Privacy Policy
Last Updated: April 27, 2025
1. Introduction
Welcome to Attive ApS.
Attive ApS ("us", "we", or "our") operates https://attive.ai (hereinafter referred to as "Service").
Our Privacy Policy governs your visit to https://attive.ai, and explains how we collect, safeguard and disclose information that results from your use of our Service.
We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.
Our Terms and Conditions ("Terms") govern all use of our Service and together with the Privacy Policy constitutes your agreement with us ("agreement").
2. Information We Collect
We collect and process the following types of personal data:
- User Information: Name, email address, and information on your use of the Attive Platform.
- Employee Data: When integrated with your systems, we may process employee names, email addresses, employee IDs, role information, and potentially performance data.
- Call Transcripts: Names, roles, spoken content, and other identifiers shared during recorded calls if integrated systems (e.g., Gong or Chorus) are connected.
- Customer Information: Contact details and related information you've included in your CRM.
- Prospect Data: Names, email addresses, employer information, unique lead IDs, and other information you've included in your CRM.
3. How We Process Your Information
The processing of your personal data may include collection, aggregation, structuring, storage, adaptation or alteration, erasure, anonymization, and other processing necessary to:
- Provide and maintain the Attive Platform
- Deliver support services
- Comply with reasonable instructions
- Improve our services through anonymized data analysis
4. Data Security
We implement appropriate technical and organizational security measures to protect your personal data, including:
- Physical Access Controls: Secured buildings and measures to prevent unauthorized physical access.
- System Access Controls: Authentication via passwords and/or two-factor authentication, documented authorization processes, and access logging.
- Data Access Controls: Ensuring data is accessible only by properly authorized staff with appropriate privilege levels.
- Device Security: Security measures for mobile devices and laptops used to process personal data.
- Transmission Protection: Encryption and measures to prevent unauthorized access during electronic transmission.
- Regular Testing: Frequent testing and evaluation of security measures.
5. Sub-processors
We may engage the following sub-processors to fulfill our services:
- Google Cloud Platform (EU data centers) - Data hosting
- Google Workspace (EU data centers) - Productivity apps
- API Hero Ltd (US data centers) - Workload processing
- Nango, Inc. (US data centers) - Credential management
- Plus Five Five, Inc. (EU data centers) - Transactional email
6. Data Retention
Personal data is stored until termination of the Attive General Terms and Conditions, after which personal data is anonymized or deleted within 30 business days.
7. International Data Transfers
Some of our sub-processors may process data in locations outside the EU/EEA. We ensure that such transfers comply with the General Data Protection Regulation by implementing appropriate safeguards.
8. Your Rights
Under GDPR, you have the right to:
- Access your personal data
- Request rectification of inaccurate data
- Request erasure of your data
- Request restriction of processing
- Data portability
- Object to processing
- Not be subject to automated decision-making
9. Data Breach Notification
In the event of a personal data breach, we will notify affected customers without undue delay, typically within 48 hours of becoming aware of the breach.
10. Contact Us
If you have questions or comments about this Privacy Policy, please contact us at:
Email: security@attive.ai