PiP Inbox Privacy Policy

1. Introduction

PiP Inbox ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our email marketing platform and services available at pipinbox.com and app.pipinbox.com. We adhere to the highest standards of data protection, including GDPR principles.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you voluntarily provide to us when you register for the Service, use our features, or contact us. This includes:

• Name, email address, phone number, and postal address
• Account credentials (username, password hash) and authentication information
• Billing and payment information (e.g., credit card details, processed securely by third-party payment processors)
• Company information, job title, and industry details
• Communication preferences and marketing opt-ins

2.2 Usage Data & Analytics

We automatically collect certain information when you access and use our services. This usage data helps us understand how our platform is used and improve its functionality:

• Email campaign performance data (opens, clicks, bounces, unsubscribes)
• Subscriber lists and contact information (managed by you, processed by us)
• Platform usage statistics, feature interactions, and performance metrics
• Device information (type, operating system), IP addresses, browser type, and referral URLs
• Log data, including access times and pages viewed

3. How We Use Your Information

We use the collected information for legitimate business purposes, including:

• To provide, operate, and maintain our email marketing services
• To process payments, manage your account, and provide billing support
• To send transactional emails, service notifications, and important updates
• To improve our platform, develop new features, and enhance user experience
• To provide effective customer support and technical assistance
• To monitor and analyze usage trends to optimize service performance
• To comply with legal obligations, enforce our terms, and prevent fraudulent activities
• For marketing and promotional purposes, with your explicit consent

4. Information Sharing and Disclosure

We may share your information only in specific circumstances and with appropriate safeguards:

• Service Providers: With trusted third-party vendors who perform services on our behalf (e.g., payment processing, cloud hosting, analytics). These providers are contractually obligated to protect your data.
• Amazon SES: Email delivery data is securely processed through Amazon Simple Email Service (SES), a highly reliable and scalable email sending service.
• Legal Requirements: When required by law, subpoena, or other legal process, or to protect our rights, property, or safety, and the rights, property, or safety of others.
• Business Transfers: In connection with a merger, acquisition, asset sale, or other corporate transaction, your information may be transferred as part of the assets.
• With Your Consent: We may share your information with third parties when we have your explicit consent to do so.

5. Data Security

We implement robust technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• End-to-end encryption of data in transit (TLS/SSL) and at rest (AES-256)
• Regular security audits, vulnerability assessments, and penetration testing
• Strict access controls and multi-factor authentication for internal systems
• Secure data centers with physical and environmental safeguards
• Employee training on data privacy and security best practices

6. Data Retention

We retain your personal information for as long as necessary to provide our services, fulfill the purposes outlined in this Privacy Policy, and comply with legal obligations. When you delete your account, we will delete or anonymize your personal information within 30 days, unless a longer retention period is required or permitted by law.

7. Your Rights and Choices (GDPR & CCPA)

Depending on your location and applicable data protection laws (e.g., GDPR for EU residents, CCPA for California residents), you may have the following rights regarding your personal data:

• **Right to Access:** Request a copy of your personal information we hold.
• **Right to Rectification:** Request correction of inaccurate or incomplete information.
• **Right to Erasure (Right to be Forgotten):** Request deletion of your personal information under certain conditions.
• **Right to Restriction of Processing:** Request that we restrict the processing of your personal information.
• **Right to Object to Processing:** Object to our processing of your personal information.
• **Right to Data Portability:** Request transfer of your data to another organization or directly to you.
• **Right to Withdraw Consent:** Withdraw your consent at any time where we rely on consent to process your personal information.

To exercise any of these rights, please contact us using the details provided in Section 11. We will respond to your request in accordance with applicable law.

8. International Data Transfers

Your information, including personal data, may be transferred to and processed in countries other than your own, where data protection laws may differ. We ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws, such as standard contractual clauses or reliance on adequacy decisions.

9. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information without parental consent, we will take immediate steps to delete it from our servers.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of our services after such changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your privacy rights, please contact us at: