Privacy Policy

This Privacy Policy explains how PrimoDato, Inc. ("PrimoDato," "we," "our," or "us") collects, uses, discloses, and protects information when you visit our websites, create an account, purchase credits or subscriptions, interact with our platform, or contact our team. It applies to information processed through our web application, APIs, billing workflows, product analytics, and customer support channels.

PrimoDato provides a B2B firmographic and technographic intelligence platform for revenue teams. We are committed to transparent privacy practices and to handling personal data in a lawful, fair, and proportionate way. This policy should be read together with our Terms of Service and, where applicable, our Data Processing Agreement.

1. Introduction

PrimoDato acts as a controller for information relating to account creation, billing, website administration, customer support, marketing preferences, and general product usage. In limited circumstances we may also act as a processor where customers use PrimoDato to store or manage information they upload or submit through the platform. This policy covers both roles and describes the safeguards we apply to each.

2. Information We Collect

Account and profile data

When you register for an account, we collect your name, business email address, password hash, company details you choose to provide, profile image, team role, account preferences, and authentication metadata such as sign-in timestamps and session tokens.

Usage and activity data

We collect information about how you use PrimoDato, including search queries, saved searches, reveal activity, export actions, API usage, feature interactions, error events, browser type, IP address, approximate geolocation derived from IP, device identifiers, and referral URLs.

Payment and subscription data

If you purchase a subscription or credit top-up, our payment processor collects your payment card details directly. PrimoDato receives billing metadata such as customer ID, plan selection, subscription status, invoice history, payment intent identifiers, credit grants, and limited billing contact information.

Cookies and similar technologies

We use cookies, local storage, web beacons, and analytics technologies to keep you signed in, protect against abuse, measure product performance, remember interface preferences, and understand how visitors use our website. Additional detail is available in our Cookie Policy.

3. How We Use Your Information

• Provide, operate, maintain, and improve the PrimoDato platform.
• Create and manage accounts, authenticate users, and secure sessions.
• Process purchases, manage subscriptions, issue credits, and reconcile billing records.
• Deliver customer support, onboarding assistance, transactional notices, and service updates.
• Detect, investigate, and prevent fraud, abuse, unauthorized access, and policy violations.
• Analyze feature usage, platform performance, and customer workflows to improve usability.
• Comply with legal obligations, respond to lawful requests, and enforce our agreements.
• Send product updates, educational content, or marketing communications where permitted by applicable law and subject to your communication preferences.

4. Data Sharing

We do not sell personal information and we do not broker customer account data to third parties for their independent marketing use. We share information only where necessary to operate PrimoDato, fulfill customer instructions, comply with law, or protect rights and security.

Our current core processors and infrastructure providers include:

• Paddle for subscription billing, payment processing, and fraud prevention.
• Vercel for web hosting, delivery, deployment infrastructure, and edge runtime services.
• MongoDB Atlas for application logging, activity streams, and unstructured operational data.
• Resend for transactional email delivery.
• Upstash for rate limiting, caching, and Redis-backed operational controls.

We may also disclose information to professional advisors, auditors, law enforcement, or corporate counterparties in connection with legal compliance, mergers, acquisitions, or asset transfers, subject to appropriate confidentiality and security safeguards.

5. Data Retention

We keep personal data only for as long as necessary for the purposes described in this policy, including to satisfy legal, contractual, tax, accounting, and security requirements.

• Account records are retained while the account remains active and for a limited archival period after closure.
• Billing and tax records are retained for up to seven years where required by law.
• Search logs and usage telemetry are generally retained for up to 90 days unless needed for security investigations.
• Support communications may be retained for up to three years to manage ongoing customer relationships.
• Backup copies may persist for a limited period before secure deletion or overwrite.

6. Your Rights (GDPR/CCPA)

Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, or object to certain processing of your personal data. You may also have rights to data portability, to withdraw consent where processing is based on consent, and to opt out of certain sharing or profiling practices where applicable.

California residents may request disclosure of the categories of personal information we collect, the sources from which it is collected, the purposes for which it is used, and the categories of third parties with whom it is shared. EU, UK, and EEA residents may exercise rights under the GDPR, including the right to lodge a complaint with a supervisory authority.

To exercise these rights, contact us at privacy@primodato.com. We may need to verify your identity before fulfilling a request.

7. Cookies and Tracking

We use necessary cookies to enable authentication, security checks, and core site functionality. We also use analytics cookies to understand traffic patterns and product usage. Certain billing and fraud prevention workflows may set provider cookies, including from Paddle. You can control cookies through browser settings and, where required, through our consent banner.

Blocking all cookies may affect the availability of some platform features, including login, saved preferences, and fraud detection protections.

8. International Data Transfers

PrimoDato is based in the United States and may process information in the United States or other jurisdictions where our service providers operate. Where personal data is transferred outside the EEA, UK, or Switzerland, we rely on appropriate transfer mechanisms such as Standard Contractual Clauses, supplementary technical safeguards, or adequacy decisions where available.

9. Security

We use administrative, technical, and physical safeguards designed to protect personal data. These measures include encryption in transit, encryption at rest on supported systems, password hashing, role-based access controls, audit logging, environment separation, secrets management, and ongoing monitoring aligned to SOC 2-oriented security practices. No system is perfectly secure, but we work continuously to reduce risk and respond quickly to emerging threats.

10. Children's Privacy

PrimoDato is a business product intended for professional users. We do not knowingly collect personal information from anyone under the age of 16. If we learn that a minor has provided personal information to us without appropriate authorization, we will take steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect product changes, legal developments, or revised data practices. When we make material changes, we will update the "Last updated" date above and, where required, provide additional notice such as email, in-product messaging, or consent refresh prompts.

12. Contact Us

Questions, requests, or complaints regarding this Privacy Policy may be directed to privacy@primodato.com. You may also write to PrimoDato, Inc., Attn: Privacy Team, 251 Little Falls Drive, Wilmington, Delaware 19808, United States.