Privacy Policy

We collect the following categories of information:

• Account Information: When you create an account, we collect your name, email address, company name, and payment information.
• Connected Integrations: When you connect third-party services (including but not limited to Gmail, Google Calendar, HubSpot, Slack, Google Drive, Google Sheets, and LinkedIn), we receive OAuth access tokens that allow SellSig agents to act on your behalf. We store these tokens in encrypted form and use them only to execute actions you explicitly request. You may disconnect any integration at any time from your account settings, which immediately revokes our access.
• Usage Data: We collect information about how you interact with the Platform, including session data, features used, and coaching interactions.
• Business Information: In the course of providing coaching services, you may share information about your business, customers, sales pipeline, and sales activities. This information is used solely to provide the Services.
• Communications: If you contact us via email or through the Platform, we retain those communications.
• Technical Data: We collect standard technical information including IP address, browser type, device type, and operating system for security and performance purposes.

We use the information we collect to: (a) Provide, operate, and improve the Platform and Services; (b) Process payments and manage your account; (c) Communicate with you about your account, the Services, and updates; (d) Develop and improve our coaching methodologies using aggregated, non-identifying insights; (e) Comply with legal obligations; and (f) Protect the security and integrity of the Platform.

We do not sell your personal information to third parties. We do not use your business information for any purpose other than providing the Services to you.

No AI Training on Your Data

Your data — including conversations, CRM records, emails, and uploaded files — is never used to train AI models, by SellSig or any third party. Agent tasks are processed by AI providers under agreements that expressly prohibit use of your data for model training. Your data is your data, used exclusively to deliver the Services to you.

We may share your information with:

• Service Providers: Third-party vendors who assist us in operating the Platform, including payment processors (Stripe), hosting providers, and email services. These providers are contractually obligated to protect your information and use it only as directed by SellSig.
• Legal Requirements: We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe disclosure is necessary to protect the rights, property, or safety of SellSig, its users, or the public.
• Business Transfers: In the event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred as part of that transaction.

We retain your personal information for as long as your account is active or as needed to provide the Services. If you cancel your account, we will retain your information for a period of up to twelve (12) months for legal and business purposes, after which it will be deleted or anonymized.

We implement industry-standard technical and organizational measures to protect your information against unauthorized access, loss, or disclosure. SellSig is hosted on secure cloud infrastructure. All data is encrypted in transit using TLS and at rest using AES-256 encryption. OAuth integration tokens are encrypted before storage and decrypted only at the moment an agent needs to execute a task on your behalf. Access to production systems is restricted to authorized personnel with multi-factor authentication required. However, no method of transmission over the internet is completely secure. You use the Platform at your own risk.

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You may request information about the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
• Right to Opt Out of Sale: We do not sell personal information. No opt-out is required.

To exercise your California privacy rights, contact us at chris@sellsig.ai.

The Platform uses cookies and similar technologies for authentication, session management, and basic analytics. We do not use advertising cookies or third-party tracking technologies for marketing purposes. You may disable cookies in your browser settings, but doing so may affect Platform functionality.

The Platform may contain links to third-party websites. SellSig is not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any third-party sites you visit.

The Platform is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us immediately.

We may update this Privacy Policy from time to time. Material changes will be communicated to active users via email at least fourteen (14) days before taking effect. Continued use of the Platform following notice of changes constitutes acceptance of the revised Privacy Policy.

For questions or concerns about this Privacy Policy or our data practices, contact us at: chris@sellsig.ai.

This section applies to individuals located in the European Economic Area (“EEA”), the United Kingdom (“UK”), and Switzerland and supplements the rest of this Privacy Policy. It describes how SellSig processes personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable national data protection laws. SellSig Inc. is the data controller for personal data collected through the Platform. As a U.S.-based company, SellSig transfers personal data to the United States; we implement appropriate safeguards for such transfers as described below.

Legal Bases for Processing

We process your personal data only where we have a valid legal basis under Article 6 GDPR:

• Performance of a Contract (Article 6(1)(b)): We process account, usage, and business data to provide the Services you have subscribed to, manage your account, and process payments.
• Legitimate Interests (Article 6(1)(f)): We process technical and usage data to operate and improve the Platform, ensure security, and prevent fraud. We have assessed that these interests are not overridden by your data protection rights.
• Legal Obligation (Article 6(1)(c)): We may process personal data where necessary to comply with applicable legal obligations, including tax and financial reporting requirements.
• Consent (Article 6(1)(a)): Where we rely on consent — for example, for optional marketing communications — we will obtain your explicit consent before processing. You may withdraw consent at any time by contacting us at chris@sellsig.ai. Withdrawal does not affect the lawfulness of prior processing.

Your Rights Under GDPR

As a data subject under GDPR, you have the following rights: the right of access (Article 15); the right to rectification (Article 16); the right to erasure (Article 17), subject to legal exceptions; the right to restriction of processing (Article 18); the right to data portability (Article 20) where processing is based on consent or contract; the right to object (Article 21) to processing based on legitimate interests; and rights related to automated decision-making (Article 22). SellSig does not make decisions based solely on automated processing that produce legal or similarly significant effects.

To exercise any of these rights, contact us at chris@sellsig.ai. We will respond within thirty (30) days and may need to verify your identity before processing your request.

Data Retention (GDPR)

In addition to the retention periods described in Section 4, financial and transactional records may be retained for up to seven (7) years to comply with applicable tax and accounting requirements. When personal data is no longer required, it is securely deleted or anonymized.

International Data Transfers

When we transfer personal data from the EEA, UK, or Switzerland to the United States, we rely on the European Commission's Standard Contractual Clauses (SCCs) and, for UK transfers, the UK International Data Transfer Agreement (IDTA) or addendum to SCCs as appropriate. You may request a copy of the applicable transfer safeguards by contacting us at chris@sellsig.ai.

Data Breach Notification

In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware and will notify affected individuals without undue delay where required by applicable law.

Right to Lodge a Complaint

If you believe we have processed your personal data in violation of applicable data protection law, you have the right to lodge a complaint with your local supervisory authority. In the EEA, this is the data protection authority in your country of residence. In the UK, this is the Information Commissioner's Office (ICO) at ico.org.uk. We would appreciate the opportunity to address your concerns directly first — please contact us at chris@sellsig.ai.