EU-U.S. and Swiss-U.S. Privacy Shield Frameworks
With respect to PII processed in the scope of this Notice, Saleswhale complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (the "Privacy Shield") as set forth by the U.S. Department of Commerce regarding the processing of PII transferred from the European Union, the European Economic Area, the United Kingdom, or Switzerland to the United States or otherwise received in reliance on the Privacy Shield. Saleswhale commits to adhere to and has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. To learn more about the Privacy Shield, and to view Saleswhale’s certification, please visit https://www.privacyshield.gov and https://www.privacyshield.gov/list, respectively.
What Information does Saleswhale Collect?
We receive and store any information you knowingly provide to us. When you create a new Saleswhale account, we will solicit your consent to connect your Google account to your Saleswhale account (using Google's OAuth authentication method), thereby providing us with access to your Google account, including but not limited to Email, Contacts and Calendar. We access and store a subset of data from your Google account to provide you with our Services.
- The App will only use access to read, write, modify, or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
- The App will only use access to read Google Calendar events, to provide a web page for your team to know which leads have events tied to them and will not transfer this Google Calendar data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
- The App will not use Gmail data and/or Google Calendar data for serving advertisements.
- The App will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the App's internal operations and even then only when the data have been aggregated and anonymized.
Saleswhale acts as an agent, also known as a data processor, for the PII we process for our customers through the Service. This means that Saleswhale’s customers determine the type of PII they provide to the Service for Saleswhale to process on their behalf. Saleswhale generally has no direct relationship with the individuals whose PII it receives from its customers and Saleswhale’s customers are responsible for providing notice to the individuals whose PII will be collected and provided to Saleswhale.
Categories of PII Processed
In addition to the documentation received from customers, Saleswhale processes full email messages, including the header and body of each message, along with any PII contained therein. As a result, it is not possible to list all possible categories of PII that may be processed, however, the PII typically includes:
- Contact data (such as email address and phone number);
- Professional data (such as position or title);
- Biographical data (such as name); and
- Metadata (such as IP address).
How We Receive PII
We may receive your PII when they are submitted to us by our customers or if we receive an email communication directly from you.
Purpose of Processing PII
We process PII submitted by our customers for the purposes of providing the Service to our customers, which typically involves our AI sales assistant automatically responding to inquiries made by our customers’ sales leads.
Basis of Processing
Within the scope of this Notice, we process PII based on the documented instructions of our customers.
We delete the PII submitted to us by customers and business partners within 30 days of receiving a request to delete from our customers or the data subject unless applicable law requires a different retention period.
Other Disclosure of PII
We may also disclose PII:
- to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders, provided that in such instances we may not be able to ensure that such recipients of your PII will maintain the privacy or security of your PII;
- if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring, or other company change; or
- to our subsidiaries or affiliates only if necessary for business and operational purposes.
We use and may transfer, sell, and share aggregated, anonymous data, which does not include any PII, about our Service for any legal business purpose, such as analyzing usage trends and seeking compatible business opportunities.
Data Integrity & Security
Saleswhale has implemented and will maintain technical, administrative, and physical measures that are reasonably designed to help protect PII from unauthorized processing such as unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure.
Access, Review & Deletion
If we store PII about you, you may have a right to request access to, and the opportunity to update, correct, or delete, such PII. You may also have the right to opt out of having your PII shared with third parties and to revoke your consent that you have previously provided for your PII to be shared with third parties, except as required by law. You also have the right to opt out if your PII is used for any purpose that is materially different from, but nevertheless compatible with the purpose(s) for which it was originally collected or subsequently authorized by you. Requests should be sent to the Saleswhale customer who provided your PII to Saleswhale, or to Saleswhale directly at firstname.lastname@example.org. Saleswhale has limited rights to access PII our customers submit to our Service. Therefore, if you contact us with such a request, please provide the name of the Saleswhale customer who submitted your PII to our Service. We will forward your request to that customer and provide assistance to our customers, as needed, as they respond to your request.
Where a privacy complaint or dispute cannot be resolved through Saleswhale’s internal processes, Saleswhale has agreed to participate in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Privacy Shield Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/.
If your dispute or complaint can’t be resolved by us, nor through VeraSafe’s dispute resolution program, you may have the right to require that we enter into binding arbitration with you pursuant to the Privacy Shield’s Recourse, Enforcement and Liability Principle and Annex I of the Privacy Shield.
Saleswhale, Inc. is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
Changes to this Notice
If we make any material change to this Notice, we will post the revised Notice to this web page and update the "Effective" date above to reflect the date on which the new Notice became effective.
If you have any questions about this Notice or our processing of your PII, please write to our privacy contact at email@example.com or by postal mail at:
Please allow up to four weeks for us to reply.
Data Protection Officer
We have appointed VeraSafe as our Data Protection Officer (DPO). While you may contact us directly, VeraSafe can also be contacted on matters related to the processing of Personal Data. VeraSafe’s contact details are: