Privacy Policy

1. Introduction

This Privacy Policy describes how Innovare, Inc (doing business as "InnovareAI") and our subsidiaries collect, use, and protect your personal information when you use SAM, our AI-powered sales automation platform ("Service").

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, company name, job title
• Payment Information: Credit card details (processed securely by Stripe)
• Business Information: ICP data, product descriptions, messaging preferences
• Content: Documents, templates, and campaign content you upload
• Communications: Support requests, feedback, and chat messages with SAM

2.2 Information Collected Automatically

• Usage Data: Features used, pages visited, campaign performance
• Device Information: Browser type, operating system, IP address
• Cookies: Session cookies, analytics cookies (see Section 8)

2.3 Information from Third Parties

• LinkedIn: Profile data, connections, messaging history (when you connect your account)
• CRM Systems: Contact and lead data from connected CRMs
• Enrichment Providers: Professional data about prospects

3. How We Use Your Information

We use your information to:

• Provide and improve the Service
• Send campaigns on your behalf through LinkedIn and email
• Generate AI-powered insights and recommendations
• Process payments and manage subscriptions
• Send transactional emails (receipts, updates, security alerts)
• Provide customer support
• Analyze usage to improve our products
• Comply with legal obligations

4. Legal Basis for Processing (GDPR)

For users in the EU/EEA/UK, we process personal data based on:

• Contract Performance: Processing necessary to provide the Service you requested
• Legitimate Interests: Improving our products, preventing fraud, ensuring security
• Consent: Marketing communications, optional cookies, specific data processing
• Legal Obligation: Compliance with tax, accounting, and regulatory requirements

5. How We Share Your Information

We do not sell your personal data. We share data only with:

Service Providers (Sub-Processors)

Other Sharing

• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In case of merger, acquisition, or sale of assets
• With Your Consent: For any purpose you explicitly authorize

6. International Data Transfers

For EU/EEA/UK users, your data may be transferred to the United States. We ensure adequate protection through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements with all sub-processors
• Technical and organizational security measures

7. Data Retention

We retain your data for:

• Account Data: Duration of your account plus 90 days after deletion
• Campaign Data: Duration of your account plus 30 days
• Usage Logs: 12 months
• Payment Records: 7 years (legal requirement)
• Support Tickets: 3 years

8. Cookies & Tracking

We use the following types of cookies:

• Essential Cookies: Required for login, security, and basic functionality
• Analytics Cookies: Help us understand how you use the Service (can be disabled)
• Preference Cookies: Remember your settings and preferences

You can manage cookie preferences in your browser settings. Disabling essential cookies may affect Service functionality.

9. Your Rights

All Users

• Access your personal data
• Correct inaccurate data
• Delete your account and data
• Export your data in a portable format
• Opt out of marketing communications

EU/EEA/UK Users (GDPR Rights)

• Right of Access: Request a copy of your data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion ("right to be forgotten")
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Lodge a Complaint: File a complaint with your local data protection authority

California Users (CCPA/CPRA Rights)

• Know what personal information is collected
• Request deletion of personal information
• Opt out of sale of personal information (we do not sell your data)
• Non-discrimination for exercising your rights

10. Security

We implement industry-standard security measures including:

• TLS/SSL encryption for data in transit
• AES-256 encryption for data at rest
• Regular security audits and penetration testing
• Access controls and authentication
• Employee security training

11. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a child, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or in-app notification at least 30 days before they take effect.

13. Contact Us

For privacy-related questions or to exercise your rights: