Privacy Policy

2.1 Information You Provide

Account Information: Name, email address, phone number, company name, business address, and billing information.

Business Data: Customer records, contact information, project details, invoices, communications history, and other operational data you enter into the platform.

Communications Content: Email messages, SMS messages, voice call recordings, and other communications sent or received through our platform.

A2P 10DLC Registration Data: For US SMS messaging compliance, we collect business identity information including EIN, business type, address, website, and campaign use case descriptions as required by carrier regulations.

2.2 Information We Collect Automatically

Usage Information: Features accessed, actions taken, time spent, click patterns, and interaction data.

Device Information: Browser type, IP address, device identifiers, operating system, and network information.

Location Data: Approximate location based on IP address (not precise GPS location).

Cookies and Tracking: We use cookies, web beacons, and similar technologies to track activity and maintain sessions.

We use the information we collect to:

• Provide, maintain, and improve our Services
• Process transactions and send transactional communications
• Send and receive SMS messages, emails, and voice calls on your behalf
• Register your business for A2P 10DLC compliance with mobile carriers
• Monitor and prevent fraudulent, unauthorized, or illegal activity
• Send technical notices, security alerts, and support messages
• Respond to your requests, comments, and questions
• Analyze usage patterns and improve user experience
• Develop new features and services
• Comply with legal obligations and enforce our terms

Service Providers: We use third-party service providers to operate our platform:

• Twilio: SMS messaging, voice calls, and A2P 10DLC registration. Subject to Twilio's Privacy Policy.
• SendGrid: Email delivery and inbound email processing. Subject to SendGrid's Privacy Policy.
• Stripe: Payment processing and billing. Subject to Stripe's Privacy Policy.
• Cloud Infrastructure: Hosting, database, and storage providers.
• Analytics: Usage analytics and performance monitoring.

Mobile Carriers: For SMS messaging, we share your business information with mobile carriers as required for A2P 10DLC registration and compliance.

Your Customers: When you send communications (SMS, email, voice) through our platform, we transmit the content and your sender information to recipients.

Legal Requirements: When required by law, subpoena, court order, or to protect our rights and safety.

Business Transfers: In connection with a merger, acquisition, or sale of assets. You will be notified of any change in ownership.

Message Content: When you use Pulse to send SMS or email messages, we process and transmit the message content to deliver it to recipients. We do not read, analyze, or use message content for advertising.

Message Metadata: We collect metadata about messages (sender, recipient, timestamp, delivery status) to provide the service and for troubleshooting.

Consent Records: We store records of recipient consent for SMS and email communications as required by law (TCPA, CAN-SPAM).

Carrier Access: Mobile carriers may access SMS message content and metadata as part of message delivery and compliance monitoring.

Retention: Message content and metadata are retained according to your account settings and legal requirements. See Section 8 for details.

We implement industry-standard security measures to protect your data:

• Encryption: Data encrypted in transit (TLS 1.2+) and at rest (AES-256)
• Access Controls: Role-based access control (RBAC) and multi-factor authentication
• Infrastructure: SOC 2 compliant cloud infrastructure with regular security audits
• Monitoring: 24/7 security monitoring and incident response
• Employee Access: Strict access policies and background checks for employees

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

Depending on your location, you may have the following rights:

7.1 General Rights

• Access: Request a copy of the personal information we hold about you
• Correction: Correct inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Portability: Export your data in a machine-readable format
• Objection: Object to certain processing of your information
• Restriction: Request restriction of processing in certain circumstances

7.2 Communication Preferences

• Marketing Opt-Out: Unsubscribe from marketing emails via the link in each message
• SMS Opt-Out: Reply STOP to any SMS message to opt out of that message thread
• Transactional Messages: You cannot opt out of service-related messages (security alerts, billing notices)

7.3 California Residents (CCPA/CPRA)

California residents have additional rights including the right to know what personal information is collected, sold, or disclosed, and the right to opt out of sales (we do not sell personal information).

7.4 European Residents (GDPR)

EU/EEA residents have rights under GDPR including data portability, the right to lodge a complaint with a supervisory authority, and the right to withdraw consent.

To exercise your rights, contact us at privacy@pulse.app.

We retain different types of data for different periods:

• Account Data: Retained while your account is active and for 30 days after deletion (to allow recovery)
• Business Data: Retained according to your account settings, with a minimum of 7 years for financial records (tax compliance)
• Communications: Message content retained for 90 days by default (configurable); metadata retained for 2 years
• Audit Logs: Security and compliance logs retained for 7 years
• Consent Records: SMS/email consent records retained for 4 years after opt-out (TCPA compliance)
• Backups: Backup copies may persist for up to 90 days after deletion

We will retain and use your information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us: