Privacy Policy

Last updated: 2026-05-13

SalesIQ (“we”, “us”) operates the SalesIQ Cloud service and publishes the SalesIQ open-source software. This policy describes the personal data we process when you use SalesIQ Cloud (the hosted SaaS at app.salesiq.ch). If you self-host SalesIQ Community Edition, you are the data controller of your own instance and this policy applies only to data you may share with us through support or community channels.

1. Data we collect

Account data: email address, hashed password, full name (optional), workspace name.
Subscription data: Stripe customer ID, billing email, payment method metadata (we never store full card numbers — Stripe handles this).
Content you create: leads, contacts, cadences, messages, notes, deals, and any text you input into the product.
Integrations: when you connect Gmail, Outlook, LinkedIn (via Unipile), or Pipedrive, we store encrypted OAuth tokens to act on your behalf. Email and message bodies are fetched on demand and not persisted (only previews and metadata are stored).
Usage data: API logs, error traces, feature usage counters. Used for billing, debugging, and improving the product.
Cookies: a single Supabase authentication cookie. No advertising or third-party tracking cookies.

2. How we use your data

Provide and operate the service (sending your cadences, syncing your CRM, etc.).
Authenticate you and secure your account.
Bill you (via Stripe) and handle payment disputes.
Send service notifications (trial expiry, payment failure, security alerts).
Diagnose bugs and improve product quality.

We do not sell your data. We do not train AI models on your content. We do not share your data with third parties except the sub-processors listed below.

3. Sub-processors

SalesIQ Cloud relies on the following sub-processors to operate the service. Each is bound by a data-processing agreement and standard contractual clauses where applicable.

Vercel — application hosting and edge delivery (USA/EU regions).
Supabase — Postgres database, file storage, authentication (EU region).
Anthropic — AI inference for cadence generation, discovery, and enrichment. Prompts are not retained by Anthropic past the response (per their API ToS).
Stripe — payment processing (USA + EU).
Resend — transactional email delivery.
Unipile — LinkedIn and email connectors (when you choose to enable them).
Inngest — durable job execution.
Sentry — error monitoring (we scrub personal data from traces).

3a. LinkedIn connection-status cache

To avoid repeated calls to LinkedIn every time you open a contact card, SalesIQ Cloud caches whether your LinkedIn account is already connected to that contact. This cached snapshot (connected, pending, or not connected) is refreshed at most every 7 days and is deleted as soon as the underlying contact is removed from your workspace.

4. Your rights

Under GDPR and similar regulations, you have the right to:

Access the personal data we hold about you.
Rectify inaccurate data.
Erase your account and associated data.
Export your data in a portable format (JSON / CSV).
Object to processing or restrict it.
Lodge a complaint with your local supervisory authority.

You can exercise these rights yourself from Settings → Account, or by contacting us through the channel listed at the bottom of this page. We respond within 30 days.

5. Retention

We retain your data for as long as your account is active. When you delete your account, we erase your data within 30 days from primary storage and within 90 days from encrypted backups. Some metadata (billing records, audit logs) is kept for up to 7 years to meet Swiss tax and legal requirements.

6. Security

We encrypt OAuth tokens at rest with AES-256-GCM. All connections to SalesIQ Cloud use TLS 1.2+. We perform automated dependency vulnerability scans (Dependabot) and code scans (CodeQL). Report a security issue privately: see SECURITY.md.

7. Changes

Material changes will be announced via email to account holders at least 30 days before they take effect.

Contact

SalesIQ — Canton of Vaud, Switzerland
Privacy contact: info@salesiq.ch

Last updated: 2026-05-13

1. Data we collect

Account data: email address, hashed password, full name (optional), workspace name.

Subscription data: Stripe customer ID, billing email, payment method metadata (we never store full card numbers — Stripe handles this).

Content you create: leads, contacts, cadences, messages, notes, deals, and any text you input into the product.

Integrations: when you connect Gmail, Outlook, LinkedIn (via Unipile), or Pipedrive, we store encrypted OAuth tokens to act on your behalf. Email and message bodies are fetched on demand and not persisted (only previews and metadata are stored).

Usage data: API logs, error traces, feature usage counters. Used for billing, debugging, and improving the product.

Cookies: a single Supabase authentication cookie. No advertising or third-party tracking cookies.

2. How we use your data

Provide and operate the service (sending your cadences, syncing your CRM, etc.).

Authenticate you and secure your account.

Bill you (via Stripe) and handle payment disputes.

Send service notifications (trial expiry, payment failure, security alerts).

Diagnose bugs and improve product quality.

We do not sell your data. We do not train AI models on your content. We do not share your data with third parties except the sub-processors listed below.

3. Sub-processors

SalesIQ Cloud relies on the following sub-processors to operate the service. Each is bound by a data-processing agreement and standard contractual clauses where applicable.

Vercel — application hosting and edge delivery (USA/EU regions).

Supabase — Postgres database, file storage, authentication (EU region).

Anthropic — AI inference for cadence generation, discovery, and enrichment. Prompts are not retained by Anthropic past the response (per their API ToS).

Stripe — payment processing (USA + EU).

Resend — transactional email delivery.

Unipile — LinkedIn and email connectors (when you choose to enable them).

Inngest — durable job execution.

Sentry — error monitoring (we scrub personal data from traces).

3a. LinkedIn connection-status cache

4. Your rights

Under GDPR and similar regulations, you have the right to:

Access the personal data we hold about you.

Rectify inaccurate data.

Erase your account and associated data.

Export your data in a portable format (JSON / CSV).

Object to processing or restrict it.

Lodge a complaint with your local supervisory authority.

You can exercise these rights yourself from Settings → Account, or by contacting us through the channel listed at the bottom of this page. We respond within 30 days.