Privacy Policy

Last updated: January 28, 2025

Introduction

SimpL S.r.l. ("SimpL," "we," "us," or "our") is committed to protecting and respecting your privacy. This Privacy Policy ("Policy") describes how we collect, use, store, share, and protect personal data in compliance with the General Data Protection Regulation (GDPR) when you: • Visit and use our website(s): simpl.sales (the "Website"). • Interact with our software platform, subscription services, or related tools and applications (collectively, the "Services"). • Communicate with us by email, phone, or other channels. By using our Services, you agree to the collection and use of personal data according to this Policy. However, if you do not agree with any part of this Policy, please do not use our Services.

Who We Are

• Company Name: SimpL S.r.l. • Registered Address: Via Vittor Pisani 8, 20124 Milan, Italy • Privacy Contact: Privacy Team • Email: privacy@simpl.sales SimpL provides B2B lead-generation software that helps recruiting and staffing agencies identify, enrich, and score potential sales leads based on publicly available data and customer-defined ideal customer profiles ("ICPs"). Our Role as Data Controller / Processor SimpL S.r.l. is generally the Data Controller of personal data we collect for our own purposes (e.g., operating our Website, creating user accounts, billing). However, in certain cases—when our customers upload, input, or otherwise manage personal data regarding their own leads or candidates in our platform—our customers act as Data Controllers, and SimpL processes such data as their Data Processor according to their instructions and our contractual agreements.

Scope of this Policy

This Policy applies to information we collect from: 1. Website Visitors – Individuals who browse our publicly accessible Website. 2. Customers and Authorized Users – Individuals or entities subscribing to our Services (including users who access leads, pipelines, or team features). 3. Leads and Business Contacts – Individuals whose data we collect, enrich, or score on behalf of our customers for recruiting or sales outreach purposes. Important: This Policy does not cover information collected offline or by any third-party websites/services not under our control.

What Information We Collect

Information You Provide Directly

• Registration & Account Data: Name, email address, phone number, job title, company name, billing address, payment details (processed via a secure third party), and user credentials (username, password). • Service Interactions: Leads you add, messages you send via our platform, feedback or support requests, ICP details, and similar. • Communications: Emails, calls, or other messages you send to us (e.g., inquiries or requests).

Information We Collect Automatically

When you use our Website or Services, we may automatically collect: • Device/Browser Data: IP address, browser type, operating system, device identifiers, language settings, screen resolution. • Usage Data: Pages or features visited, date/time stamps, navigation paths, session replays, interactions with our platform. • Cookies and Similar Technologies: We use cookies, local storage, web beacons, and session replay tools to personalize user experience and analyze usage. (See Section 9 on cookies.)

Information from Third Parties

We may also obtain relevant data from: • Public Databases / Social Networks: E.g., LinkedIn, Apollo, and similar platforms for publicly available lead data (names, job titles, company size). • Business Directories & Websites: Info from publicly accessible sources, directories, or corporate pages. • Partners / Referrals: Customers may refer additional users or share lead contacts with us.

How We Use Your Information

We process personal data for the following GDPR-compliant purposes: 1. Service Provision & Operations • Creating and managing user accounts. • Generating and refining daily lead databases. • Matching leads against ICPs. • Implementing AI-driven scoring and analytics. 2. Billing & Subscription Management • Handling subscription payments for single or multi-user licenses. • Enforcing subscription terms (usage limits, team features, etc.). 3. Customer Support & Communications • Addressing inquiries, troubleshooting, and feedback. • Sending updates about features, policy changes, or service notifications. 4. Research & Development (R&D) • Improving our AI models, scoring algorithms, and platform functionalities. • Conducting aggregate analytics on usage trends. • Creating anonymized or de-identified data sets for business insights. 5. Marketing (With Consent, If Required) • Sending optional promotional emails or updates about features and expansions. • You may opt out at any time. 6. Legal & Compliance • Complying with applicable laws, regulations, or legal processes. • Investigating fraudulent, unauthorized, or malicious activity (e.g., hacking, identity theft). • Enforcing agreements, including Terms of Service and subscription contracts. 7. Other: With your explicit consent for any additional purpose disclosed at the time of collection.

How We Share Your Information

Service Providers (Processors)

We rely on trusted third parties for: • Hosting & Storage: E.g., Supabase, AWS. • Payment Processing: E.g., Stripe (we do not store full card details). • Analytics / Marketing Tools: E.g., Google Analytics, email or campaign platforms. • AI or Enrichment APIs: Possibly OpenAI or other data-enrichment providers. Such providers are contractually bound to process personal data only per our instructions and protect it adequately.

Customers

When we act as a Processor, we may share business contact information with our staffing/recruitment agency customers if it is publicly available or they have appropriate lawful basis. For instance, publicly available lead data may appear in the daily updated lead lists and scores.

Affiliates & Corporate Transactions

• Affiliates: If SimpL has subsidiaries or is part of a group, we may share data within that group under strict confidentiality. • Business Transfers: If there is a merger, acquisition, asset sale, or financing, personal data may be transferred as part of due diligence or the final transaction.

Data Security & Breach Notification

We implement commercially reasonable measures to safeguard personal data, including: • Encryption in transit and/or at rest (where feasible). • Access controls and authentication. • Firewalls and network monitoring. While no method of transmission or storage is 100% secure, we make good-faith efforts to protect your data. In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected individuals and/or supervisory authorities promptly, in line with GDPR requirements.

Your GDPR Rights

If you are in the EEA or UK, you have the following rights regarding your personal data, subject to certain legal limitations: 1. Right of Access: Request a copy of your personal data and supplementary information. 2. Right to Rectification: Correct inaccurate or incomplete personal data. 3. Right to Erasure ("Right to be Forgotten"): Request deletion of your data where there's no lawful basis for continued processing. 4. Right to Restrict Processing: Ask us to restrict the processing of your data under certain circumstances. 5. Right to Object: Object to processing based on legitimate interests or for direct marketing purposes. 6. Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller. 7. Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time without affecting previous lawful processing. To exercise these rights, please email us at privacy@simpl.sales. We may require reasonable proof of your identity to protect personal data from unauthorized access. Right to Lodge a Complaint: If you believe your rights have been violated, you can also file a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) or with the supervisory authority in the EU Member State of your habitual residence, place of work, or alleged infringement.

Cookies & Similar Technologies

We use cookies, web beacons, and local storage for: • Session Management: Keeping you logged in and personalizing content. • Analytics: Understanding usage patterns to improve our Services. • Preferences: Storing language or layout preferences. When you first visit our Website, you may see a cookie banner or consent tool allowing you to accept or reject non-essential cookies. Essential cookies are always enabled for the operation of our site. • Blocking Cookies: You can typically block or delete cookies through your browser settings, but doing so may limit some functionality. • Consent Management: Where required, we ask for your prior consent for non-essential cookies.

Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this Policy, including to: • Provide and improve our Services. • Comply with legal or accounting obligations (e.g., tax record-keeping). • Resolve disputes or enforce agreements. For example: • Account Data is retained for as long as your account remains active and for up to 2 years after closure for legal or contractual obligations. • Billing / Transaction Records are retained for 7 years per local tax/accounting rules. • Marketing Data is retained until you unsubscribe or for up to 2 years from your last interaction. We regularly review such data and delete or anonymize it when it is no longer required.

Children's Privacy

Our Services are not intended for individuals under 16 years of age (or the minimum age required by local law). We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, please contact us at privacy@simpl.sales, and we will promptly delete it.

AI & Automated Scoring

We use artificial intelligence and machine learning to enrich and score leads, but no solely automated decision produces legal or similarly significant effects without human intervention. If you have concerns about our AI processes, please contact us to request further information or human review.

Changes to this Privacy Policy

We reserve the right to modify or update this Policy at any time. When we make changes, we will: • Post the new version on our Website with an updated "Last Updated" date. • Notify you via email or prominent notice if the changes are significant. Continuing to use our Services after such updates indicates your acceptance of the revised Policy.

Contact Us

If you have any questions, requests, or concerns about this Policy or your personal data, please contact us: SimpL S.r.l. Attn: Privacy Team Via Vittor Pisani 8 20124 Milan, Italy Email: privacy@simpl.sales We aim to respond to your request within one month (or as required by GDPR). Thank you for trusting SimpL with your data!