Log in
2Roles & Responsibilities
2.1Pipedrive as a Data Controller:
2.2Pipedrive as a Data Processor:
2.3Data Subject’s and Client’s Responsibilities:
3The Information We Collect
3.1Information You Provide Directly to Pipedrive
3.2Automatically Collected Information
3.4Information We Collect from Third Parties
4How We Use the Information We Collect
4.6Additional Limits on Use of Your Google User Data
5To Whom We Disclose Information
5.1Unrestricted Information
5.2Other Users in Your Company Account
5.3Service Providers
5.4Social Media
5.5Advertising and Marketing
5.7Non-Personally Identifiable Information
5.9Change of Ownership
6Data Security
7International Data Transfers
8Minors and Children’s Privacy
9Data Retention
10Your Choices
10.1Your Rights with Respect to Information We Hold About You as a Controller
10.2Opting out
10.3Information processed on Pipedrive Client’s behalf
11Your California Privacy Rights
11.1Categories of Personal Data Collected
11.2Business and Commercial Purposes for Collection; Disclosures for a Business Purpose
11.3Categories of Personal Data Sold or Shared for Cross-Context Behavioral Advertising
11.4Your Rights
11.5How to Exercise Your California Rights
12Do Not Track (DNT) requests
13Changes and Updates to this Notice
14How to Contact Us

Current as of July 4, 2024

Privacy Notice

Welcome, and thank you for your interest in Pipedrive (“Pipedrive”, “we,” or “us”), our web site at https://www.pipedrive.com (the “Site”), and all related web sites, downloadable software, mobile applications (including tablet applications), and other services provided by us and on which a link to this Privacy Notice is displayed, and all other communications with individuals though from written or oral means, such as email or phone (collectively, together with the Site, our “Service”).

This Privacy Notice (“Notice”) describes the information we gather on or through the Service, how we use and disclose such information, and the steps we take to protect such information.

If you are a California resident, please review the section of this Notice for California residents.

To understand what cookies we use, please review our Cookie Notice.

This Notice is incorporated into and is subject to the Pipedrive Terms of Service.

The addresses of our offices, where Pipedrive, Inc. and our affiliates are located, can be found here.

1. Definitions

Capitalized terms used but not defined in this Notice have the meaning given to them in the Pipedrive Terms of Service.

“Personal Data” means any information relating to an identified or identifiable natural person.

“Public Area” means the area of the Website that can be accessed by both Users and Visitors without needing to log in.

“Restricted Area” means the area of the Website that can be accessed only by Users and where access requires logging in.

“Service” means that Pipedrive Services as defined in the Terms of Service.

“Visitor” means an individual other than a User who uses the Public Area but has no access to the Restricted Area.

2. Roles & Responsibilities

This section outlines Pipedrive's roles and responsibilities concerning the processing of Personal Data:

2.1 Pipedrive as a Data Controller:

This Privacy Notice describes Pipedrive's practices when we act as a data controller. As a data controller, we determine the purposes and means of processing your Personal Data. This includes data collected directly from you, such as when you sign up for an Account, register for events or interact with our Service. It also covers data collected automatically, such as through cookies and tracking technologies, and data we receive from third parties. Our responsibilities include ensuring the lawfulness, fairness, and transparency of data processing and safeguarding your rights as a data subject.

2.2 Pipedrive as a Data Processor:

If you are a Client and want to understand our data processing practices when we act as a data processor, please refer to the Pipedrive Data Processing Addendum (“DPA”). The DPA provides detailed information about our responsibilities and obligations when processing data on behalf of our Clients. This includes processing Client Data according to the Client's instructions, ensuring data security, and assisting Clients in fulfilling their data protection obligations. We do not own, control, or direct the use of Client Data stored or processed through our Service. Only the Client or User has the right to access, retrieve, and direct the use of such Client Data.

2.3 Data Subject’s and Client’s Responsibilities:

If you are a data subject seeking to exercise your rights (such as access, rectification, deletion, etc.) regarding Personal Data processed by a Pipedrive Client, please contact the Client directly. The Client, as the data controller, is responsible for handling such requests according to applicable data protection laws. Pipedrive processes Client Data solely on behalf of our Clients and according to their instructions. We are largely unaware of the specific data stored by Clients and do not directly access such data except as authorized by the Client or as necessary to provide our Service.

For any questions or further clarification on these roles, please contact our Data Protection Officer at [email protected].

3. The Information We Collect

We collect different types of information from or through the Service, including, but not limited, through the methods summarized below.

3.1 Information You Provide Directly to Pipedrive

  • Account signup: When you sign up for an Account to access our Service, we ask for information, like your name, contact number, business email address, company name and country, to complete the Account signup process. You may also provide us with more information, such as your photo, time zone and language, but we don’t require that information to sign up for an Account.

  • Event registrations and other form submissions: We record information that you submit when you (i) register for any event, including webinars or seminars, (ii) subscribe to our newsletter or any other mailing list, (iii) submit a form in order to download any product, whitepaper or other materials, (iv) participate in contests or respond to surveys, or (v) submit a form to request customer support or to contact Pipedrive for any other purpose.

  • Payment processing: When you buy something from us, we ask you to provide your name, contact information, credit card information or other payment account information. When you submit your card information, we store the name and address of the cardholder, the expiration date and the last four digits of the credit card number. We do not store the actual credit card number. For quick processing of future payments, if you have given us your approval, we may store your credit card information or other payment information in an encrypted format in the secured servers of our Payment Gateway Service Providers.

  • Testimonials: When you authorize us to post testimonials about our Service on websites, we may include your name and other Personal Data in the testimonial. You will be given an opportunity to review and approve the testimonial before we post it. If you wish to update or delete your testimonial, you can contact us at [email protected].

  • Interactions with Pipedrive: We may record, analyze and use your interactions with us, including email, telephone, and chat conversations with our sales and customer support professionals, to improve our interactions with you and other customers.

3.2 Automatically Collected Information

  • Information from browsers, devices and servers: When you visit our Website, we collect information that web browsers, mobile devices and servers make available, such as the internet protocol address, browser type, language preference, time zone, referring URL, date and time of access, operating system, mobile device manufacturer and mobile network information. We include these in our log files to understand more about Visitors to our Website and accommodate our Websites to the Visitors.

  • Information from cookies and tracking technologies: We use temporary and permanent cookies to identify Visitors and Users and to enhance user experience. We embed unique identifiers in our downloadable products to track usage of the products. We also use cookies, beacons, tags, scripts, and other similar technologies to identify Visitors, track Website navigation, gather demographic information about Visitors and Users, understand email campaign effectiveness and target visitor and user engagement. You can learn more about the cookies used on our Website and change your Cookie settings in our Cookie Notice.

  • Information from application logs and mobile analytics: We collect information about your and your end-users’ use of our Service from application logs and in-house usage analytics tools and use it to understand how your use and needs can improve our Service. This information includes clicks, scrolls, features accessed, access time and frequency, errors generated, performance data, storage utilized, user settings and configurations, and devices used to access and their locations.

3.4 Information We Collect from Third Parties

  • Signups using federated authentication service providers: You can log in to the Service using supported federated authentication service providers, such as LinkedIn, Microsoft and Google. These services will authenticate your identity and give you the option to share certain Personal Data with us, such as your name and email address. You should check your privacy settings on each integrated service to understand what information that integrated service makes available to us and make changes as appropriate. Please review each integrated service’s terms of use and privacy notices carefully before using their services and connecting to our Service.

  • Referrals: If someone has referred our Service to you through any of our referral programs, that person/entity may have provided us with your name, email address and other Personal Data. You may contact us at [email protected] to request that we remove your information from our database. If you provide us information about another person, or if another person/entity gives us your information, we will only use that information for the specific reason for which it was provided to us.

  • Information from our resellers, partners and service providers: If you contact any of our resellers, partners or service providers or otherwise express interest in our Service to them (e.g., by filling out a form and opting in to be contacted by Pipedrive), the resellers, partners or service providers may pass your name, email address, company name and other information to Pipedrive. If you register for or attend an event that Pipedrive sponsors, the event organizer may share your information with us. Pipedrive may also receive information about you from review sites if you comment on any review of our Service and from other third party service providers we engage to market our Service.

  • Information we collect and process when you integrate the Service with third parties: You may connect third party integrations to your Pipedrive Account, which may ask for certain permissions to access data or send information to or from your Pipedrive Account. It is your responsibility to review any third party integrations you authorize. We may collect information about the types of integrations you use in your Pipedrive Account. Any permission(s) granted by you grants these third parties access to your data, which may include (but is not limited to) granting third party applications access to view, store, and modify the Client Data on your Pipedrive Account. We are not responsible for the practices of third party integrations, so please carefully review the permissions you grant to third party applications. For more information on integrations with third party providers, please see here.

  • Information from social media sites and other publicly available sources: When you provide feedback or reviews about our Service, interact, or engage with us on marketplaces, review sites or social media sites, such as Facebook, X (Twitter), LinkedIn and Instagram through posts, comments, questions and other interactions, we may collect such publicly available information, including profile information, to allow us to connect with you, improve our Service, better understand User reactions and issues, or to reproduce and publish your feedback on our Website. We must tell you that once collected, this information may remain with us even if you delete it from these sites. Pipedrive may also add and update information about you from other publicly available sources.

4. How We Use the Information We Collect

We use the information that we collect in a variety of ways to provide the Service and operate our business, including the following:

4.1 Operations

We use the information to operate, maintain, enhance and provide all features of the Service:

  • To set up and maintain your Account and to do all other things required for providing our Service, such as enabling collaboration, providing Website and email hosting, and backing up and restoring your data;

  • To provide customer support and to analyze and improve our interactions with Clients and Users;

  • To detect and prevent fraudulent transactions and other illegal activities, report spam, and protect the rights and interests of Pipedrive, its Clients and Users, third parties and the public.

4.2 Improvements

We use the information:

  • To understand how Users use our Service, to monitor and prevent problems, and to improve our Service;

  • To analyze trends, administer our Website, and track visitor navigations on our Website to understand what Visitors are looking for and to better help them;

If this purpose requires Pipedrive to process Client Data, the data will only be used in anonymized or aggregated form.

4.3 Communications

In addition to the purposes mentioned above, we may use your information for the following purposes:

  • To communicate with you (such as through email) about products and materials that you have downloaded and services that you have signed up for, changes to this Notice, to the Terms of Service, the list of Sub-processors, or other important notices;

  • To keep you posted on new additions to our Service, upcoming events, offers, promotions and other information that we think will be of interest to you;

  • To ask you to participate in surveys or to solicit feedback on our Service.

4.4 Analytics

  • To update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to you;

  • To monitor and improve marketing campaigns and make suggestions relevant to the User. This includes (i) retargeting Users interested in our Service, (ii) identifying and engaging new audiences similar to our high-value Clients, and (iii) ensuring that Clients who have completed actions like purchases do not receive irrelevant advertisements.

4.5 Legal Bases for Processing Personal Data (for United Kingdom and European Economic Area and Other Relevant Jurisdictions)

If you are an individual in the United Kingdom, the European Economic Area (EEA), or in another relevant jurisdiction, we collect and process information about you only where we have a legal basis or bases for doing so under applicable laws. The legal bases depend on the Service that your organization has purchased from Pipedrive, how such Service is used, how you choose to interact and communicate with Pipedrive’s Website and systems, and whether you attend Pipedrive events. This means we collect and use your Personal Data only where:

  • We need it to operate and provide you with our Service, customer support and personalized features;

  • It satisfies a legitimate interest of Pipedrive (which is not overridden by your data protection interests and rights), such as to protect the safety and security of our Service and Users, for research and development, to provide information to you about our Service that we believe you and your organization may find useful, to monitor and improve marketing campaigns and to protect our legal rights and interests;

  • You give us consent to do so for a specific purpose; or

  • We need to comply with a legal obligation.

Where we rely on legitimate interests to process your Personal Data, you can object to that processing as described below under “Your Choices.” In response to your objection, we will stop processing your information for the relevant purposes unless we have compelling grounds in the circumstances or the processing is necessary in the context of legal claims. Pipedrive may also process other information that constitutes your Personal Data for direct marketing purposes and you have a right to object to Pipedrive’s use of your Personal Data for this purpose at any time.

Where we rely on consent to process your Personal Data, you can withdraw consent at any time as described below under “Your Choices.”

4.6 Additional Limits on Use of Your Google User Data

Notwithstanding anything else in this Notice, if you provide Pipedrive access to your Google data (e.g. when you enable the email sync feature with your Google account), Pipedrive’s use of that data will be subject to these additional restrictions:

  • Pipedrive will only use access to read, write, modify or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows Users to compose, send, read, and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.

  • Pipedrive will not use this Gmail data for serving advertisements.

  • Pipedrive will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes, such as investigating abuse, to comply with applicable law, or for Pipedrive’s internal operations and even then only when the data have been aggregated and anonymized.

Pipedrive’s use of information received and Pipedrive’s transfer of information to any other app from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

5. To Whom We Disclose Information

Except as described in this Notice, we will not intentionally disclose the Personal Data that we collect or store on the Service to third parties without the consent of the applicable Visitor, User or Client. We may disclose information to third parties if you consent to us doing so. In addition, we may disclosure information under the following circumstances:

5.1 Unrestricted Information

Any information you voluntarily choose to include in a Public Area of the Service, such as a public profile page, will be available to any Visitor or User with access to that content. For example, we make available various community forums and self-help support materials, as well as blogs and other means for you to post information on our Website. This information you post is publicly-available information that you choose to disclose, and it may be read, collected, and processed by others who visit the Website. Except for your username (which may be your real name) and the details that you choose to include in your profile, the categories of data disclosed in these circumstances will depend on what information you choose to provide. Your posts and certain profile information may remain even after you terminate your Pipedrive account. We urge you to consider the sensitivity of any information you may disclose in this way. We will correct or delete any information you have posted on the Website if you so request, as described in "Your Choices" below. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to and why.

5.2 Other Users in Your Company Account

Information about your use of the Service is available to the Administrator(s) of your Pipedrive Account and, depending on the settings chosen by the Account Users, also to other Users for the purposes of providing the Service.

Please note that while Administrator(s) have overall control, individual Users control the visibility of their synced emails. Each User is responsible for the contents of their Mail tab, which cannot be altered by any other User in the Account. For additional information on how to set up email visibility, please check the following article.

5.3 Service Providers

We work with third party service providers who provide Website, application development, hosting, maintenance, security and fraud detection, and other services for us. These third parties may have access to or process Personal Data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information.

5.4 Social Media

Pipedrive’s Website may use social media features, such as the Facebook “like” button, LinkedIn and X (Twitter) sharing features, and other similar widgets (“Social Media Features”). You may be given the option by such Social Media Features to post information about your activities on a Website to a profile page of yours that is provided by a third party social media network in order to share content with others within your network. Social Media Features are either hosted by the respective social media network, or hosted directly on our Website. To the extent the Social Media Features are hosted by the respective social media networks and you click through to these from our Website, the latter may receive information showing that you have visited our Website. If you are logged in to your social media account, it is possible that the respective social media network can link your visit to our Website with your social media profile. Your interactions with Social Media Features are governed by the privacy notices (and any other applicable terms) of the respective companies that provide the relevant Social Media Features.

5.5 Advertising and Marketing

We partner with third party ad networks to display advertising on our Website or to manage our advertising on other sites. Our ad network partners use cookies, web beacons, and data we share with them to collect information about your activities on our website and other websites and provide you with targeted advertising based on your interests. If you wish not to have your information used for the purpose of serving you targeted ads, you may opt out by using these services: https://optout.networkadvertising.org/ or https://optout.aboutads.info/ (or if located in the European Union, by clicking here: http://www.youronlinechoices.eu/). Please note this does not opt you out of being served advertising, you will continue to receive generic ads. Please refer to Section 10.2 of this Notice for detailed instructions about opting out of specific data processing activities.

5.6 Partners

We may share data with trusted Pipedrive partners to contact you about products or services that are complimentary to Pipedrive’s services, help us perform statistical analysis, provide sales support, or provide customer support. Partners are prohibited from using your Personal Data except for these purposes, and they are required to maintain the confidentiality of your data. We partner with trusted third parties to provide content that we think may be relevant to you. When you engage with these partners, a partner will provide a link to the partner’s privacy notice so you can learn how to opt out of the partner’s communications. These partners are required to adhere to our privacy and data protection policies. For more information on our partner program, see this page. If you do not want us to share your Personal Data with these companies, please contact our partner's team at [email protected].

5.7 Non-Personally Identifiable Information

We may make certain automatically-collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including (i) compliance with various reporting obligations, (ii) for business or marketing purposes, or (iii) to assist such parties in understanding our Clients’, Users’ and Visitors’ interests, habits, and usage patterns for certain programs, content, services, and/or functionality available through the Service, all of the foregoing being subject to additional limits on use of your data as stated in this Notice.

5.8 Law Enforcement, Legal Process and Compliance

We may disclose Personal Data or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies. We may make such disclosures without notifying you, as we determine in our sole discretion. We also reserve the right to disclose Personal Data or other information that we believe, in good faith, is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third party claims or allegations, (iv) protect the security or integrity of the Service and any facilities or equipment used to make the Service available, (v) protect our property or other legal rights, enforce our contracts, or protect the rights, property, or safety of others, or (iv) comply with applicable law.

5.9 Change of Ownership

Information about Users and Visitors, including Personal Data, may be disclosed and otherwise transferred to an acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.

6. Data Security

At Pipedrive, we take data security very seriously. We have taken steps to implement appropriate administrative, technical, and physical safeguards to prevent unauthorized access, use, modification, disclosure or destruction of the information you entrust to us. These measures have been audited and certified to industry standards. However, no security system is perfect, and due to the inherent nature of the Internet, we cannot guarantee that data, including Personal Data, is absolutely safe from intrusion or other unauthorized access by others. You are responsible for protecting your password(s) and other authentication factors and maintaining the security of your devices. To learn more about current practices, auditors’ certifications and policies regarding the security and confidentiality of the Services, please visit our Trust Center.

If you believe your Personal Data has been compromised, please contact us as set forth in the “How to Contact Us” section. If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.

7. International Data Transfers

Pipedrive may transfer your Personal Data to countries other than the one in which you live, including transfers to the United States. To the extent that Personal Data is transferred abroad, Pipedrive will ensure compliance with the requirements of the applicable laws in the respective jurisdiction in line with Pipedrive’s obligations.

In particular, we offer the following safeguards if Pipedrive transfers Personal Data from jurisdictions with differing data protection laws:

  • Standard Contractual Clauses: Pipedrive uses Standard Contractual Clauses approved by the European Commission (and the equivalent standard contractual clauses for the UK, where appropriate) for transfers to countries not subject to an adequacy decision by the European Commission or your local legislature and/or regulator.

  • Data Privacy Framework (DPF): Pipedrive participates in and complies with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF (DPF) set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data of individuals in the European Union and the UK. Pipedrive Inc. has been certified by the Department of Commerce that it adheres to the DPF Principles, including the onward transfer liability provisions. If there is any conflict between the terms in this Notice and the DPF Principles, the Principles shall govern. To learn more about the DPF and to view our certification, please visit the DPF website. Please note that we do not rely on DPF as a data transfer mechanism.

For information about sharing your Personal Data, onward transfers, and your choices to opt out, please see Sections 5 and 10.2 of this Notice. Pipedrive does not process any “sensitive information” (as defined under the DPF; i.e., personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual); furthermore, the Pipedrive Terms of Service forbid you to process any Sensitive Information in the Pipedrive Service (as defined in the Terms of Service).

In compliance with the DPF Principles, Pipedrive commits to resolving complaints about our collection or use of your Personal Data. EU and UK individuals with inquiries or complaints regarding our DPF policy should first contact Pipedrive’s Data Protection Officer at [email protected]. Pipedrive has further committed to cooperate with the panel established by the data protection authorities concerning unresolved DPF complaints concerning human resources data and non-human resources data transferred from the EU and the UK. Please visit this link to access the relevant contact details of EU (and EEA) data protection authorities and this link to access the relevant contact details of the UK Information Commissioner’s Office (ICO). If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims when other dispute resolution procedures have been exhausted. See here for more information on the arbitration procedure.

In any matters relating to DPF, Pipedrive Inc. is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and/or the U.S. Department of Transportation (DOT).

8. Minors and Children’s Privacy

Protecting the privacy of children is especially important. Our Service is not directed to nor intended for children under the age of 18, and we do not knowingly collect Personal Data from children under the age of 18. If you are under 18 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Data has been collected on the Service from persons under 18 years of age and without verifiable parental consent, then appropriate steps will be taken to delete this information. If you are a parent or guardian and discover that your child under 18 years of age has obtained an Account on the Service, then you may alert us at [email protected] and request that we delete that child’s Personal Data from our systems.

9. Data Retention

We will retain your Personal Data for a period of time that is consistent with the original purpose of the data collection, or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. When we no longer have a legitimate need to process your information, we will delete or anonymize your information from our active databases. We will also securely store the information and isolate it from further processing on backup discs until deletion is possible.

For Client Data processed within the Service:

  • The contents of closed Accounts are deleted within 180 days of the date of closure;

  • The content of closed Free Trial Accounts are deleted within 60 days of the date of closure; and

  • Server archival backups are kept for 90 days.

10. Your Choices

10.1 Your Rights with Respect to Information We Hold About You as a Controller

  • Right to access: You have the right to know which data we hold about you (if any).

  • Right to data rectification: You have the right to require corrections to your Personal Data in case they are inaccurate or incomplete.

  • Right to data deletion: You have the right, under certain conditions, to request the deletion of your Personal Data, including in situations where the processing of your Personal Data is no longer necessary for the purposes for which it was collected, or if the processing of your Personal Data was based on your consent, you wish to withdraw your consent, and there are no other grounds for processing your Personal Data.

  • Right to restriction of processing: You may also have the right to request to restrict the use of your Personal Data in certain circumstances, such as when you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

  • Right to data portability: You have the right to transfer your Personal Data to a third party in a structured, commonly used and machine-readable format, in circumstances where the information is processed with your consent or on the basis of contract and by automated means.

  • Right to object: You have the right to object to the use of your Personal Data in certain circumstances, such as when the processing is based on legitimate interest and in the use for direct marketing.

  • Right to complain: You have the right to complain to the appropriate supervisory authority if you have any grievance against the way we collect, use or share your information. The contact details of EEA supervisory authorities are available here and of the UK ICO here.

We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Service. If you wish to access or amend any other Personal Data we hold about you, or to request that we delete or transfer any information about you that we have obtained from an Integrated Service, you may contact us as set forth in the “How to Contact Us” section. At your request, we will have any reference to you deleted or blocked in our database. Additionally:

  • You may update, correct, or delete your Account information and preferences at any time by accessing your Account settings page on the Service. Please note that while any changes you make will be reflected in active User databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

  • You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Service.

  • You can choose not to provide optional profile information, such as your photo. You can also delete or change your optional profile information from your Account settings page.

  • You can always choose not to fill in non-mandatory fields when you submit any form linked to our Website.

10.2 Opting out

To comply with data protection regulations and ensure your privacy, Pipedrive provides you with the following options to opt out of different data processing activities:

  • Marketing purposes. You may opt out of sharing your Personal Data with third-party service providers for advertising and marketing purposes, as detailed above in Section 5.5. You can submit a request to opt out here. Pipedrive will verify that the information you submit matches our records before fulfilling your request. Additionally, you can opt out by selecting your choice in the “Marketing preferences” tab on the Service.

  • Cookies. You can change your cookie settings by clicking here or on the “Cookies Settings” link at the bottom of our Website (www.pipedrive.com) and selecting your preferences on that page.

  • Commercial Communications. You may opt out of receiving newsletters and other non-essential messages by using the “unsubscribe” function included in all such messages or by sending an email to the address provided in the “How to Contact Us” section. Please note that you will continue to receive essential notices and emails, such as Account notification emails (password change, renewal reminders, etc.), security incident alerts, security and privacy update notifications, and essential transactional and payment-related emails. Users can view and modify settings relating to the nature and frequency of promotional communications they receive from us by accessing the “Marketing preferences” tab on the Service.

  • Navigation Information. You may opt out from the collection of navigation information about your visit to the Website by Google Analytics by using the Google Analytics Opt-out feature. You can disable browser cookies before visiting our Website. However, if you do so, you may not be able to use certain Website features properly.

Lastly, you can always opt out of certain communications by reaching out to [email protected].

10.3 Information processed on Pipedrive Client’s behalf

Pipedrive has no direct relationship with the Client’s customers or third parties whose Personal Data it may process on behalf of a Client. An individual who seeks access, or who seeks to correct, amend, delete inaccurate data or withdraw consent for further contact should direct his or her query to the Client or User they deal with directly.

Pipedrive Clients can delete, amend or block access to Personal Data inside Pipedrive application, or by contacting Pipedrive Support.

11. Your California Privacy Rights

Under the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights to understand and request that we disclose details about how we handle your Personal Data. To learn more about how we collect, use, disclose, and share your Personal Data, please see below.

11.1 Categories of Personal Data Collected

In the preceding 12 months, we have collected the following categories of Personal Data about California consumers. We may collect this Personal Data directly from you, from third parties, and from your interactions with us. For additional details about the Personal Data that we collect and the sources from which we collect this Personal Data, please review Section 3 above. The Personal Data categories are:

  • Identifiers, such as name, email address, address, and phone number;

  • Commercial information, such as records of products or services purchased and other transactional data;

  • Internet or other network or device activity details, such as technical data about your use of our Website and Service;

  • Geolocation data, such as your approximate location based on IP address;

  • Financial information, such as payment information or financial account numbers in the process of providing you with a subscription;

  • Other Personal Data, in instances when you interact with us online, by phone or mail in the context of receiving help through our help desks or other support channels; participation in customer surveys or contests; or in providing the Service;

  • Inferences drawn from any of the above information.

We may retain this Personal Data for as long as is needed for the purpose(s) for which it was collected and no longer than is relevant and reasonably necessary. Our retention periods vary based on business, legal, and regulatory needs.

11.2 Business and Commercial Purposes for Collection; Disclosures for a Business Purpose

We may collect all of the above categories of Personal Data to run our business and carry out our day-to-day activities, as described above in Section 4. We have disclosed each of these categories of Personal Data with our service providers for various business purposes, as described above in Section 5, in the preceding 12 months.

11.3 Categories of Personal Data Sold or Shared for Cross-Context Behavioral Advertising

In the preceding 12 months, we have disclosed the above categories of Personal Data to third party advertising partners, such as in connection with our use of tracking technologies for cross-context behavioral advertising or by providing lists of email addresses for potential customers, so that we can reach you across the web with advertisements for our products and services. This may be considered “sharing” or a “sale” under the CCPA. You can read more about our sharing and sales activities above in Section 3 and Section 5. Pipedrive does not have actual knowledge that it sells or shares the Personal Data of consumers under 16 years of age.

11.4 Your Rights

The CCPA gives you certain rights regarding the Personal Data we collect about you:

  • Right to Know About Personal Data Collected, Disclosed, or Sold: You have the right to request to know what Personal Data we collect, use, disclose, share and sell about you.

  • Right to Request Deletion of Personal Data: You have the right to request the deletion of your Personal Data collected or maintained by us as a business.

  • Right to Opt Out of the Sale or Sharing of Personal Data: You have the right to opt out of the sale of your Personal Data by us as a business. Pipedrive shares Personal Data as described above, which may be considered a “sale” of Personal Data under the CCPA.

If you wish to opt out of specific data processing activities, please refer to Section 10.2 of this Notice for detailed instructions. You may also opt out by broadcasting an opt-out preference signal like the Global Privacy Control (GPC), but please note that this signal will be linked to your browser only. If you wish to learn more about the GPC and how to use a browser or browser extension incorporating the GPC signal, you can visit the GPC website here.

  • Right to Limit the Use and Disclosure of Sensitive Personal Data: In some instances, we may use or disclose your Sensitive Personal Data for legitimate business purposes as outlined under the CCPA, and for any other purposes as set forth in Section 4, above.

  • Right to Correct Inaccurate Personal Data: You have the right to request the correction of your Personal Data if it is inaccurate and you may submit a request as further described below.

  • Right to Non-Discrimination for the Exercise of Your Privacy Rights: You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights conferred by the CCPA.

11.5. How to Exercise Your California Rights

  • You can exercise your rights yourself or you can alternatively designate an authorized agent to exercise these rights on your behalf. Please note that to protect your Personal Data, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent's identity to protect your Personal Data.

  • We do not provide any financial incentives tied to the collection, sale, or deletion of your Personal Data.

If you would like to make a request and exercise your rights described above, please contact us via [email protected].

12. Do Not Track (DNT) requests

Some internet browsers have enabled 'Do Not Track' (DNT) features, which send out a signal (called the DNT signal) to the websites that you visit indicating that you don't wish to be tracked. Currently, there is no standard that governs what websites can or should do when they receive these signals. For now, we do not take action in response to these signals.

In the meantime, you may opt out of receiving interest based advertising from advertising networks by visiting the following websites: http://www.aboutads.info/consumers and http://www.networkadvertising.org. This will opt you out of many – but not all - of the interest-based advertising activities in which we or third parties engage. Choices you make may be browser and device specific. If you delete your cookies or use a different browser or a different computer or device, you may need to update your opt-out choices.

13. Changes and Updates to this Notice

Please revisit this page periodically to stay aware of any changes to this Notice, which we may update from time to time. If we modify the Notice, we will make it available through the Service and indicate the latest revision date. Your continued use of the Service after the revised Notice has become effective indicates that you have read, understood and agreed to the current version of the Notice.

14. How to Contact Us

Please contact us with any questions or comments about this Notice, your Personal Data, our use and disclosure practices, or your consent choices by email at [email protected]. If you have any concerns or complaints about this Notice or your Personal Data, you may contact Pipedrive’s Data Protection Officer by email at [email protected].