: Visit https://app.retention.com/optout to opt out of visitor identification tracking
• GDPR Rights (EU/UK Residents): If you are subject to GDPR, you have additional rights to object to this processing. Contact privacy@skyp.ai to exercise your rights
• Browser Settings: You can also manage cookies through your browser settings (see our Cookie Policy for details)

We have concluded data processing agreements with Google, PostHog, RB2B, and other service providers to ensure appropriate safeguards for your data.

9. How We Respond to Do Not Track Signals

Our website responds to and supports the Do Not Track (DNT) header request field. If you turn DNT on in your browser, those preferences are communicated to us in the HTTP request header, and we will not track your browsing behavior.

6. Third-Party Websites

This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of those websites.

7. Amendments to This Privacy Statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly for changes or updates. In addition, we will actively inform you wherever possible.

8. Accessing and Modifying Your Data

If you have any questions or want to know what personal data we have about you, please contact us. Please make sure to always clearly state who you are so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below.

8.1 You Have the Following Rights with Respect to Your Personal Data

• You may submit a request for access to the data we process about you.
• You may object to the processing.
• You may request an overview, in a commonly used format, of the data we process about you.
• You may request correction or deletion of the data if it is incorrect or no longer relevant, or to ask to restrict the processing of the data.

9. Children

Our website is not designed to attract children, and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.

10. Contact Details

Skyp LLC
2261 Market Street STE 85950
San Francisco, CA 94114
United States of America
Website: https://skyp.ai
Email: legal@skyp.ai