Privacy Policy

This Privacy Policy describes how SA Products Ops LLC ("SA Products Ops," "we," "us," or "our") collects, uses, discloses, and otherwise processes information when you visit or use our websites (including saproductops.com and any associated subdomains), our web and mobile applications, and our related professional services (collectively, the "Services").

We provide the Services primarily to businesses (SMB and enterprise). If you use the Services on behalf of a business, "you" includes you and that business.

Privacy Contact: privacy@saproductops.com

1) Scope and Important Notes

Business Use; Not Directed to Children

The Services are intended for business use and are not directed to children, and we do not knowingly collect personal information from children under 13.

Customer Data vs. Our Own Site Data

When we provide Services to a business customer (a "Customer"), we may process data the Customer submits to the Services or makes available to us (including via integrations), such as contact lists, customer communications, customer relationship data, message content, and related metadata ("Customer Data"). Customers control what Customer Data is provided, how it is used in the Services, and who it is sent to.

2) Information We Collect

We collect information in three ways: (a) information you provide, (b) information collected automatically, and (c) information from third parties (including Customers and service providers).

A) Information You Provide Directly

Depending on how you interact with the Services, we may collect:

• Contact information (name, email, phone number, company name, job title)
• Account information (username, password, user roles/permissions)
• Communications (messages submitted via forms, pop-ups, chat widgets, email, or other channels)
• Files and content you upload or submit (documents, templates, prompts, configuration inputs, etc.)
• API keys and integration credentials (as applicable)
• Payment information: Payments are processed by Stripe. We may receive limited billing and payment status details. Stripe receives and processes payment card details and, where applicable, ACH details.

B) Information We Collect Automatically

We may automatically collect:

• Identifiers and device data (IP address when available, cookie IDs, device identifiers, browser type, OS)
• Usage data (pages viewed, clicks, referrals, session activity, feature usage, log data)
• Approximate location derived from IP address

We use cookies and similar technologies (including pixels, tags, SDKs, and scripts). Given how the Services operate, we may use a wide range of analytics and advertising tools to measure performance and improve marketing.

C) Information from Third Parties

We may collect information from:

• Customers, including Customer Data and contact lists uploaded or synced to the Services
• Integrations you enable (e.g., CRMs and other tools), based on your settings
• Data enrichment providers that supplement business/professional information (e.g., company and professional contact details)

3) How We Use Information

We use information to:

1. Provide and operate the Services — Create and manage accounts, roles, and access; deliver platform features (including messaging, automation, and lifecycle workflows); enable integrations, processing, and delivery of Customer-directed communications; provide professional services (implementation, configuration, managed services).
2. Communicate with you — Respond to requests and provide support; send administrative messages (security, account, billing, service updates).
3. Marketing and promotions — Send promotional messages where permitted by law (you can opt out of marketing emails).
4. Advertising and measurement — Measure and improve marketing campaigns; deliver and measure targeted advertising (where enabled).
5. Security, risk management, and compliance — Protect the Services, prevent abuse/fraud, enforce policies, and maintain service integrity.
6. Improve and develop the Services — Debugging, analytics, research, and product development; using aggregated or de-identified data where feasible.

4) AI and Automated Processing

A) AI/LLM Processing

The Services may use machine learning and large language models ("LLMs") to process text-based information, including communications content and conversation context (for example, to classify messages, draft suggested responses, route conversations, summarize threads, detect intent, automate workflows, and improve lifecycle operations).

B) Sharing with AI Vendors and Subprocessors

To provide these capabilities, we may share certain data (which may include phone numbers, message content, and related metadata) with third-party service providers and subprocessors, including vendors that provide AI/LLM functionality, communications infrastructure, analytics, and security tooling. These providers process data on our behalf under contractual restrictions designed to protect it.

C) Training and Model Improvement

• Customer Data: We do not use Customer Data to train public third-party models for the provider's general use unless the Customer has explicitly opted in.
• Internal models and improvements: We may use certain data to improve our Services and internal models only where permitted and, when applicable, on an opt-in basis, and we take steps intended to reduce risk (such as limiting access and using aggregation/de-identification where feasible).
• Sensitive information: Please avoid sending sensitive personal information unless we specifically request it in writing for a legitimate purpose.

5) Recordings, Transcripts, Logs, and API Keys

Depending on your configuration and use:

• We may process logs and audit trails (access logs, activity logs, system logs)
• We may process recordings (if enabled) and transcripts derived from recordings or communications
• We may store API keys and integration credentials necessary to connect external systems (handled with access controls)

You and our Customers are responsible for ensuring you have the rights, permissions, and lawful basis to collect, share, and process any recordings or transcript content, including providing any legally required notices and obtaining any required consents.

6) Messaging and Outreach on Behalf of Customers

Some Services enable Customers to send communications (including SMS/text messages) to their end users, leads, or customers.

In these cases:

• We process phone numbers, message content, delivery status, opt-out status, and related metadata to provide the Services.
• Customers are responsible for (a) the source and lawfulness of their contact lists, (b) obtaining and maintaining any required consents and permissions, (c) providing required notices and disclosures, and (d) ensuring communications comply with applicable law and carrier policies.
• By uploading contact lists or directing outreach through the Services, the Customer represents that they are authorized to provide the data to us and to instruct us to message those recipients in the manner directed by the Customer.

7) How We Share and Disclose Information

We may disclose information as follows:

A) Service Providers and Subprocessors

We share information with vendors that help us operate the Services (hosting, analytics, AI/LLM providers, communications and messaging providers, customer support tools, monitoring/logging, authentication, payments via Stripe, and similar services). These parties process information on our behalf under contractual restrictions.

B) Contractors and Authorized Personnel

We may share information with employees, contractors, and advisors who need it to perform work for us, subject to confidentiality and access controls.

C) Advertising and Analytics Partners

We may allow third parties to collect identifiers and usage data via cookies/pixels for analytics and advertising measurement and optimization. Under some privacy laws, this may be considered "sharing" even if no money is exchanged.

D) Business Transactions

We may disclose information in connection with a merger, acquisition, financing, reorganization, or sale of assets.

E) Legal and Safety

We may disclose information to comply with law or legal process, respond to lawful requests, protect rights and safety, prevent fraud/abuse, and enforce agreements.

8) SMS Opt-In and Consent Data

SMS opt-in consent and related records (such as the fact and time of opt-in, and consent metadata) are used to operate messaging features and to help demonstrate compliance with applicable messaging requirements.

• We do not share SMS opt-in consent data with third parties for their own marketing or promotional purposes.
• We may share phone numbers, message content, delivery and opt-out status, and related metadata with communications vendors and subprocessors solely to deliver messages and operate the Services, including AI/LLM processing as described above.

9) Cookies, Interest-Based Advertising, and Your Choices

Cookie Controls

You can control cookies through your browser settings and, where available, our cookie preference tools. Disabling cookies may limit some functionality.

Interest-Based Advertising; Opt-Out

We may use third-party advertising and analytics technologies. If you are a California resident, you may have the right to opt out of "selling" or "sharing" (see Section 11).

Marketing Communications

You can opt out of promotional emails via the unsubscribe link or by contacting privacy@saproductops.com. You may still receive non-promotional messages (billing, security, service updates).

10) Data Retention

We retain information for as long as reasonably necessary to provide the Services, maintain business records, comply with legal and contractual obligations, resolve disputes, enforce agreements, and protect the Services.

Retention periods vary by data type and use case. If you request deletion, we will generally honor requests to the extent feasible and lawful, subject to exceptions (e.g., security logs, legal obligations, dispute resolution, backup/archival systems, and contractual requirements).

11) California Privacy Notice (CCPA/CPRA)

This section applies to California residents and supplements the rest of this Policy.

A) Categories of Personal Information Collected

In the last 12 months, we may have collected:

• Identifiers (name, email, phone, IP address, cookie IDs)
• Internet/network activity (usage, interactions, browsing data on our Services)
• Commercial information (services purchased, billing status)
• Professional information (company name, job title)
• Audio/electronic information (recordings/transcripts, where enabled)
• Inferences (analytics-derived segments used for measurement and improvement)

B) Purposes

We use personal information for the purposes described in Section 3 (providing the Services, security, analytics, marketing, and advertising).

C) Disclosures

We disclose information to service providers/subprocessors, contractors, analytics providers, communications providers, and advertising partners as described in Section 7.

D) "Sale" or "Sharing"

We do not sell personal information for money. However, our use of third-party cookies/pixels for advertising and analytics may constitute "selling" or "sharing" under California law.

You may opt out via:

• our "Do Not Sell or Share" mechanism: emailing privacy@saproductops.com
• cookie settings where available
• certain browser/device-based controls (availability varies)

E) Your Rights

Subject to exceptions, California residents may have rights to request access, deletion, and correction, and to opt out of sale/sharing.

To submit a request, contact privacy@saproductops.com.

We will not discriminate against you for exercising your rights.

F) Sensitive Personal Information

We do not intentionally collect sensitive personal information as defined by California law. Please avoid submitting sensitive personal information unless we explicitly request it in writing for a legitimate purpose.

12) Sensitive Personal Information

We do not intentionally collect sensitive personal information (such as government IDs, health information, biometric identifiers, or precise geolocation). If you or a Customer submits sensitive personal information through the Services, you do so at your discretion. Please do not submit sensitive personal information unless we explicitly request it in writing for a legitimate purpose.

13) Other U.S. State Privacy Rights

Depending on your state of residence, you may have additional rights regarding access, deletion, correction, and opting out of certain targeted advertising. Requests can be submitted to privacy@saproductops.com.

14) International Users and Cross-Border Transfers

We primarily offer the Services to U.S. Customers and may not make the Services available in all jurisdictions. If we expand internationally in the future, information may be processed and stored in the United States and other countries where we or our service providers operate. These locations may have different data protection laws than your jurisdiction.

Where applicable law requires, we will take steps designed to support cross-border transfers and vendor processing consistent with those requirements (for example, via contractual protections with service providers and subprocessors).

15) Third-Party Links and Integrations

The Services may link to or integrate with third-party websites and services. Third parties' privacy practices are governed by their own policies, and we are not responsible for their practices.

16) Security

We use commercially reasonable administrative, technical, and organizational measures designed to help protect information, including access controls and multi-factor authentication for administrative access.

No system is 100% secure, and we cannot guarantee absolute security.

17) Changes to This Privacy Policy

We may update this Policy from time to time. We will update the "Last Updated" date and may provide additional notice where required by law.

18) Contact Us

If you have questions or requests about this Policy or our