Privacy Policy

1. Overview

RepDesk respects your privacy and commits to protecting it through adherence to this privacy framework. This policy describes how we gather and utilize your personally identifiable information when you access our website or otherwise use our platform as outlined in our Terms of Service, and information you may communicate to us electronically.

RepDesk is the trade name of the sole proprietorship operated by André Deiß in Tuttlingen, Germany. References to "RepDesk," "we," "us," or "our" throughout this Privacy Policy mean André Deiß doing business as RepDesk.ai. Where the LeadConnector chat widget or carrier-required SMS disclosures name "André Deiß" as the sender or controller of the messaging program, this refers to the same legal entity that publishes this Privacy Policy. Full provider information is published on the Imprint.

We encourage you to read this policy carefully to understand our approaches regarding your personally identifiable information and our handling practices. If you do not agree with our policies and practices, you should refrain from using our platform. By accessing or using our platform, you acknowledge your agreement to and consent for this policy.

RepDesk may change this Privacy Policy at any time, at its discretion. Your continued engagement with our platform following any modifications constitutes acceptance of and consent to those changes. We recommend reviewing this policy periodically for any updates.

This Privacy Policy operates subject to and is governed by our Terms of Service. The Services constitute part of the Platform and receive further description in the Terms of Service.

2. The Types of Information That RepDesk Collects About You and How RepDesk Collects Information About You

We may gather two information categories when you visit our platform: personally identifiable information and non-personally identifiable information, collectively referred to as "Information."

Personally identifiable information encompasses data through which you may be personally identified, including name, email address, employer, job title and department, phone number, physical address, and payment information.

Non-personally identifiable information means data about you that does not specifically identify you. Should you visit our platform without performing any action beyond browsing, reading pages, or viewing content, we will gather and store information about your visit that does not personally identify you.

Information Collection Methods

We gather Information through the following mechanisms:

Direct Provision by You. When you subscribe to communications, establish an account, make a purchase, or request information from us, we will request details such as your name, contact information, billing information, communication preferences, and account identification or credentials to fulfill your request. If you schedule an appointment through our platform, attend a trade show or event, or contact us through other means, you may also voluntarily provide similar information. Should you communicate personally identifiable information about other individuals to us or our service providers, you bear responsibility for ensuring you possess the authority to do so and to permit us to use their personally identifiable information in accordance with this policy (for example, by obtaining their consent).

Third Party Sources. We obtain information through partners, vendors, suppliers, and other third parties. The parties from whom we obtain information are typically corporate enterprises (though some may be educational or public enterprises) and may be situated in any location where we conduct business. These enterprises generally fall into categories including: advertising and marketing companies, data set and information vendors, public database providers, social media platforms, partners, providers of products or services, hosts or vendors at events or trade shows, research partners, or enterprises that utilize our Services. We implement steps to verify that information we receive from these third parties has been gathered with your consent or that these parties are otherwise legally permitted to disclose your personally identifiable information to us. We might also obtain information through a partner, or co-create datasets with a partner, as part of our business operations. This kind of data supports work like improving our platform and other Services, enhancing existing products, and developing new capabilities and features. In some cases we combine personally identifiable information about individuals that we receive from multiple sources, including directly collected from you or through your use of our platform.

Automatic Collection During Platform Navigation. We gather information about how you interact with our platform through the use of cookies, pixel tags, and similar technologies. Please consult Section 9 of this Privacy Policy for more information on our use of cookies and similar technologies, how you can manage cookies, and how we respond to Do Not Track signals.

Country Detection and Checkout Routing. To route you to the correct checkout and present the applicable currency, language, and tax treatment, we may process coarse IP-derived country information, browser language, device data, selected language, selected billing interval, and the destination checkout link. Cloudflare CF-IPCountry or similar infrastructure signals may be used for the initial country estimate. Your billing details, including currency and applicable taxes, are determined by the business and billing country you provide during checkout.

3. How RepDesk Uses Personal Information It Collects About You and the Purposes for the Collection and Use

We utilize personally identifiable information that we gather about you or that you provide to us for the following objectives:

For Functionality and Development of the Platform and Our Services. We use information to provide, offer, and personalize our platform and other Services provided to you. Some information, like your IP address, is used to communicate with your device to provide network connectivity, measure usage levels of our platform, diagnose server problems, and provide security features. Other business purposes that depend on use of your information include data analysis related to testing, modifying, improving, or developing new products, services, and technologies, and to identify trends. Some Platform features may leverage artificial intelligence tools to enhance performance capabilities. We do NOT share, transfer, or otherwise make personally identifiable information available to any third-party or generally-distributed artificial intelligence or machine learning model providers (for example, OpenAI, Anthropic, Google Gemini, or similar foundational-model operators) for training, fine-tuning, or model development. We may use Marketing Content and Contact Data internally, under our own control and with appropriate confidentiality measures, to improve the RepDesk Services for you and your campaigns, as further described in Section 4 of the Terms of Service. This internal-improvement use does not include providing your data to third-party model trainers, and it does not include training generalized AI/ML models. Our use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Our use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We use cookies to make our websites and our platform operate, work more efficiently, and provide analytic information. Technologies similar to cookies, such as pixel tags, are also used in connection with our platform.

For Customer Support, Platform Updating and Reporting. Our platform may use information to provide us with updates and reports, and to verify that our platform is working properly. Update functions may automatically check your system to determine whether files need to be refreshed, updated, or modernized, in order to provide you with the up-to-date security, versions, features, options, and controls associated with your systems or devices. We rely on information to analyze performance and improve and maintain our platform. We also rely on personally identifiable information you provide to us to furnish you with customer support for our platform and other Services, and to verify eligibility for promotional offers.

For Business Operations. We use information to operate our business; for example, to perform accounting, auditing, billing, reconciliation, and collection activities. Other business purposes that depend on use of your personally identifiable information include crime or fraud monitoring and prevention, protecting our legal rights, and performing contractual obligations. We also use personally identifiable information to contact you to advertise, market, and sell our Services in accordance with your communications preferences.

To Communicate. We use contact information to send messages; to provide our Services; to respond to customer service requests; to provide alerts such as security updates or changes in our policies or about subscriptions that are ending; and to send marketing or informational materials like newsletters or white papers, in accordance with your communication preferences. We occasionally conduct surveys, or do focused research or studies which may require you to voluntarily share personally identifiable information in order to participate. These activities typically have additional notices that provide more information about the use of your personally identifiable information and to which you may be asked to consent.

For Advertising and Marketing. We may use personally identifiable information collected from you, combined with information about what advertisements you viewed and other information we collect, to enable us to provide personalized content and to study the effectiveness of advertising and marketing campaigns. You may choose whether to allow or deny uses or sharing of your device's location by changing your device settings, but if you choose to deny such uses or sharing, we may not be able to provide you with certain personalized Services and content on our platform.

For Statistical Purposes to Improve the Platform. We may compile platform statistics into traffic reports, which help us understand, anticipate, and respond to user needs. If we learn, for example, of heightened interest in certain aspects of our platform, we are likely to highlight that information on our platform home page. This Information helps us create a better overall experience for platform users.

Legal Basis for Our Use (Applicable Only to EEA and United Kingdom Visitors)

If you are in the European Economic Area or the United Kingdom, our legal basis for collecting and using the personally identifiable information described above will depend on the personally identifiable information concerned and the specific context in which we collect it.

However, we will collect personally identifiable information from you only where we have your consent to do so, where we need the personally identifiable information to perform a contract with you, where we have a legal obligation to do so, or where the processing is in our legitimate interests (such as processing for administrative purposes, direct marketing, product development or improvement, preventing fraud or criminal acts, and in support of information security) and not overridden by your data protection interests or fundamental rights and freedoms.

If we ask you to provide personally identifiable information to comply with a legal requirement or to perform a contract with you, we will make this clear at the time of collection. We will also tell you whether the requirement for that information is mandatory and explain any consequences to you if you do not provide the information.

Similarly, if we collect and use your personally identifiable information based on our legitimate interests (or those of any third party), we will take reasonable steps to provide clear notice and describe our legitimate interests.

We function as the Data Controller of all personally identifiable information collected through our platform in the EEA and the United Kingdom, except with respect to the Services (where we function as the Data Processor) or where a supplemental Privacy Policy says otherwise. Our contact details are set out in the "How to Contact Us" section below.

If you have questions about or need further information concerning the legal basis on which we collect and use your personally identifiable information for any specific processing activity, please contact us at [email protected].

Retention of Your Personal Information

We will only retain your personally identifiable information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements and for other purposes described in this Privacy Policy. We may retain your personally identifiable information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personally identifiable information, we consider the amount, nature, and sensitivity of the personally identifiable information, the potential risk of harm from unauthorized use or disclosure of your personally identifiable information, the purposes for which we process your personally identifiable information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements. In some circumstances you can ask us to delete your data: see "Your Legal Rights" below for further information. And in some circumstances we will anonymize your personally identifiable information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

4. SMS Messaging & Compliance

Text Message Program Terms & Conditions

By opting into our SMS messaging services, you agree to receive text messages related to our services, including appointment reminders, customer support, and important updates.

Opt-In & Consent

• You will only receive messages if you have explicitly opted in
• We maintain timestamped records of all opt-in actions
• We comply with the Telephone Consumer Protection Act (TCPA) and all applicable laws

Opt-Out Instructions

• You can cancel SMS notifications at any time by replying "STOP"
• You will receive a final confirmation message, and no further messages will be sent unless you re-opt in
• All opt-out requests are processed immediately

Message Frequency & Content

• Message frequency varies based on your interactions with our business
• Messages will be directly related to the services you have requested
• We do not send promotional content without specific consent

Help & Support

• Reply "HELP" for assistance or contact us at [email protected]
• Customer support is available during regular business hours

Carrier Information

• Standard message and data rates may apply
• Carriers are not liable for delayed or undelivered messages
• Supported carriers include AT&T, Verizon, T-Mobile, US Cellular, and most regional carriers

5. How RepDesk Protects Your Information

Our platform is designed to provide reasonable and appropriate administrative, technical, and organizational security measures to protect your personally identifiable information against risks such as temporary or permanent loss, destruction, and unauthorized or unlawful access, alteration, use, or disclosure. We require our suppliers and vendors to apply similar protections when they access or use personally identifiable information that we share with them. Users of our platform must also do their part in protecting the data, systems, networks, and service they are utilizing. No technology, data transmission or system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that your password to any account has been compromised), please immediately notify us by contacting us using the instructions in the "How to Contact Us" section below.

6. When RepDesk Shares Your Information

We work through our affiliates to provide our platform and other Services. We also work with authorized suppliers and business partners. When we share your personally identifiable information with these companies, we put in place appropriate measures to limit the use of your information only for legal and authorized purposes that are consistent with this Privacy Policy, as well as appropriate confidentiality and security measures.

We also share information with third parties for advertising and marketing; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of our platform; and to protect our legal rights. We may disclose personally identifiable information that we collect or you provide as described in this Privacy Policy:

With Affiliates and Subsidiaries

For purposes limited to and consistent with this Privacy Policy.

With Suppliers (Sub-Processors)

Our authorized vendors and suppliers may require personally identifiable information to provide services we have contracted for, such as product delivery, website hosting, data analysis, IT services, auditing, or customer service. We use a wide variety of software and tools, and we process personally identifiable information using these tools as a regular course of business. Our contracts with suppliers and vendors include provisions to protect your personally identifiable information and limit its use.

To deliver the Service we engage a small number of trusted third-party providers, each contractually bound to confidentiality and security obligations equivalent to ours. Categories include:

• Payment processor: securely handles credit card data and recurring billing on our behalf. We never store full card numbers; payment data is processed by a PCI-Level-1 certified provider.
• SMS / voice carrier: delivers your SMS messages and routes inbound and outbound calls; receives only the phone numbers and message content necessary for delivery.
• Email delivery provider: transmits transactional and marketing emails; receives only the recipient address and message content.
• Content delivery network (CDN) and security provider: caches and protects our website infrastructure; receives only public network metadata.
• Analytics provider: aggregated, non-identifying website-traffic measurement.
• Customer-relationship infrastructure provider: operates the backend platform that stores your customer database, conversation history, and workflow configuration on our behalf, under our control, with industry-standard encryption at rest and in transit.

The current list of sub-processor categories is updated when we change providers, with at least thirty (30) days notice for material changes. Contact [email protected] for the current list of named sub-processors and to request a Data Processing Agreement (DPA).

With Partners

We occasionally have relationships with third parties that are not suppliers or vendors but are working with us to offer certain opportunities such as marketing and similar promotions, to enable joint products or research studies, or to facilitate services on our platform. In these cases, additional terms or Privacy Policies may be provided. For third parties or uses not described in this Privacy Policy, we share your information only with a lawful basis to do so.

For Advertising and Marketing

We share your information with our third-party company partners to prepare and deliver advertising and marketing content, to provide content services, and to enable them to provide you with more personalized ads and to study the effectiveness of our campaigns.

In particular, we use third-party companies to communicate regarding goods and services that may be of interest to you, in accordance with your preferences. You may receive this content by a variety of means such as email, phone, or when you access and use our platform or other Services, and other websites. Content may be based on information obtained, for example, through prior purchases or transactions, through your device's physical location, through information about what advertisements and content you have viewed, or through cookies and similar technologies relating to your access to and use of our platform and other websites. You can choose whether to allow or deny uses and/or sharing of your device's location by changing your device settings, but if you choose to deny such uses or sharing, our partners may not be able to provide you with the applicable Services and content.

For Connections to Social Networks and Third Party Services

Where you are using our Services and have chosen to connect your social networks profiles to our Services, or if you authorize a third-party service to access your account, you are agreeing to provide information about you to the social networks and the third-party services under their respective terms and privacy policies. For example, if you choose to connect your YouTube account to our Services, this connection uses YouTube's API services, and the Google Privacy Policy will apply to you. If you have authorized us to access your information via the YouTube API services, in addition to our normal procedure for deleting stored data, you may revoke our access to your data via the Google security settings page.

Sales, Mergers & Acquisitions

We may disclose personally identifiable information as part of a contemplated or actual corporate transaction such as a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

With Your Consent

We may disclose your personally identifiable information to any other person or entity where you consent to the disclosure. For information about how to decline our advertising and marketing, please see the "Your Legal Rights" section below.

We do NOT share your phone number or opt-in consent with third parties unless we've received your express written consent to do so.

All sharing categories above exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties for marketing, promotional, or any other purpose unrelated to message delivery. Technical message-routing through aggregators and carrier providers of the Text Message services is strictly limited to the phone numbers and message content necessary to deliver each message you have authorized, and these providers are contractually prohibited from using that data for any other purpose.

We also share non-personally identifiable information, such as anonymized or aggregated information, with suppliers for purposes such as analysis, identifying trends in the areas of our products, and to help research and develop new Services.

We do not sell any of your personally identifiable information for monetary compensation.

7. Information From Children

We do not knowingly collect, use, or disclose Information from children under 16. If we learn that we have collected the personally identifiable information of a child under 16 (or the equivalent minimum age depending on the jurisdiction, such as 13 in the United States per the Children's Online Privacy Protection Act), we will take steps to delete the information as soon as possible. If you are under 16, do not provide any Information about yourself to us, including your name, address, telephone number, or email address. If you become aware that Information of a child under 16 years of age has been provided, please use one of the methods provided under the "How to Contact Us" section below.

8. Links to Other Websites and Services

We are not responsible for the practices employed by websites or services linked to or from our platform, including the information or content contained therein. This Privacy Policy does not address, and we are not responsible for, the policies and practices of third parties or other organizations that are not operating on our behalf, including policies and practices related to privacy and security, data collection, processing, use, storage, and disclosure. This includes: (a) any third party operating any site or service to which our platform links. The inclusion of a link on our platform does not imply endorsement of the linked site or service by us or by our affiliates. This also includes (b) any app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer (such as Facebook, Apple, Google, Microsoft, LinkedIn, etc.), including any personally identifiable information you disclose to other organizations through or in connection with our platform or other Services.

9. Cookies & Tracking Technologies

We use cookies and similar technologies to:

• Analyze site traffic and user behavior
• Remember your preferences
• Improve website functionality and user experience
• Measure the effectiveness of our services

You may control cookies through your browser settings. Disabling cookies may limit your ability to use certain features of our website.

10. Do Not Track

Some browsers incorporate a "Do Not Track" ("DNT") feature that, when turned on, signals to websites and online services that you do not want to be tracked. At this time, our platform does not respond to DNT signals.

11. Your Legal Rights

We respect your rights in how your personally identifiable information is used and shared. Depending on where you live, you may have rights to request access or corrections to your personal data and make choices about the kinds of marketing materials you receive (or choose not to receive marketing from us at all). See below for more information, depending on your location. To exercise any of these rights, email [email protected] from the email address on file with your account. We respond to verified requests within the timeframe required by the applicable law (generally 30-45 days). There is no fee unless your request is excessive or repetitive, in which case we may charge a reasonable administrative fee or refuse the request as permitted by law.

Common rights across jurisdictions include:

• Right of access: request a copy of the personal information we hold about you
• Right to rectification: correct inaccurate or incomplete information
• Right to erasure: request deletion of your personal data, subject to retention obligations under law
• Right to data portability: receive a copy of your data in a structured, commonly used, machine-readable format
• Right to object: opt out of processing for direct marketing purposes
• Right to restrict processing: limit how we use your data while a request is being verified
• Right to withdraw consent: at any time, for any communications based on your consent
• Right to lodge a complaint: with the supervisory authority in your jurisdiction
• Opt-out of SMS: reply "STOP" to any of our text messages at any time
• Opt-out of marketing email: click "unsubscribe" in any of our marketing emails

12. European Privacy Rights

Access, Correction to or Deletion of Your Information

If you would like to correct or update your Personal Information, or to request access to or deletion of your Personal Information, you may contact us by emailing [email protected] or by using the other contact details provided under the "How to Contact Us" section. If you request a change to or deletion of your Personal Information, please note that we may still need to retain certain information for recordkeeping purposes, and/or to complete any transactions that you began prior to requesting such change or deletion (for example, when you make a purchase or enter a promotion, you may not be able to change or delete the Personal Information provided until after the completion of such purchase or promotion). Some of your information may also remain within our systems and other records where necessary for compliance with applicable law.

At your request and where the law requires us to do so, we will confirm what Personal Information we hold about you. You may also have a legal right to obtain a copy of your Personal Information. You can make such a request by making a written request in one of the ways described in the "How to Contact Us" section. We may charge a processing fee for this service where permitted by law and we will require evidence of your identity before fulfilling your request.

Data Privacy Rights Specific to Individuals in the European Economic Area, the United Kingdom, and Switzerland

You can object to processing of your Personal Information, ask us to restrict processing of your Personal Information, or request portability of your Personal Information. You can exercise these rights by making a written request in one of the ways described in the "How to Contact Us" section.

Similarly, if we have collected your Personal Information with your consent, you can withdraw your consent at any time. Withdrawing your consent will not affect (1) the lawfulness of any processing we conducted prior to your withdrawal, or (2) processing your Personal Information under other legal bases.

If you believe we are using your Personal Information in a way that is inconsistent with this Privacy Policy or for more information about your rights, contact your local data protection authority. The lead supervisory authority for RepDesk is the Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg (Germany). Additionally, under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF, you may contact JAMS Mediation, Arbitration, and ADR Services at https://www.jamsadr.com/eu-us-data-privacy-framework to address complaints and provide appropriate recourse free of charge to you. Under certain conditions, you may invoke binding arbitration.

Advertising and Marketing Choices

We give you many choices regarding our use and disclosure of your Personal Information for advertising and marketing purposes. You may access or update your contact details and modify your communication preferences by using one of the methods provided under the "How to Contact Us" section. Please also note that if you choose not to receive marketing communications from us, we may still send you communications related to your products or the Platform, such as information about a security update, service issue or product delivery. Some advertising content is delivered through the Platform's use of cookies and similar technologies.

13. International Compliance

RepDesk is operated from Germany. While the company itself is based in Germany, our customer-platform backend, our communications-and-CRM service providers, and certain other sub-processors are located in the United States. As such, we may transfer your Personal Information between your country of residence and the United States, Germany, and our affiliates, business partners, and sub-processors in other countries. We may also transfer your Personal Information to our third-party service providers, who may be located in a different country than you.

RepDesk transfers information internationally in order to operate efficiently, to improve performance, and to create redundancies to protect information in the event of an outage or other problem. In so doing, we will process your Personal Information in a way that meets the commitments of this Privacy Policy and complies with the law wherever we transfer it.

Whenever RepDesk transfers Personal Information beyond the country of origin, we will do so in accordance with applicable laws. For Personal Information originating in the European Economic Area (EEA), the United Kingdom (UK), or Switzerland that is transferred to RepDesk's U.S. sub-processors, RepDesk relies on its sub-processors' participation in the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), as well as on Standard Contractual Clauses (SCCs) approved by the European Commission and additional technical and organizational safeguards. The Federal Trade Commission has jurisdiction over our U.S. sub-processors' compliance with the DPF Programs. Our sub-processors are liable in cases of onward transfers to third parties.

14. Data Privacy Framework

RepDesk's principal U.S.-based sub-processors, including the provider of our customer-relationship infrastructure, telephony, payment processing, and content delivery, comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. These sub-processors have certified to the U.S. Department of Commerce that they adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. They have also certified to the U.S. Department of Commerce adherence to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. To learn more about the Data Privacy Framework (DPF) program and view participating organizations, please visit https://www.dataprivacyframework.gov/. For the current list of named sub-processors and their respective DPF certification status, contact [email protected].

15. California Privacy Rights

This section is addressed to California residents only and provides more information about your rights under the California Consumer Privacy Act or "CCPA" (California Civil Code Section 1798.100 et seq.), as amended. Subject to certain exceptions, the CCPA grants to California residents the rights to: be notified about the collection, use, disclosure, sale or sharing of their Personal Information; request access to, deletion of, or correction of their Personal Information; request to opt out of the "sale" or "sharing" of Personal Information (where such information is sold or shared); limit the use or disclosure of Sensitive Personal Information (as defined under CCPA); and to not be discriminated against for exercising such rights.

RepDesk does not sell your Personal Information. If you wish to exercise your right to opt-out of RepDesk using your Personal Information for cross-contextual targeted advertising purposes (called "sharing" under the CCPA), you may do so by emailing [email protected] or using the appropriate withdrawal mechanism provided to you on the Platform.

You can request access to, correction of or deletion of your Personal Information by emailing [email protected]. If you request a deletion of your Personal Information, please note that RepDesk may still need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by CCPA. If you submit a request to exercise rights under CCPA, RepDesk will ask you to provide certain information to verify your identity. This information will depend on your prior interactions with RepDesk and the sensitivity of Personal Information at issue. If RepDesk denies your request, we will explain why.

You can designate an authorized agent to make a request under the CCPA on your behalf in certain circumstances. If you use an authorized agent for this purpose, RepDesk may ask you to verify your identity or that you provided the authorized agent signed permission to submit a request under the CCPA. If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and RepDesk will respond to any request from such authorized agent in accordance with the CCPA.

If RepDesk collects Sensitive Personal Information, we limit our use of the Sensitive Personal Information to uses: (1) you have authorized, (2) that are required to fulfill your requests for goods or services, or (3) that are otherwise allowed by the CCPA or required by other laws or regulations.

Categories of Personal Information Collected, Disclosed, and Shared from California Residents Over the Preceding 12 Months and Applicable Retention Periods

16. Colorado Privacy Rights

This section is addressed to Colorado residents only and provides more information about your rights under the Colorado Privacy Act or "CPA." Subject to certain exceptions, the CPA grants to Colorado residents the rights to: be notified about the collection, use, disclosure, or sale of their Personal Information; request access to, deletion of, or correction of their Personal Information; and request to opt out of the use of Personal Information for targeted advertising, sale, or certain profiling.

You can request access to, correction of or deletion of your Personal Information by emailing [email protected]. If you request a deletion of your Personal Information, please note that RepDesk may still need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by CPA. If you submit a request to exercise rights under CPA, RepDesk will ask you to provide certain information to verify your identity. This information will depend on your prior interactions with RepDesk and the sensitivity of Personal Information at issue. If RepDesk denies your request, we will explain why. If we have not responded to your request or asked for additional time to respond to your request within 45 days after you send us a request, you have the right to appeal our failure to take action. To appeal, contact us at [email protected].

You can designate an authorized agent to make a request under the CPA on your behalf in certain circumstances. If you use an authorized agent for this purpose, RepDesk may ask you to verify your identity or that you provided the authorized agent signed permission to submit a request under the CPA.

17. Connecticut Privacy Rights

This section is addressed to Connecticut residents only and provides more information about your rights under the Connecticut Data Privacy Act or "CTDPA." You can exercise your rights by emailing [email protected]. If we inform you that we decline to take action regarding your request, you have the right to appeal our failure to take action by contacting us at the same address.

18. Utah Privacy Rights

This section is addressed to Utah residents only and provides more information about your rights under the Utah Consumer Privacy Act or "UCPA." You can exercise your rights by emailing [email protected].

19. Virginia Privacy Rights

This section is addressed to Virginia residents only and provides more information about your rights under Virginia's Consumer Data Protection Act or "VCDPA." Subject to certain exceptions, the VCDPA grants to Virginia residents the rights to: be notified about the collection, use, disclosure, or sale of their Personal Information; request access to, deletion of, or correction of their Personal Information; request to opt out of the use of Personal Information for targeted advertising, sale, or certain profiling; and to not be discriminated against for exercising such rights.

You can request access to, correction of or deletion of your Personal Information by emailing [email protected]. If you request a deletion of your Personal Information, please note that RepDesk may still need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by VCDPA. If you submit a request to exercise rights under VCDPA, RepDesk will ask you to provide certain information to verify your identity. This information will depend on your prior interactions with RepDesk and the sensitivity of Personal Information at issue. If RepDesk denies your request, we will explain why. If we inform you that we decline to take action regarding your request, you have the right to appeal our failure to take action. To appeal, contact us at [email protected].

20. Changes to This Privacy Policy

We may update this policy periodically. The latest version will always be available on our website with the effective date. For significant changes, we will notify you by email or through a notice on our website.

21. How to Contact Us

If you have questions about this Privacy Policy or how your information is handled, contact us at:

For information about our terms, please read our Terms of Service.

By using our website and services, you consent to this Privacy Policy.