Current as of September 15, 2023
Welcome, and thank you for your interest in Pipedrive (“Pipedrive”, “we,” or “us”), our web site at https://www.pipedrive.com (the “Site”), and all related web sites, downloadable software, mobile applications (including tablet applications), and other services provided by us and on which a link to this Privacy Notice is displayed, and all other communications with individuals though from written or oral means, such as email or phone (collectively, together with the Site, our “Service”).
This Privacy Notice (“Policy”) describes the information that we gather on or through the Service, how we use and disclose such information, and the steps we take to protect such information.
This Policy is incorporated into, and is subject to, the Pipedrive Terms of Service. Capitalized terms used but not defined in this Policy have the meaning given to them in the Pipedrive Terms of Service.
The addresses of our offices, where Pipedrive, Inc. and our affiliates are located, can be found at https://www.pipedrive.com/en/about.
“Client” means a customer of Pipedrive.
“Client Data“ means personal data, reports, addresses, and other files, folders or documents in electronic form that a User of the Service stores within the Service.
“Personal Data” means any information relating to an identified or identifiable natural person.
“Public Area” means the area of the Site that can be accessed both by Users and Visitors, without needing to log in.
“Restricted Area” means the area of the Site that can be accessed only by Users, and where access requires logging in.
“User” means an employee, agent, or representative of a Client, who primarily uses the restricted areas of the Site for the purpose of accessing the Service in such capacity.
“Visitor” means an individual other than a User, who uses the public area, but has no access to the restricted areas of the Site or Service.
2. Roles & Responsibilities
Pipedrive is the controller of your Personal Data, as described in this Privacy Notice, unless otherwise stated.
Please note that this Privacy Notice does not apply to the extent that we process Personal Data in the role of a processor (or a comparable role such as a “service provider” in certain jurisdictions) on behalf of our Clients, including where we offer to our Clients various cloud products and services, through which our Clients (and/or their affiliates) connect their own websites and applications to our hosted platform, sell or offer their own products and services, send electronic communications to other individuals, or otherwise collect, use, share or process Personal Data via our cloud products and services. In such cases, Pipedrive does not own, control or direct the use of any of the Client Data stored or processed by a Client or User via the Service. Only the Client or Users are entitled to access, retrieve and direct the use of such Client Data. The Client or the User is the data controller under the Regulation for any Client Data containing Personal Data.
For detailed privacy information applicable to situations where a Pipedrive Client (and/or a Client affiliate) who uses Pipedrive’s cloud products and services is the controller, please reach out to the respective Client directly. We are not responsible for the privacy or data security practices of our Clients, which may differ from those set forth in this Privacy Notice. If not stated otherwise either in this Privacy Notice or in a separate disclosure, we process such Personal Data in the role of a processor or service provider on behalf of a Client (and/or its affiliates), who is the responsible controller of the applicable Personal Data.
If your Personal Data has been submitted to us by or on behalf of a Pipedrive Client and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable Client directly.
Pipedrive is largely unaware of what Client Data is actually being stored or made available by a Client or User to the Service and does not directly access such Client Data except as authorized by the Client, or as necessary to provide Services to the Client and its Users.
Except as provided in this Privacy Notice, Pipedrive does not independently cause Client Data containing Personal Data stored in connection with the Services to be transferred or otherwise made available to third parties, except to third party Subprocessors who may process such data on behalf of Pipedrive in connection with Pipedrive’s provision of Services to Clients.
Pipedrive is not responsible for the content of the Personal Data contained in the Client Data or other information stored on its servers (or its subprocessors’ servers) at the discretion of the Client or User nor is Pipedrive responsible for the manner in which the Client or User collects, handles disclosure, distributes or otherwise processes such information.
If you are a Pipedrive Client and need a signed Data Processing Addendum in addition to the Terms of Service and Privacy Notice, you can find the document signed on behalf of Pipedrive here.
3. The Information We Collect
We collect different types of information from or through the Service.
3.1 Information you provide directly to Pipedrive
Account signup: When you sign up for an account to access one or more of our services, we ask for information like your name, contact number, email address, company name and country to complete the account signup process. You may also provide us with more information such as your photo, time zone and language, but we don’t require that information to sign up for an account.
Event registrations and other form submissions: We record information that you submit when you (i) register for any event, including webinars or seminars, (ii) subscribe to our newsletter or any other mailing list, (iii) submit a form in order to download any product, whitepaper, or other materials, (iv) participate in contests or respond to surveys, or (v) submit a form to request customer support, or to contact Pipedrive for any other purpose.
Payment processing: When you buy something from us, we ask you to provide your name, contact information, and credit card information or other payment account information. When you submit your card information, we store the name and address of the cardholder, the expiry date and the last four digits of the credit card number. We do not store the actual credit card number. For quick processing of future payments, if you have given us your approval, we may store your credit card information or other payment information in an encrypted format in the secured servers of our Payment Gateway Service Providers
Testimonials: When you authorize us to post testimonials about our products and services on websites, we may include your name and other personal information in the testimonial. You will be given an opportunity to review and approve the testimonial before we post it. If you wish to update or delete your testimonial, you can contact us at [email protected].
Interactions with Pipedrive: We may record, analyze and use your interactions with us, including email, telephone, and chat conversations with our sales and customer support professionals, for improving our interactions with you and other customers
3.2 Information Collected by Clients
A Client or User may store or upload Client Data into the Service. Pipedrive has no direct relationship with the individuals whose Personal Data it hosts as part of Client Data. Each Client is responsible for providing notice to its customers and third persons concerning the purpose for which Client collects their Personal Data and how this Personal Data is processed in or through the Service as part of Client Data.
3.3 Automatically Collected Information
Information from browsers, devices and servers: When you visit our websites, we collect information that web browsers, mobile devices and servers make available, such as the internet protocol address, browser type, language preference, time zone, referring URL, date and time of access, operating system, mobile device manufacturer and mobile network information. We include these in our log files to understand more about visitors to our websites.
Information from application logs and mobile analytics: We collect information about your use of our products, services and mobile applications from application logs and in-house usage analytics tools, and use it to understand how your use and needs can improve our products. This information includes clicks, scrolls, features accessed, access time and frequency, errors generated, performance data, storage utilized, user settings and configurations, and devices used to access and their locations.
3.4 Information that we collect from third parties
Referrals: If someone has referred any of our products or services to you through any of our referral programs, that person may have provided us your name, email address and other personal information. You may contact us at [email protected] to request that we remove your information from our database. If you provide us information about another person, or if another person gives us your information, we will only use that information for the specific reason for which it was provided to us.
Information from our reselling partners and service providers: If you contact any of our reselling partners, or otherwise express interest in any of our products or services to them, the reselling partner may pass your name, email address, company name and other information to Pipedrive. If you register for or attend an event that is sponsored by Pipedrive, the event organizer may share your information with us. Pipedrive may also receive information about you from review sites if you comment on any review of our products and services, and from other third-party service providers that we engage for marketing our products and services.
Information we collect and process when you integrate the Service with third parties: You may connect third party integrations to your Pipedrive account, which may ask for certain permissions to access data or send information to or from your Pipedrive account. It is your responsibility to review any third party integrations you authorize. We may collect information about what types of integrations you use in your Pipedrive account. Any permission(s) granted by you, grants these third parties access to your data, which may include (but is not limited to) granting third party applications access to view, store, and modify your Pipedrive account data. We are not responsible for the practices of third party integrations, so please carefully review the permissions you grant to third party applications. For more information on integrations with third party providers, please see here.
Information from social media sites and other publicly available sources: When you provide feedback or reviews about our products, interact, or engage with us on marketplaces, review sites or social media sites such as Facebook, Twitter, LinkedIn and Instagram through posts, comments, questions and other interactions, we may collect such publicly available information, including profile information, to allow us to connect with you, improve our products, better understand user reactions and issues, or to reproduce and publish your feedback on our websites. We must tell you that once collected, this information may remain with us even if you delete it from these sites. Pipedrive may also add and update information about you, from other publicly available sources.
4. How We Use the Information We Collect
We use the information that we collect in a variety of ways in providing the Service and operating our business, including the following:
We use the information – other than Client Data - to operate, maintain, enhance and provide all features of the Service.
To set up and maintain your account, and to do all other things required for providing our services, such as enabling collaboration, providing website and email hosting, and backing up and restoring your data;
To provide customer support, and to analyze and improve our interactions with customers;
To detect and prevent fraudulent transactions and other illegal activities, to report spam, and to protect the rights and interests of Pipedrive, Pipedrive's users, third parties and the public.
We process Client Data solely in accordance with the directions provided by the applicable Client or User.
We use the information:
To understand how users use our products and services, to monitor and prevent problems, and to improve our products and services;
To analyze trends, administer our websites, and track visitor navigations on our websites to understand what visitors are looking for and to better help them;
Should this purpose require Pipedrive to process Client Data, then the data will only be used in anonymized or aggregated form.
In addition to the purposes mentioned above, we may use your information for the following purposes:
To communicate with you (such as through email) about products and materials that you have downloaded and services that you have signed up for, changes to this Privacy Notice, changes to the Terms of Service, or important notices;
To keep you posted on new products and services, upcoming events, offers, promotions and other information that we think will be of interest to you;
To ask you to participate in surveys, or to solicit feedback on our products and services;
To update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to you;
To monitor and improve marketing campaigns and make suggestions relevant to the user.
4.5 Legal Bases for Processing Personal Data (for United Kingdom and European Economic Area and other relevant jurisdictions)
If you are an individual in the United Kingdom, the European Economic Area (EEA), or of another relevant jurisdiction, we collect and process information about you only where we have a legal basis or bases for doing so under applicable laws. The legal bases depend on the products and services that your organization has purchased from Pipedrive, how such products and services are used, and how you choose to interact and communicate with Pipedrive’s websites, systems, and whether you attend Pipedrive events. This means we collect and use your Personal Data only where:
We need it to operate and provide you with our products and services, provide customer support and personalized features, and to protect the safety and security of our products and services;
It satisfies a legitimate interest of Pipedrive’s (which is not overridden by your data protection interests and rights), such as for research and development, to provide information to you about our products and services that we believe you and your organization may find useful, and to protect our legal rights and interests;
You give us consent to do so for a specific purpose; or
We need to comply with a legal obligation.
Where we rely on legitimate interests to process your Personal Data, you can object to that processing as described below under “Your Choices.” In response to your objection, we will stop processing your information for the relevant purposes unless we have compelling grounds in the circumstances or the processing is necessary in the context of legal claims. Pipedrive may also process other information that constitutes your Personal Data for direct marketing purposes and you have a right to object to Pipedrive’s use of your Personal Data for this purpose at any time.
4.6 Additional Limits on Use of Your Google User Data
Notwithstanding anything else in this Privacy Notice, if you provide Pipedrive access to your Google data (e.g., when you enable the email sync feature with your Google account), Pipedrive’s use of that data will be subject to these additional restrictions:
- Pipedrive will only use access to read, write, modify or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
Pipedrive will not use this Gmail data for serving advertisements.
Pipedrive will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for Pipedrive’s internal operations and even then only when the data have been aggregated and anonymized.
Pipedrive’s use of information received and Pipedrive’s transfer of information to any other app from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
5. To Whom We Disclose Information
Except as described in this Notice, we will not intentionally disclose the Personal Data or Client Data that we collect or store on the Service to third parties without the consent of the applicable Visitor, User or Client. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
5.1 Unrestricted Information
Any information that you voluntarily choose to include in a Public Area of the Service, such as a public profile page, will be available to any Visitor or User who has access to that content.
5.2 Other Users in Your Company Account
Certain information about your use of the Pipedrive Services is available to the administrator(s) of your Pipedrive Account and, depending on the settings chosen by the Users of the Account, also to other Users for the purposes of providing the Pipedrive Services.
5.3 Service Providers
We work with third party service providers who provide website, application development, hosting, maintenance, security and fraud detection, and other services for us. These third parties may have access to, or process Personal Data or Client Data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information.
5.4 Pipedrive Communities, Marketplace and Other User Generated Content
We make available various community forums and self-help support materials, as well as blogs and other means for you to post information on our websites. This information you post is publicly-available information that you choose to disclose and it may be read, collected, and processed by others that visit these websites. Except for username (which may be your real name) and the details that you choose to include in your profile, the categories of data disclosed in these circumstances will depend on what information you choose to provide. Your posts and certain profile information may remain even after you terminate your Pipedrive account. We urge you to consider the sensitivity of any information you may disclose in this way. We will correct or delete any information you have posted on the websites if you so request, as described in Section 10 "Your Choices" below. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to and why.
5.5 Social Media
Pipedrive’s websites may use social media features, such as the Facebook “like” button, LinkedIn and Twitter sharing features, and other similar widgets (“Social Media Features”). You may be given the option by such Social Media Features to post information about your activities on a website to a profile page of yours that is provided by a third-party social media network in order to share content with others within your network. Social Media Features are either hosted by the respective social media network, or hosted directly on our websites. To the extent the Social Media Features are hosted by the respective social media networks and you click through to these from our website, the latter may receive information showing that you have visited our website. If you are logged in to your social media account, it is possible that the respective social media network can link your visit to our websites with your social media profile. Your interactions with Social Media Features are governed by the privacy policies (and any other applicable terms) of the respective companies that provide the relevant Social Media Features.
5.6 Advertising and Marketing
5.8 Non Personally Identifiable Information
We may make certain automatically-collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our Clients’, Users’ and Visitors’ interests, habits, and usage patterns for certain programs, content, services, and/or functionality available through the Service, all of the foregoing being subject to additional limits on use of your data as stated in this Privacy Notice.
5.9 Law Enforcement, Legal Process and Compliance
We may disclose Personal Data or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies. We also reserve the right to disclose Personal Data or other information that we believe, in good faith, is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of the Service and any facilities or equipment used to make the Service available, or (v) protect our property or other legal rights, enforce our contracts, or protect the rights, property, or safety of others.
5.10 Change of Ownership
6. Data Security
At Pipedrive, we take data security very seriously. We have taken steps to implement appropriate administrative, technical & physical safeguards to prevent unauthorized access, use, modification, disclosure or destruction of the information you entrust to us. These measures have been audited and certified to industry standards. However, no security system is perfect, and due to the inherent nature of the Internet, we cannot guarantee that data, including Personal Data, is absolutely safe from intrusion or other unauthorized access by others. You are responsible for protecting your password(s) and other authentication factors, as well as maintaining the security of your devices. To learn more about current practices, auditors’ certifications and policies regarding security and confidentiality of the Services, please visit our Privacy and Security page. If you believe your Personal Data has been compromised, please contact us as set forth in the “How to Contact Us” section. If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.
7. International Data Transfers
Pipedrive may transfer your Personal Data to countries other than the one in which you live, including transfers to the United States. To the extent that Personal Data is transferred abroad, Pipedrive will ensure compliance with the requirements of the applicable laws in the respective jurisdiction in line with Pipedrive’s obligations.
In particular, we offer the following safeguards if Pipedrive transfers Personal Data from jurisdictions with differing data protection laws:
European Commission’s Standard Contractual Clauses. Pipedrive uses Standard Contractual Clauses approved by the European Commission (and the equivalent standard contractual clauses for the UK where appropriate) for transfers to countries not subject to an adequacy decision by the European Commission or your local legislature and/or regulator. A copy of our standard data processing addendum, incorporating the Standard Contractual Clauses, is available here.
EU-US Data Privacy Framework; Pipedrive participates and complies with the EU-U.S. Data Privacy Framework set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information of individuals in the European Union. Pipedrive Inc. has been certified by the Department of Commerce that it adheres to the Data Privacy Framework Principles, including the onward transfer liability provisions. Please note that we do not rely on the EU-US Data Privacy Frameworks as a data transfer mechanism. To learn more about the Data Privacy Framework program and to view our certification, please visit https://www.dataprivacyframework.gov/s/. In compliance with the Data Privacy Framework Principles, Pipedrive commits to resolving complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our EU-US DPF policy should first contact Pipedrive’s Data Protection Officer at [email protected]. Pipedrive has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) concerning unresolved EU-US Data Privacy Framework complaints concerning human resources data and non-human resources data transferred from the EU, please visit https://ec.europa.eu/newsroom/article29/items/612080 for accessing the DPAs contact details. If your EU-US Data Privacy Framework complaint cannot be resolved through the above channels, under certain conditions,you may invoke binding arbitration for some residual claims when other dispute resolution procedures have been exhausted. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2 for more information on the arbitration procedure.
In any matters relating to the EU-U.S. Data Privacy Framework Pipedrive Inc. is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
8. Minors and Children’s Privacy
Protecting the privacy of young children is especially important. Our Service is not directed nor intended to children under the age of 18, and we do not knowingly collect Personal Data from children under the age of 18. If you are under 18 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Data has been collected on the Service from persons under 18 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 18 years of age has obtained an Account on the Service, then you may alert us at [email protected] and request that we delete that child’s Personal Data from our systems.
9. Data Retention
We will retain your Personal Data for a period of time that is consistent with the original purpose of the data collection, or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. When we no longer have a legitimate need to process your information, we will delete or anonymize your information from our active databases. We will also securely store the information and isolate it from further processing on backup discs until deletion is possible.
For Pipedrive CRM Service:
the contents of closed accounts are deleted within 6 months of the date of closure;
- the content of closed Free Trial Accounts are deleted within 60 days of the date of closure;
- server archival backups are kept for 3 months.
10. Your Choices
10.1 Your rights with respect to information we hold about you as a controller
Right to data rectification – you have the right to require corrections to your Personal Data in case they are inaccurate or incomplete.
Right to data deletion – you have the right under certain conditions to request the deletion of your Personal Data including in situations where the processing of your Personal Data is no longer necessary for the purposes for which it was collected, or if the processing of your Personal Data was based on your consent and you wish to withdraw your consent, and there are no other grounds for processing your Personal Data.
Right to restriction of processing – You may also have the right to request to restrict the use of your information in certain circumstances, such as when you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Right to data portability – You have the right to transfer your information to a third party in a structured, commonly used and machine-readable format, in circumstances where the information is processed with your consent or by automated means.
Right to object – You have the right to object to the use of your information in certain circumstances, such as the use of your personal information for direct marketing.
Right to complain – You have the right to complain to the appropriate supervisory authority if you have any grievance against the way we collect, use or share your information. This right may not be available to you if there is no supervisory authority dealing with data protection in your country.
We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Services. If you wish to access or amend any other Personal Data we hold about you, or to request that we delete or transfer any information about you that we have obtained from an Integrated Service, you may contact us as set forth in the “How to Contact Us” section. At your request, we will have any reference to you deleted or blocked in our database. Additionally,
You may update, correct, or delete your Account information and preferences at any time by accessing your Account settings page on the Service. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Service.
Optional information: You can choose not to provide optional profile information such as your photo. You can also delete or change your optional profile information.
You can always choose not to fill in non-mandatory fields when you submit any form linked to our websites.
At any time, you may object to the processing of your Personal Data, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact Pipedrive’s Data Protection Officer at [email protected].
10.2 Navigation Information
You may opt out from the collection of navigation information about your visit to the Site by Google Analytics by using the Google Analytics Opt-out feature. You can disable browser cookies before visiting our websites. However, if you do so, you may not be able to use certain features of the websites properly.
10.3 Opting out from Commercial Communications
You may opt out of receiving newsletters and other non-essential messages by using the ‘unsubscribe' function included in all such messages or by sending an email to the address provided in the “How to Contact Us” section. Please note that you will continue to receive essential notices and emails such as account notification emails (password change, renewal reminders, etc.), security incident alerts, security and privacy update notifications, and essential transactional and payment related emails. Users are able to view and modify settings relating to the nature and frequency of promotional communications that they receive from us by accessing the “Account functionality” tab on the Service.
10.4 Information processed on Pipedrive Client’s behalf
Pipedrive has no direct relationship with the Client’s customers or third party whose Personal Data it may process on behalf of a Client. An individual who seeks access, or who seeks to correct, amend, delete inaccurate data or withdraw consent for further contact should direct his or her query to the Client or User they deal with directly.
Pipedrive Clients can delete, amend or block access to any Personal Data inside Pipedrive application, or by contacting Pipedrive Support.
11. Your California Privacy Rights
Under the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights to understand and request that we disclose details about how we handle your Personal Data. To learn more about how we collect, use, disclose, and share your Personal Data, please see below.
11.1 Categories of Personal Data Collected
In the preceding 12 months, we have collected the following categories of Personal Data about California consumers. We may collect this Personal Data directly from you, from third parties, and from your interactions with us. For additional details about the Personal Data that we collect and the sources from which we collect this Personal Data, please review Section 3 above. The Personal Data categories are:
Identifiers, such as name, email address, address, and phone number;
Commercial information, such as records of products or services purchased and other transactional data;
Internet or other network or device activity details, such as technical data about your use of our website, products and services;
Geolocation data, such as your approximate location based on IP address;
Financial information, such as Payment Information or financial account numbers in the process of providing you with a subscription.
Other Personal Information, in instances when you interact with us online, by phone or mail in the context of receiving help through our help desks or other support channels; participation in customer surveys or contests; or in providing the Service.
Inferences drawn from any of the above information.
We may retain this Personal Data for as long as is needed for the purpose(s) for which it was collected and no longer than is relevant and reasonably necessary. Our retention periods vary based on business, legal and regulatory needs.
11.2 Business and Commercial Purposes for Collection; Disclosures for a Business Purpose
We may collect all of the above categories of Personal Data to run our business and carry out our day-to-day activities, as described above in Section 4. We have disclosed each of these categories of Personal Data with our service providers for various business purposes, as described above in Section 5, in the preceding 12 months.
11.3 Categories of Personal Data Sold or Shared for Cross-Context Behavioral Advertising
In the preceding 12 months, we have disclosed the above categories of Personal Data to third-party advertising partners, such as in connection with our use of tracking technologies for cross-context behavioral advertising or by providing lists of email addresses for potential customers, so that we can reach you across the web with advertisements for our products and services. This may be considered “sharing” or a “sale” under the CCPA. You can read more about our sharing and sales activities above in Section 3 and Section 5. Pipedrive does not have actual knowledge that it sells or shares the Personal Data of consumers under 16 years of age.
11.4 Your Rights
The CCPA gives you certain rights regarding the Personal Data we collect about you:
Right to Know About Personal Data Collected, Disclosed, or Sold. You have the right to request to know what Personal Data we collect, use, disclose, share and sell about you.
Right to Request Deletion of Personal Data. You have the right to request the deletion of your Personal Data collected or maintained by us as a business.
Right to Opt-Out of the Sale or Sharing of Personal Data. You have the right to opt-out of the sale of your Personal Data by us as a business. Pipedrive shares Personal Data as described above, which may be considered a “sale” of Personal Data under the CCPA.
You may opt out by clicking here on in the “Cookie notice” link at the bottom of our website (www.pipedrive.com) and selecting your preferences on that page. You may also opt out by broadcasting an opt-out preference signal like the Global Privacy Control (GPC), but please note that this signal will be linked to your browser only. If you wish to learn more about the GPC and how to use a browser or browser extension incorporating the GPC signal, you can visit the GPC website here.
Right to Limit the Use and Disclosure of Sensitive Personal Data. In some instances, we may use or disclose your Sensitive Personal Data for the legitimate business purposes as outlined under the CCPA, and for any other purposes as set forth in Section 4, above.
Right to Correct Inaccurate Personal Data. You have the right to request the correction of your Personal Data if it is inaccurate and you may submit a request as further described below.
Right to Non-Discrimination for the Exercise of Your Privacy Rights. You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights conferred by the CCPA.
11.5. How to Exercise your California Rights
You can exercise your rights yourself or you can alternatively designate an authorized agent to exercise these rights on your behalf. Please note that to protect your Personal Information, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent's identity to protect your Personal Information.
Financial Incentives. We do not provide any financial incentives tied to the collection, sale, or deletion of your Personal Data.
If you would like to make a request and exercise your rights described above, please contact us via [email protected]