Privacy Policy

Prospi ("Company", "we", "us", "our") operates prospi.ai, an AI-powered cold email automation platform. This Privacy Policy explains how we collect, use, share, and protect information about you when you use our Platform ("Service").

This policy applies to all users of prospi.ai, including registered subscribers, trial users, and visitors to our website. By using the Service, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.

We are committed to handling your information responsibly and in compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the CAN-SPAM Act.

We collect information in the following categories:

Account and Registration Data

When you create an account, we collect your name, email address, company name, job title, and any other information you provide during registration or in your profile.

Payment and Billing Data

Payment processing is handled by Stripe, Inc. We receive confirmation of transactions and limited billing information (last four digits of card, billing address) but do not store full credit card numbers. Stripe's handling of your payment data is governed by their privacy policy.

Platform Usage Data

We collect data about how you use the Platform, including features accessed, campaigns created, emails sent, sequences configured, lead searches performed, inbox interactions, and session activity. This includes IP addresses, browser type, device information, and timestamps.

Lead and Contact Data

When you search, export, or access records from the lead database, we log which records you accessed. If you import your own contact lists into the Platform, we process that data on your behalf.

Email Account Data

To provide inbox management and warmup features, we connect to your email accounts (Gmail, Outlook, and others) via OAuth. We access email metadata and content strictly as needed to deliver outreach, warmup, and reply management features. We do not sell or use your connected email content for advertising purposes.

AI Interaction Data

When you use AI personalization or reply suggestion features, inputs (such as prospect data) and outputs (generated copy) are processed to deliver the feature. We may use aggregated, anonymized interaction data to improve our AI models.

Communications with Us

When you contact our support team or respond to our messages, we retain those communications and associated data.

Cookies and Tracking

We use cookies and similar tracking technologies on our website and within the Platform. See Section 9 for details.

We use the information we collect to:

Prospi's lead database contains B2B professional contact information compiled from publicly available sources, licensed data partnerships, and web indexing. This data includes professional email addresses, job titles, company names, company websites, phone numbers, and related firmographic information.

Legitimate Interest Basis

B2B cold outreach to professional contacts is recognized under GDPR as a legitimate interest activity when conducted lawfully and proportionately. Contacts in our database have made their professional information publicly available in a commercial context, which establishes a reasonable expectation of B2B communication.

Your Responsibilities as a Data Controller

When you use Prospi to conduct outreach, you act as a data controller for the contacts you reach. This means:

Data Accuracy and Updates

We maintain procedures to remove records of individuals who have requested removal from our database. If you are an individual whose data appears in our database and you wish to have it removed, please contact support@prospi.ai with your name, email address, and company.

Processing on Your Behalf

To the extent you import your own contact data into the Platform, we process that data on your behalf as a data processor under a Data Processing Agreement, available upon request.

Our AI personalization engine analyzes publicly available information about your prospects and their companies to generate personalized email copy. This process involves:

How We Protect This Data

Prospect data used for personalization is processed transiently to generate content and is not retained longer than necessary to deliver the output. We do not use individual prospect data to build advertising profiles.

AI Output Accuracy

AI-generated content may contain factual errors or statements that are inappropriate for specific contexts. You are responsible for reviewing AI-generated content before sending. We disclaim liability for outcomes resulting from inaccurate or unsuitable AI-generated content that you choose to send.

We do not sell your personal data or your customers' data to third parties. We share information only in the following circumstances:

Service Providers

We work with trusted third-party service providers who process data on our behalf to help us operate the Platform. These include:

All service providers are bound by data processing agreements and may only use data for the specific purposes we authorize.

Whitelabel Partners

If you are an end client of a Prospi Whitelabel Partner (an agency using our white-label technology), your data may be accessible to that partner in their capacity as your service provider. Prospi's relationship is with the Whitelabel Partner; your primary data relationship is with the agency you contracted.

Legal Requirements

We may disclose information if required to do so by law, subpoena, court order, or other governmental authority, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Business Transfers

If Prospi is involved in a merger, acquisition, or sale of all or a portion of its assets, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

Aggregated Data

We may share aggregated, anonymized data that does not identify any individual for industry analysis, product benchmarking, or marketing purposes.

We retain your data for as long as your account is active or as needed to provide you with the Service. Specifically:

After applicable retention periods, data is securely deleted or anonymized. You may request earlier deletion of your personal data, subject to our legal obligations to retain certain records.

Depending on your location and applicable law, you may have the following rights regarding your personal data:

Right to Access

You may request a copy of the personal data we hold about you.

Right to Rectification

You may request correction of inaccurate or incomplete personal data.

Right to Erasure ("Right to be Forgotten")

You may request deletion of your personal data, subject to our legal obligations to retain certain records (e.g., billing records for tax purposes).

Right to Restrict Processing

You may request that we limit how we use your data in certain circumstances.

Right to Data Portability

You may request your data in a structured, machine-readable format.

Right to Object

You may object to processing based on legitimate interests, including direct marketing.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.

California Residents (CCPA)

California residents have the right to know what personal information is collected, to request deletion, to opt out of the sale of personal information (we do not sell personal information), and to non-discrimination for exercising these rights.

How to Exercise Your Rights

To exercise any of these rights, please contact us at support@prospi.ai with your name, email address, and a description of your request. We will respond within 30 days (or shorter if required by applicable law). We may need to verify your identity before processing your request.

We use cookies and similar technologies (web beacons, pixels, local storage) on our website and within the Platform.

Essential Cookies

Required for the Platform to function. These enable authentication, session management, and security features. You cannot opt out of essential cookies while using the Service.

Analytics Cookies

We use analytics tools to understand how users interact with our website and Platform so we can improve the experience. This includes tracking page views, feature usage, and conversion funnels. Data collected is aggregated and anonymized where possible.

Marketing and Tracking Pixels

We may use advertising pixels (including but not limited to Meta/Facebook Pixel) to measure the effectiveness of our marketing campaigns and to enable retargeting advertising. These technologies collect data about your browsing behavior.

Managing Cookies

You can control cookies through your browser settings. Disabling certain cookies may affect Platform functionality. For marketing cookies, you may opt out through the Digital Advertising Alliance (optout.aboutads.info) or similar regional opt-out mechanisms.

Do Not Track

We currently do not respond to "Do Not Track" browser signals, as there is no industry standard for how to handle them.

We implement industry-standard technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. In the event of a data breach that affects your rights, we will notify you in accordance with applicable law.

If you discover a security vulnerability in our Platform, please report it responsibly to support@prospi.ai.

Prospi is operated in the United States. If you are accessing the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we ensure that international data transfers are protected by appropriate safeguards. Where we transfer data to third countries, we rely on:

By using the Service, you acknowledge and consent to the transfer of your information to countries outside your country of residence, which may have different data protection laws.

For users in the European Economic Area (EEA), we process personal data under the following legal bases:

Data Protection Officer

For GDPR-related inquiries, including exercising your data subject rights or raising concerns about our data processing practices, please contact us at support@prospi.ai with the subject line "GDPR Inquiry." We will respond within the timeframes required by applicable law.

Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with your local supervisory authority (Data Protection Authority).

The Service is intended for use by adults and businesses. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have collected personal information from a minor without appropriate consent, we will take steps to delete that information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@prospi.ai so we can address the situation.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. We will notify you of material changes by:

The updated policy will indicate the date it was last revised. We encourage you to review this policy periodically. Your continued use of the Service after any changes constitutes your acceptance of the revised Privacy Policy. If you do not agree with the changes, you should discontinue use of the Service and cancel your subscription.

If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us:

We are committed to working with you to resolve any privacy concerns. If you are not satisfied with our response, you may have the right to lodge a complaint with your local data protection authority.