Salesly.ai Privacy Policy
Salesly.ai ("Salesly," "we," "us," or "our") provides AI-assisted software and services that help businesses discover, enrich, and reach relevant decision-makers and accounts, and to analyze and automate sales workflows. We respect your privacy and are committed to being transparent about how we collect, use, disclose, and protect personal information.
Plain-English Summary
(not a substitute for the full policy)
- •We collect personal information you provide, data we get from your use of our Services, and B2B contact data from public/licensed sources.
- •If you're a professional whose business contact details appear in our datasets, you can opt out and request deletion/suppression; we also honor Global Privacy Control (GPC) signals.
- •We do not knowingly collect data about children.
- •For California residents, we disclose whether we "sell" or "share" personal information (as those terms are defined by CPRA) and provide a "Do Not Sell or Share My Personal Information" choice.
- •For EEA/UK residents, we identify our lawful bases and your GDPR rights.
Table of Contents
▼
Scope & Who This Policy Covers
This Policy applies to:
- •
Websites and apps we operate that link to it;
- •
Products and services (collectively, the 'Services');
- •
Business contact data we license or compile from third-party sources for our B2B datasets.
This Policy doesn't apply to third-party services that integrate with Salesly or that you access via links; those are governed by their own policies.
Information We Collect
Information You Provide
Data you directly share with us when using our services.
- •
Account data (name, business email, password, role, company, team members)
- •
Billing & transactions (billing contact, address, payment method)
- •
Content & uploads (lists, notes, outreach content, CRM sync)
- •
Communications (support inquiries, feedback, call transcripts)
Automatic Data
Technical information collected from your device and use of Services.
- •
Log & usage (pages viewed, actions, timestamps, referral URLs)
- •
Device/tech (IP address, approximate location, device and browser type, OS)
- •
Cookies/SDKs for functionality, analytics, A/B testing, and advertising
Information from Other Sources (B2B)
Business data from public databases and licensed sources.
- •
Publicly available sources (company sites, professional profiles, corporate filings)
- •
Licensed providers/partners (data contributors and enrichment vendors)
- •
User-contributed data (customers verify B2B contacts)
- •
Derived/enriched data (standardized job titles, firmographics, scores)
Categories (CPRA): Identifiers, professional/work information, commercial and internet activity, inferences; we do not collect sensitive personal information for our lead datasets.
How We Use Information
Service Delivery & Operations
Provide, secure, troubleshoot, and improve the Services; personalize features; maintain integrity and prevent abuse/fraud.
Lead Intelligence & Enrichment
Build, verify, update, and deliver B2B contact and company datasets and enrichment outputs to customers; assess relevance and quality.
Outreach & Communications (B2B)
Support, product updates, onboarding, surveys, and—where permitted—Salesly and partner marketing. You can opt out of marketing anytime.
Compliance & Defense
Meet legal obligations, enforce terms, protect rights, safety, and security.
Automated decision-making / profiling: We may compute scores (e.g., match quality or role likelihood) to help customers prioritize outreach. You can object where required by law.
Legal Bases (EEA/UK)
Where GDPR/UK GDPR applies, we rely on:
Performance of a contract: to provide the Services you request.
Legitimate interests: e.g., B2B marketing; dataset quality and security; product analytics. We balance these interests against individuals' rights and expectations and provide easy opt-outs/suppression.
Consent: where required for certain cookies/ads or communications.
Legal obligations: e.g., tax, accounting, regulatory.
When We Disclose Information
We disclose personal information to:
Service Providers / Processors
Hosting, infrastructure, analytics, payments, communications, customer support, anti-abuse.
Integration/Implementation Partners
At your request or where you connect a partner/CRM.
Customers
Delivery of B2B datasets and enrichment outputs, consistent with this Policy and applicable law.
Corporate Transactions
Merger, acquisition, financing, or sale of assets.
Legal & Safety
To comply with law or protect rights, security, or property.
We do not permit processors to use personal information for their own purposes.
Your Privacy Choices & Rights
A. Opt Out of Sales/Sharing (California)
If you are a California resident, you may opt out of the sale or sharing of your personal information and limit use of any sensitive personal information (if collected). We also honor Global Privacy Control (GPC) signals for browser-based opt-outs.
B. B2B Dataset Removal & Suppression
If your professional contact information appears in our B2B datasets, you can access what we have about you, request deletion, and ask us to place your record on a suppression list so it is not re-added later (subject to legal allowances to maintain suppression records).
C. Email/SMS/Calls
- •
Marketing emails/SMS: use the unsubscribe instructions in the message or your account settings.
- •
Telephony compliance: we respect applicable do-not-call and consent rules.
D. EEA/UK Data Subject Rights
You may have rights to access, rectify, erase, restrict, object (including to direct marketing/legitimate-interests processing), and data portability. If we rely on consent, you can withdraw it at any time.
We will not discriminate against you for exercising privacy rights where prohibited by law.
Essential Cookies
For login, security, fraud prevention.
Analytics/Measurement
Performance metrics, product analytics.
Functional
Remember settings and preferences.
Advertising/Attribution
Where permitted and subject to your choices/consent.
Manage preferences via our Cookie Settings banner, browser settings, or platform controls (including GPC).
Data Sources
Publicly available web pages and documents;
Licensed third-party providers and data contributors;
Customer-provided lists and end-user inputs;
Our own processing and inference (standardization, verification, scoring).
We regularly review sources for quality and compliance and require contributors to collect and share data lawfully.
Retention
We retain personal information only as long as needed for the purposes in this Policy, to comply with legal obligations, or to resolve disputes.
For opted-out individuals, we maintain suppression records to prevent re-adding data.
Security
We implement administrative, technical, and physical safeguards appropriate to the nature of the data and our business.
No system is 100% secure; we monitor for vulnerabilities and maintain incident response procedures.
International Data Transfers
Where we transfer personal information internationally (including to the U.S.), we use appropriate safeguards (e.g., Standard Contractual Clauses and supplementary measures) and conduct transfer assessments when required.
Children's Privacy
Our Services are for business use only and not directed to children under 16. We do not knowingly collect children's personal information.
State-Specific Notices (U.S.)
California (CPRA)
- •
Notice at collection: see Sections 2–3 for categories, purposes, retention, and sources.
- •
Sale/Share: If our provision of B2B contact data to customers or use of certain advertising/analytics tools is deemed a 'sale' or 'share' under CPRA, California residents can opt out via the links above; we honor GPC.
- •
Right to know, delete, correct, opt out, limit sensitive PI, and appeal (where applicable).
- •
Non-discrimination: we won't retaliate for exercising CPRA rights.
Other U.S. States
Where state privacy laws provide similar rights (e.g., CO, CT, VA, UT, OR, TX), we will honor valid requests received through our Data Request Form.
EEA/UK Addendum
Controller: Salesly.ai for most processing described here. For certain enterprise implementations, we may act as processor for our customer.
Lawful bases: see Section 4.
EEA/UK representative: [to be supplied if required]
DPO: [if appointed, contact details to be added]
Complaints: You may contact your local data protection authority.
Data Brokers & Transparency
We support strong transparency standards for the B2B data ecosystem and avoid practices regulators consider "dark patterns," such as obscuring opt-out pages. We monitor evolving rules (e.g., California's Delete Act/DROP program) and will update our processes accordingly.
Third-Party Websites & Services
Our Services may include links or integrations to third-party sites and platforms. Their privacy practices are not governed by this Policy.
Changes to This Policy
We may update this Policy to reflect changes to our practices or the law. We'll post updates with a new "Last updated" date and, where required, notify you and/or seek consent.
Contact Us
Salesly.ai Privacy
privacy@salesly.ai
Mailing Address
[Company legal name & postal address]
If you are in the EEA/UK, you may also contact your local data protection authority; see Section 14.
How to Exercise Your Rights
Use our Privacy Choices / Data Request Form to submit requests (access/know, deletion, correction, opt-out of sale/share, limit sensitive PI, appeal). We may need to verify your identity and/or your authority as an agent. We will respond within applicable statutory timeframes.
Additional Disclosures for Enterprise Customers
When Salesly processes personal information solely on behalf of a customer (e.g., syncing to the customer's CRM), our Data Processing Addendum (DPA) applies. Enterprise customers can request our current DPA and list of subprocessors at legal@salesly.ai.
Definitions (Simplified)
"Personal information / personal data" – information that identifies or can be linked to an individual.
"Sale" / "Share" (CPRA) – broadly defined disclosures that may include exchanging data for valuable consideration or cross-context behavioral advertising.
"GPC" – Global Privacy Control, a browser signal communicating your opt-out choice.