eEndorsements

Legal

Privacy Policy

Last updated: April 19, 2026

Plain-English summary:We collect the information you give us (account, business data, reviews you submit), operational data to run the Service safely, and technical data from your device. We don’t sell your personal information. We share data only with vendors that help us run the Service, to comply with the law, or with your consent. You can access, correct, export, or delete your data at any time.

1. Scope

This Privacy Policy describes how eEndorsements (“eEndorsements,” “we,” “us”) collects, uses, and shares personal information in connection with eendorsements.com, our related subdomains, APIs, and any services or features we make available (the “Service”). It applies to (a) business subscribers and their authorized users (“Customers”), (b) individuals whose information is processed through the Service on behalf of a Customer (“End Users”, such as consumers leaving reviews), and (c) visitors to our marketing pages.

For End-User data processed on behalf of a Customer, the Customer is the “controller” or “business” of that data; we act as the “processor” or “service provider.” End Users should review the Customer’s own privacy policy.

2. Information We Collect

Information you provide.

  • Account data — name, email, phone number, company, role, password hash.
  • Business data — contacts you upload, campaigns you send, surveys, reviews and testimonials, photos and videos, custom branding.
  • Billing data — limited to billing email, subscription status, and a payment-processor customer identifier; full card details are handled by our PCI-compliant payment processors (Stripe, USIO) and never touch our servers.
  • Communications — email, chat, and support tickets you send us.

Information we collect automatically.

  • Device and connection data — IP address, user-agent string, operating system, browser, language, time zone.
  • Usage data — pages viewed, features used, click paths, timestamps, referring URLs.
  • Audit events — administrative actions performed in your account (for security and compliance).
  • Cookies and similar technologies — see Section 7.

Information from third parties.If you sign in via a third-party identity provider (Google, Microsoft), we receive basic profile data they authorize. If a Customer uploads or imports contact lists, we receive that data on the Customer’s behalf. We may supplement business-address data with Google Places and similar public-records services.

3. How We Use Information

We process personal information to:

  • provide, maintain, personalize, and improve the Service;
  • authenticate users, secure accounts, and prevent fraud or abuse;
  • send transactional emails and SMS (campaign deliveries, billing receipts, security alerts, service announcements);
  • process payments and manage subscriptions;
  • respond to support inquiries;
  • generate aggregated and de-identified analytics;
  • comply with legal obligations and enforce our Terms of Service;
  • with your consent, send marketing communications — you can opt out at any time by following the unsubscribe link or by emailing privacy@eendorsements.com.

4. How We Share Information

We do not sell your personal information.

We share information only in these limited circumstances:

  • Service providers. Hosting and infrastructure (Vercel, Supabase, Amazon Web Services), email delivery (Resend), SMS delivery, payment processing (Stripe, USIO), error monitoring, analytics, and customer-support tooling. These vendors are contractually bound to process data only on our instructions.
  • Public display. Reviews and testimonials submitted for public display are, by design, public. We may syndicate them to search engines, social networks, and embedded widgets on Customer websites.
  • Business transfers. In connection with a merger, acquisition, financing, or sale of assets, information may transfer to the acquiring entity, subject to this Policy.
  • Legal compliance and safety. When required to comply with law, legal process, or a governmental request; to enforce our Terms; or to protect the rights, property, or safety of eEndorsements, our users, or others.
  • With your consent. For any other purpose disclosed at the time of collection.

5. Data Retention

We retain personal information for as long as your account is active, as needed to provide the Service, and as required by our legal obligations (tax, accounting, audit, litigation hold). After termination, we retain or delete information in accordance with our internal retention schedule; backups may persist for up to 90 days. Customers may request deletion of End-User data at any time.

6. Security

We maintain administrative, technical, and physical safeguards designed to protect personal information, including TLS in transit, encryption at rest for sensitive fields, least-privilege access controls, audit logging, and regular backups. No system is impenetrable; we cannot guarantee absolute security and disclaim liability for unauthorized access beyond our reasonable control.

7. Cookies & Tracking

We use cookies and similar technologies to authenticate users, remember preferences, understand Service usage, and deliver relevant content. Categories we use:

  • Strictly necessary — sign-in, session, CSRF protection.
  • Functional — UI state, impersonation indicators for super-admins, theme.
  • Analytics — aggregated usage measurement (e.g., Vercel Analytics).

You can control cookies through your browser settings. Disabling strictly-necessary cookies will impair the Service.

8. Your Rights

Depending on your jurisdiction, you may have the right to: access the personal information we hold about you; request correction or deletion; port your data in a machine-readable format; object to or restrict certain processing; withdraw consent; and lodge a complaint with a supervisory authority.

Texas residents (Texas Data Privacy and Security Act) may submit verifiable consumer requests to privacy@eendorsements.com. We do not discriminate against users who exercise their rights.

California residents(CCPA / CPRA) have the additional right to opt out of the “sharing” of personal information for cross-context behavioral advertising. We do not share personal information in that sense.

EU / UK residents may, where applicable, rely on consent, contract, legitimate interest, or legal-obligation bases for processing. Contact us for GDPR / UK GDPR requests.

To exercise any right, email privacy@eendorsements.com. We may verify your identity before fulfilling a request and will respond within the time frames required by applicable law.

9. Children

The Service is not directed to individuals under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us information, contact privacy@eendorsements.com and we will promptly delete it.

10. International Data Transfers

eEndorsements is operated from the United States. If you access the Service from outside the U.S., your information will be transferred to, stored, and processed in the U.S. By using the Service you consent to that transfer. Where required, we rely on approved transfer mechanisms such as the EU Standard Contractual Clauses.

11. Do Not Track

The Service does not respond to browser “Do Not Track” signals because no consistent industry standard exists. We otherwise honor opt-outs described in Section 8.

12. Changes to This Policy

We may update this Policy from time to time. Material changes will be effective upon posting the revised Policy with an updated “Last updated” date. We will provide additional notice (by email or in-product) when required by law.