Terms of Service and Privacy Policy

Introduction Peepal Data (“we,” “us,” or “our”) is committed to protecting the privacy and accuracy of business information in all audit-related processes. This document outlines our Terms of Service and Privacy Policy (the “Policy”) regarding how we collect, process, use, and protect business-related data during our service engagements. This Policy applies to all services offered by Peepal Data, including but not limited to lead audits, CRM hygiene, AI input analysis, funnel audits, attribution reviews, and agency-support dashboards. This Policy does not apply to websites or platforms that we do not operate or control. Use of our services constitutes your agreement to the terms outlined herein.

​

Definitions Business Information refers to publicly available or client-provided data such as name, title, business email, company name, and business phone numbers. Customer Information includes any data shared by clients, including CRM records, campaign metadata, usage logs, and consent documentation. Audit Engagement means a structured service engagement in which Peepal Data evaluates and reports on data quality, source compliance, attribution, or related performance areas. Personal Information is any data that directly or indirectly identifies an individual, especially where required under GDPR or CCPA. Subprocessor refers to a third-party technology or vendor used solely to deliver specific components of an audit service such as encrypted file hosting or data cleansing software.

​

What We Collect We collect and process data provided by clients via file upload, secure transfer, or system access. We use read-only integrations with platforms such as Salesforce, HubSpot, Marketo, Pardot, or Outreach. We also gather information through web research and primary data verification, including voice logs, interview notes, and consent confirmations. Additionally, analytics logs from Peepal Data’s own website and platforms are used.

​

We gather information through primary research methods such as market research surveys and structured interviews conducted by our internal audit and research teams. This process allows us to validate data quality, capture consent confirmation, and enrich records for higher confidence in audit outcomes. In such cases, we maintain internal records of the research date, the method used such as phone verification or URL capture, and the employee responsible for the data.

​

The information we collect may include full name, job title, company name, and professional contact details, CRM segment information, timestamps, campaign engagement history, consent status and source metadata where available, and system usage logs, API connection metadata, and audit trail events.

​

Peepal Data does not collect or process personal consumer data, sensitive personal data, or behavioral tracking outside of client-specific audit needs.

​

How We Use Information Peepal Data uses data to perform audits of data accuracy, compliance, and campaign attribution. We validate vendor-supplied leads, CRM records, or marketing automation system records. We generate audit reports, dashboards, and analysis summaries, fulfill contractual obligations with the client, and improve our audit methodologies through anonymized trend analysis. We do not use client data for advertising, profiling, sales outreach, or any use unrelated to the agreed-upon service scope.

Data Retention and Deletion Client data is retained only for the duration of the audit unless otherwise agreed in writing. Upon delivery of the final audit report and completion of payment, data is deleted within 30 days. Clients may request early deletion at any time. Temporary logs or backups created during audits are also purged after service closure. We do not maintain long-term databases or marketing systems containing client or subject data.

​

Confidentiality and Access All data is treated as confidential and accessed only by trained staff working on the specific engagement. Internal access is logged and restricted on a need-to-know basis. White-labeled reports and dashboards for agency partners are subject to the same confidentiality rules. Peepal Data does not subcontract analysis to offshore entities without explicit client approval.

​

Cookies, Web Beacons, and Tracking Technologies Peepal Data’s website uses minimal cookies and tracking for basic analytics and functionality. This includes site traffic analysis via Google Analytics, page interaction tracking for UX improvement, and session cookies for secure login and form submission. These cookies do not collect personal information. You may disable cookies through your browser settings, but some features may become unavailable.

​

Our emails or embedded campaign assets may include tracking pixels also known as web beacons solely for measuring engagement such as open rates and click-through behavior. These are not used to profile users or track them across websites. Peepal Data respects browser-enabled Do Not Track signals and does not track users for advertising or behavioral analytics.

Third-Party Tools and Subprocessors We may use trusted subprocessors for secure file hosting and encryption, dashboard generation and report delivery, and communication and customer support tools. All subprocessors are vetted for compliance and required to sign confidentiality agreements, adhere to GDPR and CCPA standards, and maintain data security equal to or greater than Peepal Data's internal policies. A current list of subprocessors is available upon request.

​

International Compliance Residents of the European Economic Area may access their personal data, request a copy of it, and ask for corrections or updates if the data is inaccurate. They may also request that their data be deleted or that its processing be limited under certain conditions. If they object to processing based on legitimate interests, they have the right to raise that concern. Additionally, individuals have the right to file a complaint with their local data protection authority.

​

If Peepal Data processes data from the EEA, we do so under the lawful basis of legitimate interest or contractual necessity. Data transfers outside the EEA are safeguarded using mechanisms such as Standard Contractual Clauses or other legally recognized protections under Article 46 of the GDPR.

​

California residents under the CCPA may inquire about the categories of personal information we collect and how it is shared. They can request that we delete their personal data and may choose to opt out of any potential sale of that information, even though Peepal Data does not engage in data sales. They are entitled to receive equal service and pricing regardless of their privacy choices. Requests may be submitted by contacting privacy@peepaldata.com and referencing "CCPA Request."

​

Disclosures and Legal Requests Peepal Data may disclose client or data subject information only if required to comply with a legal process such as a subpoena or court order, if necessary to enforce contractual agreements, or in the event of a merger, acquisition, or restructuring where clients will be notified in advance. We do not sell, rent, or otherwise share business information with unrelated third parties.

​

Testimonials and Public Content If you submit a testimonial, case study, or participate in blog content, you grant Peepal Data permission to publish your name and associated content, subject to prior approval. You may contact us to request updates or removal. Our blog and comment sections may be publicly visible. Any personal information submitted there may be read and used by others. While we will do our best to remove personal data upon request, full deletion may not always be possible in every case.

Integrations and Extensions When clients enable integrations such as CRM or MAP connectors, Peepal Data operates with read-only access. The data is only used for validation or matching as part of the audit engagement. No client system data is retained or replicated after the engagement ends. Clients may revoke access at any time, and we do not use integrated systems to collect new or unrelated data.

​

Security Measures Peepal Data applies best-practice security protocols to protect all data. This includes using encryption for data in transit and at rest, HTTPS security across all platforms, multi-factor authentication for internal users, and strict access controls. We also conduct vulnerability assessments and may engage third-party security experts. If a breach occurs, we will notify affected clients within 72 hours and explain the corrective actions taken.

​

Opt-Out and Subject Access If your information has been included in a Peepal Data audit and you wish to opt out or request deletion, you may contact privacy@peepaldata.com with your full name, company name, and email address. We will verify your identity and confirm the deletion within 10 business days. We will also inform the original data source, such as a client or third-party vendor, to complete the removal process.

​

Changes to This Policy We may update this Policy to reflect changes in our practices or legal requirements. When material changes occur, we will post a notice on our website and notify affected clients where applicable. Your continued use of our services confirms your acceptance of the updated terms.

​

Contact Us For questions, privacy concerns, or to exercise your data rights, please contact the Peepal Data Privacy Office.

Email: privacy@peepaldata.com.