Privacy policy

Last updated: 06.10.2025.

At SendiGoPro, we believe privacy done right builds trust. We design our products and services to collect only what's needed, protect it with care, and use it transparently. This Privacy Notice explains what personal data we collect, why, how we use and share it, and the choices you have. Where relevant, we'll also provide just-in-time notices.

A plain-language overview of key practices can be made available on request. If anything here isn't clear, contact us at [email protected].

1. Definitions

"Personal data" means information that identifies or can reasonably be linked to an individual.

"Services" means SendiGoPro's communications, messaging, verification, and related cloud services, APIs, dashboards, SDKs, and support.

"Customer" means a business or developer using our Services.

"End User" means an individual interacting with a Customer application that uses our Services.

"Controller/Processor" have the meanings in applicable data protection laws (e.g., GDPR).

2. About SendiGoPro Services

We provide programmable communications tools that enable Customers to deliver and manage messages, alerts, verifications (e.g., OTP), and conversations across channels. Depending on the use case, SendiGoPro may act as a controller (e.g., for our website or account management) or as a processor (e.g., when we process End User data on behalf of a Customer).

3. Who is responsible for your personal data?

When you interact with our websites, sales, marketing, events, or create an account, SendiGoPro is the controller. When we process End User data strictly to deliver Services to a Customer, the Customer is the controller and SendiGoPro is the processor.

Contact: [email protected]

4. How do we obtain your personal data?

• Directly from you (website forms, account creation, support tickets, event registrations).
• From Customers who submit End User data to deliver messaging/verification.
• Automatically via cookies/SDKs (device, usage, diagnostics).
• From partners and service providers (e.g., fraud prevention, analytics, lead generation) where lawful.

5. What we collect, why, legal basis & retention

Account & Billing Data (name, email, company, role, log-in credentials, payment details), to create and maintain accounts, provide support, process payments, prevent fraud. Legal bases: contract, legitimate interests, legal obligation (billing/tax). Retention: for the life of the account plus required record-keeping periods.

Service Data / Logs (metadata like sender/recipient identifiers, timestamps, delivery/verification status, limited content where necessary), to provide the Services, security, troubleshooting, and compliance. Legal bases: contract, legitimate interests, legal obligation. Retention: minimal and time-bound per product and legal requirements.

Marketing & Website Data (cookies/analytics, preferences), to improve the site, measure performance, tailor communications where permitted. Legal bases: consent where required, legitimate interests otherwise. Retention: per cookie lifespan or until withdrawn.

Support Interactions (tickets, chat, call recordings if used), to resolve issues and improve services. Legal bases: contract, legitimate interests. Retention: for case lifecycle and quality controls.

Sensitive data: We do not intentionally collect special categories unless strictly required and lawful (and then only with appropriate safeguards and, where required, consent).

6. How and with whom we share personal data

• Service providers / processors (cloud hosting, security, billing, support) under data protection agreements.
• Communications partners (e.g., carriers, aggregators) to deliver messages/verifications.
• Legal, safety, and compliance when required by law, to protect rights, or prevent abuse/fraud.
• Corporate transactions (merger, acquisition, restructuring) subject to appropriate protections.

7. International transfers

We may process and store data globally. Where transfers occur from regions with data export rules (e.g., EEA/UK), we use recognized safeguards such as EU/UK Standard Contractual Clauses and, where required, supplementary measures.

8. How we secure your personal data

We implement administrative, technical, and physical measures aligned with industry standards (e.g., encryption in transit and at rest where appropriate, access controls, logging, vulnerability management, incident response). No system is 100% secure, but we continuously improve our program and train our teams.

9. Your privacy rights

Depending on your location, you may have rights to access, correct, delete, restrict or object to processing, portability, and to withdraw consent. You also may have the right to lodge a complaint with your supervisory authority. Where we process data as a processor for a Customer, please contact that Customer to exercise your rights.

Submit a request: [email protected]

10. Automated decision-making

We do not engage in automated decision-making that produces legal or similarly significant effects without human involvement. Some automated processing (e.g., fraud detection signals, rate limiting) supports security and service integrity and is subject to human oversight.

11. How long we keep data

We retain personal data only as long as necessary for the purposes described or as required by law (e.g., tax, audit), then delete or anonymize it. Product-specific retention periods are applied to logs and metadata.

12. Information from children

Our Services are not directed to children and we do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us and we'll take appropriate steps.

13. Updates to this Notice

We may update this Notice to reflect changes in law, technology, or our practices. We'll post the updated version with a new "Last updated" date and, where required, notify you.

14. Appendix 1. Local/Regional Requirements

EEA/UK (GDPR): For EEA/UK residents, SendiGoPro may appoint an EU/UK representative if required. Legal bases include contract performance, legitimate interests, consent (where applicable), and legal obligations. Transfers outside the EEA/UK rely on SCCs and safeguards.

US (e.g., CCPA/CPRA): California residents may have rights of access, deletion, correction, opt-out of "sale"/"sharing" of personal information, and non-discrimination. We do not knowingly sell personal information.

Brazil (LGPD): Residents may have rights to confirmation, access, correction, portability, deletion, anonymization, information on sharing, and review of automated decisions, as provided by law.

For region-specific contact details or questions, email [email protected].

How to contact us: SendiGoPro • Attn: Privacy • [email protected]