This notice describes how we collect and process users’ data through the heyreach.io website and application (“APP”). The terms "we," "us," and “our” refer to HeyReach Inc., a company registered under the laws of the USA.
We are 100% committed to safeguarding the privacy of our users and their data.
Email address: firstname.lastname@example.org
We are a data processor on your behalf whenever you collect and otherwise process information from LinkedIn profiles and messages via the app. You, as a data controller, are responsible for processing LinkedIn data following applicable data protection requirements. Our obligations as data processors can be found in HeyReach’s Terms and conditions.
Information We Collect From You
Booking a demo
On the website heyreach.io, you can book a free demonstration of how the application works. To complete the registration on HeyReach, we will ask you to provide your first name, last name, email address, and company.
This information will be used to select and provide you with the most appropriate demo and follow up with the best offer for your business's needs and requirements. The applied legal basis for these activities is our legitimate interest (GDPR Art. 6.1.f). While signing up for a demo, you may also consent to receive a newsletter from us (GDPR Art. 6.1.a).
Account and Profile Setup
To use the tool’s functionality, you must create an account on HeyReach. We will ask you for your first and last name and email address, have you generate a password, agree to the terms and conditions, and click the sign-up button.
To use HeyReach to automate your LinkedIn activities, you will have to connect your LinkedIn account via your login, password, and a temporary PIN.
NOTE: HeyReach does not keep data on your LinkedIn account password and/or any changes to it.
In Account settings, you can adjust interaction settings for your LinkedIn account, such as the number of messages to be sent, message limit ranges, active time for messaging, and inactive days for messaging.
NOTE: If you want to connect LinkedIn accounts that are not owned by you and are the property of others, you must have their consent or another applicable legal basis under GDPR Art. 6.
After the registration, you can choose how many seats you would like to purchase and complete the payment. Once the payment is completed, you can connect your LinkedIn accounts and/or invite your team members to your organization.
We use your account information to:
- Create and maintain your user account, including in connection with other data points listed below. The applied legal basis for this is the performance of the contract (Terms and conditions) between you and us (GDPR Art. 6.1.b) or, if you connect a LinkedIn account of other people, your legitimate interest (GDPR Art. 6.1.f);
- Contact you regarding the work of the tool or your account, including by email and sending you web notifications (GDPR Art. 6.1.b);
- Analyze the efficiency of our platform in our legitimate interests (GDPR Art. 6.1.f);
- Upon receiving consent from you to send you marketing or promotional materials (GDPR Art. 6.1.a).
We will store your account data, including the categories from the below sections (platform functionality, payments, and technical support), for as long as you have an account with us. We will delete or anonymize your information 12 months after your last user session if you become inactive.
Via the application, you can perform different actions to automate your marketing activities on LinkedIn. We will store and process the following categories of information:
- campaigns that you create and manage on the application;
- messages that you send via LinkedIn, including the date and time of * messages, information about recipients, and message content;
- messages that you send to other application users, including the date and time of messages, recipients, and message content.
The applied legal basis for this is the performance of the contract (Terms and conditions) between you and us (GDPR Art. 6.1.b) or, if you connect a LinkedIn account of other people, your legitimate interest (GDPR Art. 6.1.f).
You can generate monthly or quarterly subscription invoices using the application directly in your profile. In this case, we will process your account data to calculate the amount of financial resources (money). Then, the estimated amount is presented in USD in the invoice.
For payments, you will be prompted to use a third-party payment processing provider, who will store and process your payment information. We will only receive information about payment confirmation from that provider.
The applied legal basis for processing payment information is the contract's performance with you (GDPR Art. 6.1.b). We also retain financial information to analyze our financial performance in our legitimate interests (GDPR Art. 6.1.f) and to comply with applicable accounting and financial laws (GDPR Art. 6.1.c).
You may leave a request for support via the support form on the website or by email. We use this information to provide you with the help you need, fix and improve the application, and analyze our efficiency in marketing and product efforts, including by creating statistics of inquiries.
The applied legal basis for this is the performance of the contract (Terms and conditions) between you and us (GDPR Art. 6.1.b) and our legitimate interest in improving the application (GDPR Art. 6.1.f). In addition, if you connect the LinkedIn accounts of other people, the legal basis is your legitimate interest (GDPR Art. 6.1.f).
Website, Sales & Marketing Activities
The following data collection activities are present on our website:
- Collection of visitor logs (device, browser information, IP address) to ensure fraud prevention and manage user sessions, stored for six months of your last visit. The applied legal basis is our legitimate interests (GDPR Art. 6.1.f);
- Visitor traffic analysis is done using third-party analytics providers. This activity, depending on the method used, is performed based either on your consent (cookie tracking) or our legitimate interests (GDPR Art. 6.1.f);
- Provision of a free eBook and other valuable materials, which a website visitor may obtain by providing their email address, and first and last name. We will also use this information to send you direct marketing messages. The processing is based on your consent (GDPR Art. 6.1.a);
- Organization of our webinars and participation in third-party webinars. We will also use this information to send you direct marketing messages. The processing is based on your consent (GDPR Art. 6.1.a).
We store marketing data for 12 months from the last communication with you. For activities based on consent, you can withdraw your consent at any time by contacting us directly. The withdrawal does not affect previous processing based on consent. You can unsubscribe from the e-mail subscription by clicking the appropriate button.
Third-party Access to Information
We use the following third-party software providers:
- analytics providers to analyze our efficiency and conduct marketing research;
- client relationship management software to manage and perform our marketing (email) activities;
- email notification providers;
- technical support and ticket management software;
- cloud hosting providers to store and process collected data;
- response forms, app-to-app integrations, and webinar platforms.
The providers listed above process personal data, based on our instructions only.
When using the analytics services, we collect details of the use of the platform, including, but not limited to, traffic data, location data, length of visits, and other communication data.
Non-personally identifiable information is collected and processed, among other services, by Google Analytics in an anonymized and aggregated way to improve our app’s usability and for marketing purposes. Google Analytics is a web analytics service that tracks and reports user traffic on apps and websites. In addition, Google Analytics uses the collected data to track and monitor the use of the application. This data may also be shared with other Google services. For more information on the privacy practices of Google, you can check its Policies at www.google.com/analytics/policies/.
We use third-party payment processors to process payments that you make via the application. Please note that we do not receive your payment details from them, only payment confirmations and details of the transactions you perform. Payment processors are independent controllers over your payment information, which includes your payment card data.
Please visit their websites or contact them directly to learn more about how those third-party payment processors process your payment details.
The platform allows the connection of third-party software providers via an API. Please note that whenever you interact with those third-party providers, you provide your information directly to them.
In addition to the disclosures for the purposes identified before, we may disclose information about you for the following purposes:
- if we are required to do so by law, in connection with any legal proceedings or to establish, exercise or defend our legal rights; and
- In case we sell, license, or otherwise assign our company, corporate rights, the platform, or its separate parts or features to third parties.
Except as provided in this privacy notice, we will not sell, share, or rent your information to third parties.
You may exercise your GDPR rights regarding your data. In particular, you have the right to:
- The right to object to the processing of your information.
If we process your information for our legitimate interests (e.g., for direct marketing emails or our marketing research purposes), you can object to it. Let us know what you object to, and we will consider your request. We will stop the processing if there are no compelling interests for us to refuse to perform your request. If we believe our interests outweigh your right to privacy, we will clarify this to you.
- The right to access your information.
You have the right to know what personal data we process. As such, you can obtain the disclosure of the data involved in the processing and a copy of the information undergoing processing.
- The right to verify your information and seek its rectification.
If you find that we process inaccurate or out-of-date information, you can verify the accuracy of your data and/or ask for it to be updated or corrected;
- Restrict the processing of your information.
When you contest the accuracy of your information, believe we are processing it unlawfully, or want to object to the processing, you have the right to temporarily stop processing your information to check if it is consistent. In this case, we will stop processing your data (other than storing it) until we can provide you with evidence of its lawful processing;
- The right to have your personal data deleted.
If we are not under an obligation to keep the data for legal compliance and your data is not needed in the scope of an active contract or claim, we will remove your information upon your request.
- The right to have your personal data transferred to another organization.
Where we process your personal data on the legal basis of the consent you provided us or on the necessity to perform a contract, we can make, at your request, your data available to you or to an organization of your choosing.
You can formulate such requests or channel further questions on data protection by contacting us at email@example.com.
If you believe that our use of personal information violates your rights, or if you are dissatisfied with a response you received to a request you formulated to us, you have the right to complain with the competent data protection authority of your choice.
Security of Information
We will take all necessary measures to protect your information from unauthorized or accidental access, destruction, modification, blocking, copying, and distribution, as well as from other illegal actions of third parties.
As we use the services of third-party software providers across several countries, we may transfer the collected data to other countries for further processing. In such cases, we will ensure that relevant safeguards are in place. More information on the international safeguards taken can be provided upon request.
Immediate access to the data is only allowed to our authorized employees involved in maintaining the application. Such employees maintain strict confidentiality and prevent unauthorized third-party access to personal information.