Privacy Policy

1. Introduction

Dotless ("we", "us", or "our") respects your privacy. This Privacy Policy explains how we collect, use, and protect your personal information when you use our sales outreach platform at dotless.co ("the Service").

2. Information We Collect

Account information: Name, email address, and password when you register.

Payment information: Billing details processed securely through Stripe. We do not store your full credit card number.

Gmail integration: When you connect your Gmail account via OAuth, we receive access to send emails on your behalf. We do not read, store, or index the contents of your inbox.

Lead data: Business names, email addresses, phone numbers, and other publicly available business information discovered through Google Maps and web scraping.

Email content: Draft emails, templates, and sent message metadata (subject lines, send timestamps, delivery status).

Usage data: Pages visited, features used, and interaction patterns to improve the Service.

3. How We Use Your Information

• To provide and operate the Service, including sending emails on your behalf
• To generate personalized email drafts using AI
• To track email delivery, opens, and replies for your sequences
• To enforce sending limits and maintain the suppression list
• To process payments and manage your subscription
• To send you service-related notifications
• To improve and develop new features

4. Data Sharing

We do not sell your personal information. We share data only with:

• Supabase: Database hosting and authentication
• Google: Gmail API for email sending (OAuth)
• Stripe: Payment processing
• AI providers: Email content generation (business data only, no personal information)

We may disclose information if required by law or to protect our rights.

5. Data Security

We use industry-standard security measures including encryption in transit (TLS), row-level security policies on our database, and secure OAuth token storage. Gmail credentials are never stored directly; we use OAuth refresh tokens that you can revoke at any time.

6. Data Retention

We retain your account data for as long as your account is active. Lead data and email history are retained for the duration of your account. You may delete individual leads or request full account deletion at any time. Upon account deletion, your data is permanently removed within 30 days.

7. Your Rights

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your account and associated data
• Export your data in a portable format
• Revoke Gmail access at any time
• Opt out of non-essential communications

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising pixels.

9. Recipients' Rights

All outreach emails sent through Dotless include an unsubscribe link. When a recipient unsubscribes, their email is added to your suppression list and will not receive further emails from your account. We take email compliance seriously and may suspend accounts that violate anti-spam laws.

10. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or in-app notification. Continued use of the Service after changes constitutes acceptance.

12. Contact

For privacy-related questions or data requests, contact us at support@dotless.co.