Privacy Policy

Loopclub Ltd. ("Company," "we," "us," or "our") operates the Transactional platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly to us, including:

• Account Information: Name, email address, company name, job title, and password when you create an account
• Payment Information: Billing address and payment card details (processed securely by our payment provider, Stripe)
• Communication Data: Information in your support requests, feedback, and correspondence with us
• Profile Information: Optional information such as profile picture, company details, and preferences

1.2 Information Collected Automatically

When you use our Services, we automatically collect:

• Usage Data: API calls, features used, actions taken, timestamps, and performance data
• Email Metadata: Delivery status, timestamps, bounce information, open and click events (not email content)
• Device Information: Browser type, operating system, device identifiers, and screen resolution
• Network Information: IP addresses, approximate geolocation, and referring URLs
• Log Data: Server logs including access times, pages viewed, and system activity

1.3 Information from Third Parties

We may receive information from:

• OAuth providers when you sign in with Google, GitHub, or other services
• Payment processors regarding transaction status
• Analytics and advertising partners
• Publicly available sources for fraud prevention

2. How We Use Your Information

We use the information we collect to:

2.1 Provide and Improve Services

• Operate, maintain, and improve our platform
• Process transactions and send related notifications
• Provide customer support and respond to inquiries
• Develop new features and services
• Generate aggregated analytics and insights

2.2 Communications

• Send service-related notices (required for service operation)
• Send technical alerts and security notifications
• Provide product updates and feature announcements
• Send marketing communications (with your consent)

2.3 Security and Compliance

• Detect, investigate, and prevent fraud and abuse
• Monitor for security incidents and vulnerabilities
• Enforce our Terms of Service and policies
• Comply with legal obligations

3. Legal Basis for Processing (EEA/UK Users)

We process your personal data under the following legal bases:

• Contract Performance: Processing necessary to provide our Services to you
• Legitimate Interests: Service improvement, security, fraud prevention, and direct marketing to existing customers
• Legal Obligation: Compliance with applicable laws, regulations, and legal processes
• Consent: Marketing communications and optional data processing where you have given consent

4. Information Sharing

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party vendors who perform services on our behalf, including:

• Cloud hosting and infrastructure (AWS, Google Cloud)
• Payment processing (Stripe)
• Email delivery infrastructure
• Analytics services
• Customer support tools

These providers are contractually bound to protect your data and may only use it for the services they provide to us.

4.2 Business Transfers

In connection with any merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity.

4.3 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal process or government requests
• Protect our rights, privacy, safety, or property
• Enforce our Terms of Service
• Protect against legal liability

4.4 With Your Consent

We may share information with your consent or at your direction.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based access with multi-factor authentication for employees
• Infrastructure: SOC 2 Type II compliant hosting with 24/7 monitoring
• Regular Audits: Penetration testing and security assessments by third parties
• Employee Training: Regular security awareness training for all staff

6. Data Retention

We retain your personal information for as long as necessary to:

• Provide our Services and maintain your account
• Comply with legal obligations (e.g., tax records for 7 years)
• Resolve disputes and enforce agreements
• Support business operations (aggregated analytics)

When you close your account, we delete or anonymize your personal data within 90 days, except where retention is required by law or for legitimate business purposes (such as fraud prevention).

Specific Retention Periods

• Account data: Duration of account plus 90 days
• Email logs and metadata: 30 days (configurable)
• Payment records: 7 years (legal requirement)
• Support correspondence: 3 years
• Security logs: 1 year

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

7.1 Access and Portability

You can request a copy of your personal data in a structured, machine-readable format. You can also export your data directly from your dashboard.

7.2 Correction

You can update your account information directly in the dashboard or request correction of inaccurate data.

7.3 Deletion

You can request deletion of your personal data. We will comply unless we have a legal obligation to retain it or need it to complete a transaction.

7.4 Restriction and Objection

You can request restriction of processing or object to processing based on legitimate interests, including direct marketing.

7.5 Withdraw Consent

Where processing is based on consent, you can withdraw consent at any time without affecting prior processing.

7.6 Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner's Office (ICO).

To exercise these rights, contact us at privacy@usetransactional.com. We will respond within 30 days.

8. Cookies and Tracking

8.1 Types of Cookies

• Essential Cookies: Required for the platform to function (authentication, security, preferences)
• Analytics Cookies: Help us understand how you use our Services (can be disabled)
• Marketing Cookies: Used for targeted advertising (only with consent)

8.2 Managing Cookies

You can manage cookie preferences through your browser settings or our cookie consent banner. Note that disabling essential cookies may affect functionality.

8.3 Do Not Track

We honor Do Not Track browser signals and do not track users who have enabled this setting.

9. International Data Transfers

Your information may be transferred to and processed in countries outside your country of residence, including the United States. When we transfer data internationally, we ensure appropriate safeguards:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Transfers to countries with adequacy decisions
• Additional technical measures such as encryption

10. Children's Privacy

Our Services are not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately and we will delete it.

11. Third-Party Links

Our Services may contain links to third-party websites. We are not responsible for the privacy practices of these sites. We encourage you to read their privacy policies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on our website
• Updating the "Last updated" date
• Sending an email notification for significant changes

Your continued use of our Services after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

For privacy-related questions or to exercise your rights, contact our Data Protection team:

• Email: privacy@usetransactional.com
• Address: Loopclub Ltd., 4023 Kennett Pike #50389, Wilmington, DE 19807

For general inquiries, contact us at hello@usetransactional.com.