GDPR Compliance

Last updated: January 20, 2025

Our Commitment to GDPR

Sales Webhooks is committed to complying with the General Data Protection Regulation (GDPR) and protecting the rights of individuals in the European Economic Area (EEA) and United Kingdom.

Legal Basis for Processing

We process personal data under the following legal bases:

Legitimate Interests

  • Monitoring publicly available LinkedIn data for business intelligence
  • Providing our service to customers
  • Improving and securing our service

Contract Performance

  • Processing customer account data
  • Delivering webhook notifications
  • Processing payments

Legal Obligations

  • Maintaining records for tax purposes
  • Responding to legal requests

Data Subject Rights

Under GDPR, you have the following rights:

Right to Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data in certain circumstances.

Right to Restrict Processing

You can request that we limit how we use your personal data.

Right to Data Portability

You can request your data in a structured, commonly used format.

Right to Object

You can object to processing based on legitimate interests or direct marketing.

Data Protection Measures

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Limited access controls
  • Employee training on data protection
  • Data breach notification procedures
  • Privacy by design principles

International Data Transfers

When we transfer personal data outside the EEA, we ensure appropriate safeguards:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable
  • Additional security measures

Data Retention

We retain personal data only as long as necessary:

  • Active account data: Duration of account plus 30 days
  • LinkedIn monitoring data: 90 days after subscription end
  • Financial records: 7 years (legal requirement)
  • Marketing data: Until consent withdrawn

Data Processing Agreement

For enterprise customers, we offer a Data Processing Agreement (DPA) that outlines:

  • Roles and responsibilities
  • Security measures
  • Sub-processor information
  • Audit rights

Contact legal@saleswebhooks.com to request a DPA.

Sub-processors

We use the following sub-processors:

  • Stripe - Payment processing (USA)
  • Resend - Email delivery (USA)
  • Cloud Infrastructure Provider - Hosting (USA/EU)

Exercising Your Rights

To exercise any of your GDPR rights:

  1. Email us at privacy@saleswebhooks.com
  2. Include proof of identity
  3. Specify which right(s) you wish to exercise
  4. We will respond within 30 days

Supervisory Authority

You have the right to lodge a complaint with your local data protection authority if you believe we have not complied with GDPR.

Contact Our DPO

For GDPR-related inquiries, contact our Data Protection Officer:

Data Protection Officer

Sales Webhooks

Email: dpo@saleswebhooks.com