Privacy Policy

This Privacy Policy explains how PersonalPitch collects, uses, stores, and discloses information when you visit the public site, join the waitlist, create an account, connect Google or Gmail, create campaigns, upload leads, generate emails, send emails, and use engagement tracking features.

This policy is meant to describe the current product behavior reflected in the application as of March 31, 2026. It does not expand your rights or our obligations beyond applicable law, and it should be read together with the Terms of Use.

We collect information you provide directly, including your waitlist email address, Google account information returned during authentication, sender-profile information, business-profile information, campaign settings, templates, lead records, and any text or data you submit while using the product.

We also collect operational and engagement data created through use of the service, including campaign status, generated draft content, lead-level send history, open events, click events, unsubscribe events, and certain analytics or diagnostic information used to operate and improve the service.

If you connect Google or Gmail features, we may receive account identifiers, OAuth tokens, permitted Gmail access scopes, and related metadata needed to authenticate your account and send emails on your behalf through the permissions you approve.

We use information to provide and secure the service, authenticate users, create and manage accounts, save settings, generate and improve campaign drafts, process queue jobs, send emails through connected Gmail accounts, maintain lead and campaign history, process unsubscribes, analyze service usage, prevent abuse, and communicate about the product.

We also use information to enforce our Terms of Use, respond to support or legal requests, investigate suspicious or unlawful activity, and maintain the integrity, safety, and reliability of the platform.

If you are in the EEA, UK, or another jurisdiction that requires a legal basis for processing, we generally process information as necessary to perform a contract with you, to pursue our legitimate interests in operating and securing the service, to comply with legal obligations, and, where required, based on your consent.

The exact legal basis can depend on context. For example, we may rely on contract to provide account features you request, legitimate interests to detect abuse or improve service reliability, and consent where you choose to connect third-party accounts or where law requires consent for a specific activity.

If you upload or enter lead data, you are responsible for having the rights and lawful basis required to use that data and to send any email campaign you run through the service. PersonalPitch processes that data to provide campaign creation, AI generation, sending, tracking, and unsubscribe handling.

The product supports open tracking, click tracking, and unsubscribe handling. Open tracking may work through a tracking pixel or similar mechanism. Click tracking may route links through tracking endpoints before forwarding the visitor to the target destination. Unsubscribe requests are stored and used to mark a lead as unsubscribed in product records.

You are responsible for configuring and using the service in a way that complies with applicable marketing, privacy, anti-spam, and communications laws, including honoring unsubscribe requests and maintaining accurate sender and campaign practices.

We use third-party infrastructure and service providers to operate the product, including providers that may support authentication, email sending, AI generation, database hosting, job processing, analytics, and application hosting. Based on the current implementation, that may include Google services, MongoDB, Upstash, Vercel, and related infrastructure providers.

These providers may process personal data on our behalf or as independent controllers depending on the service and context. Their handling of data is also subject to their own terms and privacy notices.

We do not state that any connected provider uses your data for a particular model-training or advertising purpose unless that provider's own terms say so. If you need stricter contractual guarantees or vendor review, you should complete that review before using the service with sensitive workflows.

The service may use cookies, similar technologies, session storage, and request headers to maintain authentication, preserve session state, secure the product, support navigation, and understand how the site and product are used.

The current application also includes analytics tooling to understand site and product usage at an aggregated level. We may use this information to measure performance, diagnose errors, and improve the product.

We may share information with service providers and infrastructure partners that help us run the product, with professional advisors where reasonably necessary, in connection with a merger, financing, acquisition, or similar transaction, or where required to comply with law, regulation, court order, or enforceable governmental request.

We may also disclose information where we believe it is reasonably necessary to protect the rights, safety, property, or security of PersonalPitch, our users, recipients, or the public, or to investigate fraud, abuse, spam, or unlawful use of the service.

We do not describe this policy as a promise never to transfer data. We describe the categories of sharing that are reasonably necessary to operate the service lawfully and safely.

We retain information for as long as reasonably necessary to provide the service, maintain account history, support campaign operations, honor legal obligations, resolve disputes, enforce agreements, and maintain security and backup integrity.

Retention periods may differ by data type. For example, account and sender-profile information may be kept while your account remains active, while campaign, lead, and tracking records may be retained for operational, compliance, suppression, or dispute-resolution reasons unless and until they are deleted or no longer needed.

Depending on your location, you may have rights to access, correct, delete, restrict, object to, or receive a copy of certain personal data. You may also have the right to withdraw consent where processing is based on consent, although that does not affect prior lawful processing.

You can also use product controls where available, such as disconnecting Google access from your Google account, updating account data in the product, or using unsubscribe functionality for recipient records. If you want to make a privacy request, contact us at the email listed on this page.

We may need to verify your identity and authority before responding to a request, and some rights may be limited by law or by our need to retain certain records for compliance, suppression, fraud prevention, or contractual purposes.

The service may use providers that store or process information in countries other than the one where you or your recipients are located. By using the service, you understand that data may be transferred to and processed in other jurisdictions, subject to applicable safeguards where required by law.

If you need location-specific contractual terms, transfer mechanisms, or vendor disclosures, you should complete that review before using the service for regulated or sensitive workloads.

We use reasonable administrative, technical, and organizational measures designed to protect information against unauthorized access, loss, misuse, and alteration. That said, no internet or software service is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your account credentials, Google account access, and any other credentials or data you choose to connect to the service.

PersonalPitch is not directed to children, and you should not use the service if you are not legally able to form a binding agreement in your jurisdiction. Do not intentionally submit personal data of children through the service.

Unless you have a lawful and necessary reason to do so and have completed your own compliance review, you should not upload sensitive personal data or regulated categories of data into the service.

We may update this Privacy Policy from time to time. When we do, we may revise the last-updated date and, where required, provide additional notice. Your continued use of the service after an update takes effect means the updated policy will apply to future use of the service.

For privacy questions or requests, contact PersonalPitch at privacy@personalpitch.app.