Privacy Policy
Effective Date: February 8, 2026
Cloud Spike Cloud Service LLC ("we," "us," "our," or "SendCopy") operates SendCopy.ai ("SendCopy," "the Service," or "Platform"), an AI-powered platform that enables users to automate LinkedIn outreach, generate leads, build and manage outreach sequences, rotate senders safely, capture and organize leads, manage conversations through a unified inbox, and access real-time performance analytics.
We are committed to protecting your privacy and handling all personal information responsibly, transparently, and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) (EU) 2016/679, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the UAE Federal Decree-Law No. 45/2021 on the Protection of Personal Data, and other relevant regulations.
This Privacy Policy explains how we collect, use, disclose, store, secure, and protect your information when you visit our website at sendcopy.ai (the "Site"), access or use the Service, interact with us via email, support channels, or any related features. It applies to all users of the Service, including individuals, teams, agencies, and businesses.
This Policy does not apply to the privacy practices of third-party platforms such as LinkedIn, payment processors, or any other integrated services. We strongly recommend reviewing the privacy policies of those third parties (e.g., LinkedIn's User Agreement and Privacy Policy) before connecting accounts or sharing information.
By accessing or using SendCopy, you agree to the practices described in this Policy. If you do not agree, please do not use the Service.
We may update this Policy from time to time to reflect changes in our practices, technology, or legal requirements. The updated version will be posted on the Site with a revised effective date. For material changes, we will provide notice via email to registered users or prominent in-app/Service notification. Your continued use after such changes constitutes acceptance.
1. Information We Collect
We collect only the information necessary to deliver, personalize, secure, and improve the Service.
1.1 Information You Provide Directly
- Account Registration & Profile: Full name, email address, phone number (optional), company name, job title, billing address, and preferences.
- LinkedIn Account Connection: OAuth tokens or authorization credentials granted via secure authentication flows to enable LinkedIn features. We do not collect, store, or require your LinkedIn username and password.
- Service Content & Usage: Outreach sequences, message templates, campaign settings, custom variables, lead lists, tags, notes, uploaded files (if supported), and any content you create, edit, or input into the Platform.
- Billing & Payment: Subscription details and payment method information (processed securely by third-party providers; we do not store full credit card numbers or sensitive payment data).
- Communications: Support inquiries, feedback, chat transcripts, emails, and responses sent to support@sendcopy.ai or other channels.
1.2 Information Collected Automatically
- Technical & Usage Data: IP address, browser type/version, device type/model, operating system, unique device identifiers, pages viewed, time/date of access, referral sources, clickstream data, session duration, and interactions with features (e.g., sequences launched, messages sent, analytics viewed).
- LinkedIn Activity Metadata: Aggregated, non-personal performance metrics (e.g., open rates, reply rates, acceptance rates) derived from your campaigns.
- Cookies & Similar Technologies: Essential cookies for authentication and core functionality; analytics cookies for usage insights; optional functional/targeting cookies for personalization and advertising (subject to consent). See Section Cookie Policy below.
1.3 Information from Third Parties
- LinkedIn: Profile information, connection data, message history, activity feeds, and other data accessed via authorized API permissions you grant. This is used solely to power outreach automation, lead capture, inbox unification, and analytics within the Service.
- Payment Processors (e.g., Stripe): Transaction confirmations and limited billing metadata.
- Analytics Partners: Anonymized or aggregated usage insights from tools such as Google Analytics.
- Integrations (if enabled): Data from connected CRM, email, or calendar tools with your explicit authorization.
2. How We Use Your Information
We process your information for the following purposes, based on contractual necessity, consent, legitimate interests, or legal obligations:
- To create and manage your account, authenticate access, and provide core features (e.g., sequence building, sender rotation, lead generation, unified inbox, real-time analytics).
- To automate LinkedIn outreach, send messages/connections on your behalf (within your configured limits and LinkedIn guidelines), capture replies, and organize conversations.
- To personalize the Service (e.g., AI-suggested sequences, campaign recommendations, dashboard layouts).
- To process payments, manage subscriptions, and send billing/administrative communications.
- To provide customer support, respond to inquiries, and troubleshoot issues.
- To monitor, analyze, and improve Service performance, features, and user experience (using anonymized or aggregated data where possible).
- To detect, prevent, and investigate fraud, abuse, security incidents, or violations of our Terms of Service or LinkedIn policies.
- To send important service notifications, security alerts, and (with consent) marketing updates or product news (easy opt-out available).
- To comply with legal obligations, respond to lawful requests, enforce agreements, or protect rights/safety.
3. Disclosure of Your Information
We do not sell, rent, or trade your personal information. We share data only in limited, necessary circumstances:
- Service Providers & Sub-processors: To cloud hosting providers, analytics vendors, payment processors, email delivery services, and support tools — all bound by strict confidentiality, data protection agreements, and security requirements.
- LinkedIn: As required by the APIs to execute actions you authorize (e.g., sending messages, retrieving conversation threads).
- Business Transfers: In connection with mergers, acquisitions, asset sales, or reorganization (with notice and continued protection).
- Legal & Safety: To comply with laws, court orders, regulatory requests, or to protect the rights, property, or safety of SendCopy, users, or the public.
- With Your Consent: For any additional purpose you explicitly approve (e.g., sharing campaign reports with a third-party tool).
4. LinkedIn Data Handling (Service-Specific)
When you connect your LinkedIn account, we access only the data and permissions you explicitly authorize via secure OAuth flows. This enables features such as automated messaging, connection requests, lead discovery, inbox synchronization, and performance tracking.
We process LinkedIn data strictly to provide the Service features you use.
Message content and conversation history are handled securely and are accessible only to you (and authorized team members in multi-user accounts) through the Platform.
No human review of your LinkedIn messages or personal content occurs except in rare cases: (i) for security incident response, (ii) legal compliance obligations, (iii) your explicit request/support ticket, or (iv) fully anonymized aggregate analysis for product improvement.
We adhere to LinkedIn's API Terms of Use, Developer Policies, and Limited Use requirements — we do not repurpose LinkedIn data for unrelated marketing, selling, or any non-Service activity.
Upon account deletion, disconnection of LinkedIn, or revocation of access, we cease accessing your LinkedIn data and delete associated information within 30 days (subject to limited backups retained solely for legal/compliance reasons).
5. Data Security
We implement robust technical, organizational, and administrative safeguards:
- Encryption of data in transit (TLS 1.3+) and at rest (AES-256 or equivalent).
- Secure OAuth authentication for LinkedIn connections — no storage of LinkedIn passwords.
- Role-based access controls, multi-factor authentication (encouraged), regular security audits, and penetration testing.
- Monitoring for threats, anomaly detection, and incident response protocols.
- Hosting in secure, compliant data centers with geographic redundancy.
While we strive for the highest level of protection, no internet-based service is 100% secure. In the event of a personal data breach, we will notify affected users and relevant authorities as required by law (e.g., within 72 hours under GDPR).
6. Data Retention
We retain your information only as long as necessary:
- Account & billing data: For the duration of your subscription plus a reasonable period for disputes/tax/legal obligations.
- LinkedIn-derived data & campaign content: While your account is active and the LinkedIn connection remains authorized; deleted promptly upon disconnection or account termination (within 30 days).
- Logs & analytics: Up to 12–24 months for security and improvement purposes (anonymized where feasible).
- Legal backups: Retained only as required by law.
7. International Data Transfers
As a UAE-based company, data may be processed in the UAE, EU, or other jurisdictions by us or our providers. We use appropriate safeguards — such as Standard Contractual Clauses (SCCs), adequacy decisions, or other approved mechanisms — to ensure an equivalent level of protection for data transferred outside the EEA or other protected regions.
8. Your Privacy Rights
Depending on your location, you may have rights including:
- Access — Request confirmation of processing and copies of your data.
- Correction — Update inaccurate information.
- Deletion ("right to be forgotten") — Erase data subject to legal exceptions.
- Restriction / Objection — Limit or object to certain processing (e.g., marketing).
- Portability — Receive your data in a structured, machine-readable format.
- Withdraw Consent — Where processing is consent-based (does not affect prior lawfulness).
- Non-Discrimination — Exercise rights without penalty.
California Residents (CCPA/CPRA) additionally have rights to know categories/sources of data collected, opt out of sales/sharing (we do not sell data), limit sensitive data use, and correct inaccuracies.
To exercise rights, email a verifiable request to support@sendcopy.ai with proof of identity. We respond within statutory timeframes (e.g., 45 days under CCPA, one month under GDPR — extendable if complex). No fee for standard requests.
You may also manage cookies/consent preferences via our banner or browser settings.
9. Cookie Policy
We use cookies and tracking technologies:
| Category | Purpose | Duration / Control |
|---|---|---|
| Essential | Authentication, security, core functions | Session or persistent; browser settings |
| Performance | Usage analytics, site optimization | Up to 13 months; opt-out via banner/tools |
| Functional | Preferences, saved settings | Persistent; account settings |
| Targeting | Personalized ads (limited) | Consent-based; Do Not Track honored |
10. Children's Privacy
The Service is not directed to children under 16. We do not knowingly collect data from children. If we learn such data has been collected, we will delete it promptly.
11. Contact Us
For questions, requests, complaints, or to exercise rights:
Cloud Spike Cloud Service LLC
Office M1-228, Al Gurg Building (Karama), Dubai, United Arab Emirates
Email: support@sendcopy.ai
We are committed to resolving privacy concerns fairly and promptly. EU/EEA users may also contact their local supervisory authority if needed.
Thank you for choosing SendCopy.ai. Your trust matters to us.
