Privacy Policy

Effective Date: January 1, 2025
Last Updated: January 1, 2025

ȘTIURIUC MARIUS-GABRIEL PERSOANĂ FIZICĂ AUTORIZATĂ ("we," "us," or "our") operates the EvenLeads platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, password, company name, and billing information
• Profile Information: Optional profile details and preferences
• Payment Information: Credit card details and billing address (processed securely through Stripe)
• Communication Data: Messages, feedback, and support requests

1.2 Information Automatically Collected

• Usage Data: Pages visited, features used, time spent, and interaction patterns
• Device Information: IP address, browser type, operating system, device identifiers
• Cookies and Tracking: Session data, preferences, and analytics information
• Log Data: Access times, error logs, and system activity

1.3 Lead Generation Data

• Campaign Data: Search criteria, keywords, and campaign configurations
• Lead Information: Publicly available social media posts and user data collected through our Service
• Integration Data: Data from connected platforms (Reddit, Facebook, etc.)

2. How We Use Your Information

We use the collected information for:

• Service Provision: Operating, maintaining, and improving the Service
• Account Management: Creating and managing your account, authentication, and personalization
• Lead Generation: Processing campaigns, retrieving leads, and AI-powered analysis
• Payment Processing: Billing, subscription management, and transaction processing
• Communications: Sending service updates, newsletters, and marketing materials (with consent)
• Analytics: Understanding usage patterns and improving features
• Security: Detecting fraud, preventing abuse, and ensuring platform security
• Legal Compliance: Complying with legal obligations and enforcing our Terms

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your data based on:

• Contract Performance: Processing necessary to provide the Service
• Consent: Where you have given explicit consent
• Legitimate Interests: For service improvement, security, and analytics
• Legal Obligations: Compliance with applicable laws and regulations

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We share data with trusted partners who assist in operating our Service:

• Payment Processing: Stripe (for secure payment handling)
• Cloud Hosting: AWS or similar providers (for data storage and computing)
• Email Services: For transactional and marketing emails
• Analytics: Google Analytics and similar tools
• AI Services: OpenAI for lead analysis and processing

4.2 Social Media Platforms

We integrate with social media platforms (Reddit, Facebook, etc.) to retrieve publicly available data. This integration is governed by each platform's terms and privacy policies.

4.3 Legal Requirements

We may disclose information when required by law, court order, or to:

• Protect our rights, property, or safety
• Prevent fraud or abuse
• Comply with legal processes
• Enforce our Terms of Service

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. International Data Transfers

Your information may be transferred to and processed in countries outside your country of residence. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Privacy Shield certification (where applicable)
• Adequate protection measures as required by GDPR

6. Data Retention

We retain your information for as long as necessary to:

• Provide the Service and fulfill the purposes outlined in this Policy
• Comply with legal, accounting, or reporting requirements
• Resolve disputes and enforce our agreements

Specific Retention Periods:

• Account Data: Until account deletion plus 30 days
• Lead Data: According to your plan limits and manual deletions
• Billing Records: 7 years (for tax and accounting purposes)
• Analytics Data: Up to 26 months

7. Your Rights and Choices

7.1 GDPR Rights (EEA Users)

You have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we process your data
• Portability: Receive your data in a machine-readable format
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time
• Lodge a Complaint: File a complaint with your local data protection authority

7.2 Account Management

• Update Information: Access and modify your account settings
• Delete Account: Request account deletion through settings or contact support
• Export Data: Download your leads and campaign data

7.3 Marketing Communications

• Unsubscribe from marketing emails using the link in each email
• Manage notification preferences in account settings

8. Cookies and Tracking Technologies

We use cookies and similar technologies for:

• Essential Cookies: Required for the Service to function
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Understand how users interact with the Service
• Marketing Cookies: Deliver personalized content (with consent)

You can control cookies through your browser settings. Note that disabling certain cookies may limit Service functionality.

9. Security Measures

We implement industry-standard security measures to protect your data:

• SSL/TLS encryption for data transmission
• Encrypted storage of sensitive information
• Regular security audits and vulnerability assessments
• Access controls and authentication mechanisms
• Employee training on data protection
• Incident response procedures

Data Breach Notification: In the event of a data breach affecting your personal information, we will notify you within 72 hours as required by GDPR.

10. Children's Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect information from children. If we become aware that we have collected data from a child, we will delete it immediately.

11. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

• Right to Know: What personal information we collect, use, and share
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information (Note: We do not sell personal information)
• Non-Discrimination: We will not discriminate against you for exercising your rights

12. Third-Party Links

Our Service may contain links to third-party websites and services. We are not responsible for their privacy practices. We encourage you to review their privacy policies.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

• Posting the updated policy on our website
• Sending an email notification (for significant changes)
• Displaying a notice on the Service

Your continued use of the Service after changes constitutes acceptance of the updated policy.

14. Contact Us

For questions, concerns, or to exercise your rights, contact us at:

ȘTIURIUC MARIUS-GABRIEL PERSOANĂ FIZICĂ AUTORIZATĂ
Romania
Company Registration: PFA
Email: contact@evenleads.com

Data Protection Officer: contact@evenleads.com

15. Supervisory Authority

If you are located in the EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

---

This Privacy Policy is designed to comply with GDPR, CCPA, and other applicable data protection laws. By using EvenLeads, you acknowledge that you have read and understood this Privacy Policy.