Upsteered ("we", "us", or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information when you use our website, platform, applications, dashboards, AI-assisted features, content-generation tools, lead-tracking tools, integrations, and related services (collectively, the "Service").
By using the Service, you acknowledge this Privacy Policy. In some cases, we may also provide additional notices or product-specific terms that apply to particular features or customers.
1. Scope; Controller and Processor Roles
Depending on how you interact with the Service, Upsteered may act as a controller, processor, or both. We act as a controller when we determine the purposes and means of processing personal information for our own business purposes, such as website administration, billing, security, support, analytics, product improvement, and legal compliance. We act as a processor when we process Customer Data on behalf of a business customer in connection with that customer’s use of the Service.
Where we act as a processor, the business customer remains responsible for deciding what personal data to submit to the Service and for ensuring that it has a lawful basis to do so. Where required, our processing as a processor is governed by a separate data processing agreement or similar terms.
2. Information We Collect
We may collect the following categories of personal information:
Account and Contact Information
Name, email address, company name, login credentials, billing contact details, communication preferences, and any information you provide when creating or managing an account, contacting support, or subscribing to updates.
Customer Data and Content
Leads, prospect data, contact lists, notes, messages, prompts, drafts, campaign information, uploaded files, articles, replies, workflow data, and other content you submit, import, create, or store in the Service.
Usage, Device, and Log Data
IP address, browser type, device information, operating system, referral URLs, pages viewed, feature usage, clicks, session duration, timestamps, crash data, and other diagnostic or performance information.
Payment and Billing Information
Payment method details, billing history, subscription status, invoices, transaction IDs, tax-related information, and records related to refunds, chargebacks, or payment disputes. We typically rely on third-party payment processors for payment handling.
Communication Data
Messages you send to us, support tickets, feedback, survey responses, marketing opt-in or opt-out choices, and records of communications we send to you.
Integration and Third-Party Data
Data received from integrations you enable, third-party platforms you connect, or services you authorize us to access, consistent with your settings and the applicable permissions you grant.
Cookies and Similar Technologies
Cookies, pixels, local storage, session tokens, and similar technologies used for authentication, security, preference storage, analytics, and service functionality.
3. Sources of Information
We collect information directly from you, automatically through your use of the Service, from devices and browsers, from payment and infrastructure providers, from integrations you authorize, and from other users or business contacts where you or they lawfully provide information to us.
4. How We Use Information
- to provide, operate, maintain, and improve the Service;
- to create and manage accounts, subscriptions, and billing;
- to process leads, content, prompts, drafts, and workflows you submit;
- to deliver AI-assisted features, suggestions, and outputs;
- to authenticate users, detect fraud, and protect the Service and our users;
- to provide customer support and respond to inquiries;
- to send administrative, transactional, billing, and service messages;
- to send marketing communications where permitted by law, subject to your preferences;
- to analyze usage, monitor performance, and improve user experience;
- to enforce our Terms of Service, policies, and applicable law;
- to complete corporate transactions, comply with legal obligations, and establish or defend legal claims.
5. Legal Bases for Processing
For users in the European Economic Area, the United Kingdom, and other jurisdictions that require a lawful basis, we process personal information only where we have a valid legal basis. Depending on the context, that legal basis may include:
- performance of a contract or steps taken at your request before entering into a contract;
- our legitimate interests, such as securing and improving the Service, preventing fraud, and operating our business;
- your consent, where required, including certain marketing or cookie uses;
- compliance with legal obligations;
- protection of vital interests, where necessary.
If you are a business customer using the Service to process personal data about prospects, leads, or other contacts, you are responsible for identifying your own lawful basis and for providing any notices or consents required for your processing.
6. How We Share Information
We do not sell your personal information. We may disclose personal information in the following circumstances:
- to service providers and subprocessors that perform services on our behalf, such as hosting, analytics, support, security, infrastructure, AI processing, and payment processing;
- to enable integrations you choose to connect to the Service;
- to comply with law, legal process, or lawful requests from public authorities;
- to enforce our agreements, policies, and rights;
- to detect, investigate, or prevent fraud, abuse, or security incidents;
- in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets.
Where we use service providers or subprocessors, they are permitted to use personal information only to provide services to us or as otherwise required by law.
7. AI Features and Third-Party Processing
The Service may use third-party AI or machine-learning providers to generate or process prompts, drafts, summaries, suggestions, and similar outputs. Depending on the feature and configuration, those providers may process the content you submit and related metadata to provide the Service.
We use contractual and technical safeguards intended to limit processing to operational purposes related to the Service. However, you should avoid submitting sensitive information unless it is necessary for the feature you are using.
8. Cookies and Similar Technologies
We use cookies and similar technologies for essential site functions, authentication, security, remembering preferences, measuring performance, and understanding how the Service is used. Some cookies are necessary for the Service to work; others are used for analytics or optional functionality.
You can control cookies through your browser settings and, where available, through our cookie controls. Disabling cookies may limit certain features.
9. Data Retention
We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Service, maintain records, comply with legal obligations, resolve disputes, enforce agreements, and protect against fraud or misuse.
Retention periods may vary depending on the type of information, the reason it was collected, legal requirements, contractual obligations, and security or backup needs. When information is no longer needed, we will delete it, anonymize it, or take other appropriate steps to handle it securely.
10. Security
We use reasonable technical, administrative, and organizational safeguards designed to protect personal information. These measures may include access controls, encryption in transit where appropriate, logging, monitoring, and vendor due diligence.
No method of transmission over the Internet or electronic storage is entirely secure, and we cannot guarantee absolute security. You are responsible for using strong credentials, protecting your devices, and notifying us promptly if you suspect unauthorized access.
11. International Data Transfers
Because we may operate and use service providers in multiple countries, personal information may be processed outside your country of residence, including outside the European Economic Area, the United Kingdom, or the country where the information was originally collected.
Where required by law, we use appropriate safeguards for cross-border transfers, such as adequacy decisions, standard contractual clauses, or other legally recognized transfer mechanisms.
12. Your Privacy Rights
Depending on your location, you may have rights to access, correct, update, delete, port, restrict, or object to certain processing of your personal information. Where we rely on consent, you may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
You may also have the right to lodge a complaint with a data protection authority. If you want to exercise a right, contact us using the information below. We may need to verify your identity before responding. If we are acting as a processor for a business customer, we may redirect your request to that customer and assist them as required by law.
We aim to respond within the time required by applicable law.
13. California Privacy Rights
If you are a California resident, you may have rights under the California Consumer Privacy Act and related laws, including the right to know what personal information we collect, use, disclose, and share; the right to delete personal information; the right to correct inaccurate personal information; the right to opt out of sale or sharing of personal information, if applicable; the right to limit the use and disclosure of sensitive personal information, if applicable; and the right to non-discrimination for exercising your rights.
You may submit a request by contacting us at the email address below. If required by law, we will provide additional methods for submitting requests and will honor applicable browser or device opt-out signals.
We do not knowingly sell personal information in exchange for money. If our practices change, we will update this Policy and provide the disclosures and controls required by law.
14. Children’s Privacy
The Service is not directed to children, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, or from a higher age where required by local law, we will take reasonable steps to delete it.
15. Marketing Communications
We may send you product updates, promotional messages, and newsletters where permitted by law. You can opt out of marketing emails by following the unsubscribe instructions in the message or by contacting us directly. We may still send you non-marketing messages related to your account, security, billing, or the Service.
If you use the Service to create or support outreach campaigns, you remain responsible for complying with all applicable laws governing messaging and communications, including email and data-protection rules.
16. Third-Party Links and Services
The Service may link to or integrate with third-party websites, services, and applications. We are not responsible for the privacy, security, or practices of those third parties. We encourage you to review their privacy policies before using those services.
17. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will post the revised version on this page and update the "Last updated" date. If we make material changes, we may provide additional notice where required by law. Your continued use of the Service after the updated policy becomes effective means you accept the revised policy.
18. Contact Us
If you have questions about this Privacy Policy or our data practices, or if you would like to exercise your privacy rights, contact us at hello@moc.dereetspu.