genflos logo

Privacy Policy

Introduction

This Privacy Policy outlines how GenFlos AI ("we," "us," or "our") collects, uses, and protects data in the course of providing B2B lead generation and cold email outreach services for our clients. This policy applies to the data we process on behalf of our clients and the data collected through our own website.

Data We Collect for Outreach Services

For our lead generation services, we collect business-related information about individuals ("Business Contacts") to conduct outreach on behalf of our clients. This data is sourced from publicly available sources, third-party data providers, and our own research. The information includes:

  • Full Name
  • Job Title / Position
  • Company Name
  • Business Email Address
  • Company Website and LinkedIn Profile
  • General location (City, State, Country) of the company

We do not knowingly collect or process sensitive personal data (e.g., health, financial, or biometric information). Our services are strictly for business-to-business purposes.

Legal Basis for Processing

We process Business Contact data under the legal basis of "legitimate interests" as defined in Article 6(1)(f) of the GDPR. Our legitimate interest is to enable our clients to conduct direct B2B marketing to individuals who are likely to be interested in their products or services based on their professional role and industry. We have determined that this interest is not overridden by the interests or fundamental rights of the data subjects, particularly given the business context and the low-impact nature of the data.

How We Use Data

The Business Contact data we collect is used exclusively for our clients' B2B sales and marketing efforts, which primarily involves sending personalized cold emails. Data is used to:

  • Identify potential leads for our clients.
  • Personalize and send outreach communications.
  • Provide our clients with lists of qualified leads.
  • Comply with legal obligations and industry best practices.

Data Sharing and Sub-processors

We share Business Contact data with our clients for whom we are conducting the outreach campaigns. We also use third-party sub-processors for services such as email sending, data verification, and CRM management. All our sub-processors are vetted and bound by data processing agreements that ensure the security and confidentiality of the data.

Your Data Rights and Opt-Out

Every individual who receives an email from us on behalf of a client has the right to opt-out of future communications. All our emails contain a clear and conspicuous unsubscribe link. You also have the right to:

  • Request access to the data we hold about you.
  • Request correction of any inaccurate data.
  • Request deletion of your data from our systems.

To exercise these rights, you can reply to any email you receive from us or contact us directly at hello@genflos.ai.

Data Retention

We retain Business Contact data for the duration of a client's campaign and for a reasonable period afterward as required for reporting and legal compliance. Data is permanently deleted from our active systems upon request or when it is no longer needed for its intended purpose.

Compliance with Regulations

We are committed to complying with all applicable data protection laws, including the GDPR in Europe and the CAN-SPAM Act in the United States. Our practices include maintaining suppression lists, honoring opt-out requests promptly, and ensuring our email content is not deceptive.

Security Measures

We implement robust technical and organizational security measures to protect data from unauthorized access, disclosure, alteration, or destruction. This includes access controls, data encryption, and regular security reviews.