Privacy & Cookies Policy

Effective: January 12, 2026

1. Introduction

At SupportYourApp, Inc. (“SupportYourApp,” “we,” “us,” or “our”), we take your privacy seriously and are committed to handling personal data responsibly, transparently, and in accordance with applicable data protection laws.

This Privacy and Cookies Policy (“Privacy Policy”) explains:

• the personal data we collect and the methods by which we collect it,

• the purposes for which we use and protect your information,

• the rights you have under applicable data protection laws, and

• the ways you can contact us with questions or concerns.

If you have questions, you can reach us directly using the details in the Contact Information section at the end of this Privacy Policy.

When this Privacy Policy Applies. This Privacy Policy applies whenever SupportYourApp acts as a data controller of personal data in connection with our activities, including when you:

• Access our main website at https://supportyourapp.com/ (the “Website”), for example when browsing, reading resources, or submitting forms.

• Engage with our related services, tools, or features (together, the “Services”), which consist of business process outsourcing, customer support, and related professional services.

• Communicate with us directly, such as through forms, emails, or phone or messages with our business growth or service delivery teams.

• Participate as a business representative, point of contact, referrer, or affiliate participant in referral or affiliate programs that we operate or administer.

• Engage with our marketing, such as newsletters, links, or communication preference settings.

• Participate in events, such as webinars, workshops, or training sessions we organize or sponsor.

• Provide content, such as feedback, surveys, testimonials, or materials.

• Carry out transactions with us, such as entering into commercial agreements, billing, or payments related to our Services.

• Interact with cookies or analytics features active on our Website (see “Cookies” section for details).

• Follow a direct link stating that this Privacy Policy governs the relevant processing, in which case this Privacy Policy applies to those activities.

• Otherwise use or engage with SupportYourApp in ways that reasonably involve the collection or use of your personal data in connection with our business activities, unless a separate privacy notice is provided.

When this Privacy Policy Does Not Apply. This Privacy Policy does not apply in every situation. Specifically, it does not cover:

• Processing on behalf of clients. When providing our Services, we may process personal data on behalf of our clients, who remain the data controllers. In such cases, their privacy notice governs, and any questions or concerns about processing should be directed to them.

• Service-specific terms. Certain Services may have their own dedicated privacy terms explaining how personal data is used in that context. Those terms apply in addition to this Privacy Policy.

• Other SupportYourApp websites. Websites or online services operated by SupportYourApp or its affiliates follow their own privacy notices. This Privacy Policy applies to another site only if that site expressly states so.

• Third-party services and integrations. If you follow links or use integrations operated by third parties, those providers are responsible for their own data practices. Their privacy notices apply, and we encourage you to review them.

• Third-party platforms. We maintain official pages on external platforms (such as professional networks or social media). These providers control their own data collection and use, and their privacy notices apply accordingly. This Privacy Policy governs only our subsequent processing of information we receive from those platforms.

• Social plug-ins and embeds. Our Website may include third-party buttons, widgets, or embedded content. These providers may collect data directly from your browser under their own privacy notices. This Privacy Policy applies only to any information we then receive.

• Recruitment and engagements. If you apply for an opportunity with SupportYourApp, join us as an employee, or provide services as an independent contractor, your personal data is handled under separate privacy notices provided at the relevant stage.

• Anonymized or aggregated information. Data that no longer identifies you personally is outside the scope of this Privacy Policy.

2. Our Role in Data Processing

We may handle personal data in different capacities depending on the context of your interaction with us. Transparency about these roles is important because it determines who is responsible for decisions about your data and how you may exercise your rights.

SupportYourApp as Data Controller. We act as a Data Controller when we collect personal data directly from you for our own purposes. This includes operating the Website, providing and improving our Services, maintaining communications, or carrying out the activities described in this Privacy Policy. In this role, SupportYourApp determines the purposes and means of processing and ensures that processing is carried out lawfully, fairly, and transparently.

SupportYourApp as Data Processor. We act as a Data Processor when we process personal data on behalf of our clients, who remain the Data Controllers. In this role, SupportYourApp does not decide why or how the data is used; instead, we follow the client’s documented instructions and process the data only for the purposes they define. Examples include when we provide outsourcing customer support services to our clients.

• For individuals. If your personal data is processed by SupportYourApp within the Services provision to the clients, we have no direct relationship with you. Requests to access, correct, delete, or withdraw consent for such data should be directed to the relevant client (the Data Controller). SupportYourApp cannot independently fulfill these requests, but our clients can delete, amend, or block access to personal data on their own or by contacting SupportYourApp.

• For clients. Please also refer to your contract(s) with us, including any applicable data processing agreement, for details on how we process personal data on your behalf. These agreements set out the scope of processing, our responsibilities as Data Processor, and any additional obligations.

No Joint Control. SupportYourApp does not act as a joint controller with third parties unless explicitly stated in connection with a specific feature, project, or program. Where joint control applies, we will clearly explain the arrangement and the respective responsibilities of each party.

3. Information We Collect

We collect personal data that reflects how you interact with SupportYourApp, as a visitor to our Website, a representative of a client or partner, or a participant in our events and programs. Depending on context, the information may be provided directly by you, captured automatically as you use the Website, supplied by your organization or other professional sources, or created by us as part of operating and improving the Services.

Information You Provide to Us

We collect personal data that you choose to share with us when interacting with SupportYourApp and our Services. This may include:

• Identification and contact details. When you complete a form, subscribe to updates, or otherwise share details with us, we process your name, business contact information, professional information (e.g., role, team, company size, type of business), and any optional elements to respond to requests, and communicate with you.

• Communications content. When you contact our business growth or service delivery teams, we process the content of your messages, and any attachments so we can respond effectively and maintain a record of our interactions.

• Transactions and billing. If you purchase Services, we process billing contacts and addresses, Service payment details, invoices, transaction history (e.g., information about payments from you and other details of the Services you have purchased from us), bank account and credit card details, payment methods, and applicable tax information.

• Data You Provide About Others. You may sometimes provide us with personal data about other individuals (for example, by sharing a colleague’s contact details, or submitting third-party references).

  • Your responsibility. If you provide personal data about other individuals (for example, by sharing colleagues’ details or submitting references), you confirm you are authorized to do so and, where required by law, that the individuals have been informed.

  • Our responsibility. We will use such data only for the purpose for which it was provided (for example, to deliver services, fulfill a project, or manage contractual communications) and not for unrelated purposes, processing it in line with this Privacy Policy.

  • If someone else provides us with your personal data, we will process it only for the reason it was shared and always in line with this Privacy Policy.

• Pre-sales. When you request “Get A Quote”, you may share your first name, last name, business contact details (e.g., phone number, work email), your support needs (e.g., total number of requests per month, your product’s Website/AppStore URL, do you consider AI solutions in your support strategy, etc.). We use this information to evaluate your request, scope solutions, and follow up.

• Recorded communications (where notified). If a meeting, demo, onboarding/enablement, or support session will be recorded, we will notify participants in advance. In those cases, we may process audio/video, screen content, and participation details for the stated purpose (for example, training, quality assurance, or providing a requested feature).

• Surveys, research, and training participation. If you take part in surveys, webinars, workshops, or training we host or sponsor, we process your registration details, responses, feedback, and participation records. If a session will be recorded, we notify participants in advance and may process audio, video, screen content, and participation details for the stated purpose.

• Marketing choices and engagement. We process your subscription status, opt-ins or opt-outs, topics of interest, and limited engagement signals such as email opens or link clicks to manage communications and assess effectiveness.

Information Collected Automatically

We also collect certain information automatically as you browse our Website. This helps us operate, secure, and improve the Website and Services. It may include:

• Device and technical data. When you visit the Website, we automatically collect technical information such as IP address, browser type/version, operating system, language, referral source, timestamps, and approximate location derived from IP to support compatibility, performance, and security.

• Website usage and technical data. We collect information about how visitors interact with our Website, such as pages viewed, navigation paths, form interactions, session duration, referral sources, and technical performance indicators (including errors or load times). This information is used to operate, secure, and improve our Website and online resources.

• Cookies and similar technologies. We use cookies, pixels, and similar tools to operate core functions (e.g., session management), analyze usage, detect misuse, and improve the experience. Some third-party tools may also support interest-based advertising. See the “Cookies” section for details and controls.

Information We Receive from Other Sources

We also receive personal data from third parties and professional sources, depending on your relationship with SupportYourApp. This may include:

• Client-provided business contact information. Our clients may provide business contact and role information about their representatives for the purposes of managing commercial relationships, coordinating service delivery, configuring engagements, or handling billing and contractual communications. Depending on the context, authorized client contacts may have visibility into engagement status, assigned roles, or operational updates necessary to manage the relationship. Information processed in this context is handled in accordance with this Privacy Policy when we act as a data controller.

• Professional and business contact data. In the course of working with prospective or current clients, partners, or vendors, we may obtain professional contact information from third-party business data platforms, directories, or aggregators that compile business contact details (such as name, role, company, business email address, and business phone number). We use this information to identify relevant contacts, initiate or follow up on business communications, and manage professional relationships. Where required by law, individuals may exercise their rights or object to such processing as described in this Privacy Policy.

• Referrals. If someone refers our Services to you (for example, through a referral program), they may provide us with your name, email address, and related details. You may contact privacy@supportyourapp.com to request removal of such information. If you provide information about another person, or another person provides us with your information, we will use it only for the specific reason it was shared.

• Publicly available information. We may process professional details that are lawfully available in the public domain, such as information on company websites, directories, public reviews, or community forums referencing SupportYourApp. We use this only for limited and legitimate business-to-business purposes, such as verifying contact details, identifying opportunities, improving our Services, or responding to feedback. We do not combine this data to infer sensitive characteristics.

• Compliance and KYB Checks. In the course of establishing or maintaining business relationships, we may process limited personal data relating to business representatives (such as name, business contact details, role, and affiliation) as part of Know Your Business (KYB), sanctions screening, anti-fraud, and risk-management checks. These checks are limited to verifying business entities, their registration details, ownership structure at a high level, sanctions exposure, and public-reputation signals, and do not involve identity verification of individuals or the processing of government-issued identification documents, and do not involve continuous monitoring of individuals.

• Service partners and platforms. Event organizers, payment processors, or other connected services may share limited information needed to register you, authenticate you, process transactions, or deliver requested features. These providers are responsible for their own collection and disclosure practices.

• Preference records and limited inferences. We maintain records of your privacy choices (such as cookie settings or marketing consents/withdrawals) so that your selections are respected. To keep communications useful, we may also derive limited, non-sensitive inferences (such as general content preferences) from interactions with our Website or communications. You can adjust preferences at any time.

4. Cookies

What Are Cookies?

Cookies are small text files that are placed on your device (such as a computer, smartphone, or tablet) when you visit a website. They allow the website to recognize your device, remember certain information about your visit, and support functions such as security, analytics, and advertising.

Cookies may be:

• Session cookies, which are deleted when you close your browser, or

• Persistent cookies, which remain on your device until they expire or are deleted.

Cookies placed via our Website cannot damage your device or the files stored on it.

Types of Cookies We Use

We use different categories of cookies on our Website, depending on their purpose and function:

• Strictly Necessary Cookies. These cookies are required for the basic operation, security, and stability of the Website. They enable core functionality such as page navigation, security protections, and session management. These cookies are enabled by default because they are necessary for the Website to function and do not require consent under applicable cookie laws. They cannot be disabled through our Cookies Preference Center.

• Analytics Cookies. Analytics cookies help us understand how visitors interact with our Website, for example by showing which pages are visited most often, how users navigate the site, or whether errors occur. This information helps us assess performance and improve usability. Where required by law, analytics cookies are used only after you have given your consent. You can enable or disable these cookies at any time through our Cookies Preference Center.

• Advertising and Marketing Cookies. Advertising and marketing cookies may be used to measure the effectiveness of our campaigns and to display information about our services on third-party platforms. If you choose not to allow these cookies, you may still see advertising, but it may be less relevant to your interests. Where required by law, advertising and marketing cookies are used only after you have given your consent. Refusing these cookies does not affect your ability to use the Website.

• Social Media Cookies. Social media cookies enable interaction with third-party social media platforms, such as sharing content from our Website or viewing embedded media. These cookies may allow the third-party provider to collect information about your interaction with our Website.

Where required by law, social media cookies are used only after you have given your consent. Third-party providers process any data they collect under their own privacy notices.

Consent and Cookie Controls

Except for cookies that are strictly necessary for the operation of the Website, we place cookies and similar technologies only where required by law and only after you have given your consent, in accordance with applicable cookie laws (including the EU ePrivacy Directive, GDPR, and UK PECR).

When you first visit our Website, you are presented with a cookie banner that allows you to:

• Accept all optional cookies

• Reject all optional cookies

• Customize your preferences by cookie category

You can change your selections or withdraw your consent at any time by accessing our Cookies Preference Center, which is available on our Website.

Third-Party Cookies

Some cookies used on our Website are placed by third-party providers, such as analytics, advertising, or social media partners. Where these cookies are enabled, the relevant third party may collect information directly from your browser and process it in accordance with their own privacy notices.

We encourage you to review the privacy policies of these third-party providers to understand how they collect and use personal data.

Scope Clarification

Cookies, analytics, and advertising technologies described in this section are used only in connection with visits to our Website and marketing-related interactions where SupportYourApp acts as a data controller. They are not used in connection with the delivery of customer support or outsourcing services to our clients, and personal data processed on behalf of clients as part of service delivery is never used for advertising, retargeting, or cross-context behavioral advertising purposes.

Managing Cookies Through Your Browser

In addition to our Cookies Preference Center, most web browsers allow you to manage cookies through their settings. You can typically configure your browser to block or delete cookies, or to notify you when cookies are being set.

Please note that disabling certain cookies, particularly strictly necessary cookies, may affect the functionality or availability of parts of the Website.

For more information, please consult the help pages of your browser provider, such as Google Chrome, Mozilla Firefox, Safari (desktop and mobile), Microsoft Edge, or Opera.

Changes to Our Cookies Practices

If we introduce new cookies or materially change how we use existing cookies, we will update this Privacy Policy accordingly and, where required by law, request your consent again.

5. Legal Bases for Processing

Where the processing of personal data is subject to specific legal basis requirements, such as under the laws of the European Economic Area (EEA), the United Kingdom (UK), or other jurisdictions with comparable data protection frameworks, we only process data where a valid legal basis applies. Depending on the processing activity, these include:

• Performance of a Contract. We process data necessary to provide the Services you or your organization request; to enter into, perform, manage, administer and enforce the Services including any related contract; manage payments of fees and charges; notify you about changes to all applicable terms of the services or use and this Privacy Policy; to share personal data with our service providers and partners, to provide the Services to you, and respond to pre-contract inquiries.

• Legitimate Interests. We process data for purposes that are essential to our business operations, provided these do not override your fundamental rights and freedoms. This includes securing our Website, systems and business operations; analysing, enhancing and improving our services, systems and processes; for training and quality assurance; maintaining professional contact records; sharing your personal data with people or other relevant bodies to support our business systems and processes; for statistical and market analysis and research; to send marketing communications as further described in the “Marketing and Communications” section; to monitor, check, and record communications between you and us.

• Consent. Where required by law, we rely on your freely given, informed consent, for example, for optional marketing communications. You may withdraw consent at any time without affecting the lawfulness of processing already carried out.

• Legal Obligations. We process certain data to comply with laws and regulations, including those relating to tax, accounting, sanctions, export control, anti-discrimination, or record-keeping requirements.

6. Purposes for Processing

We process your personal data only where permitted by applicable law and for purposes that are necessary, proportionate, and transparent. The main purposes include:

• Pre-Contractual Engagement and Business Development

  We process personal data to communicate with prospective clients and their representatives before entering into a contract. This includes responding to inquiries, arranging and conducting meetings or demos, preparing proposals or quotes, assessing requirements, participating in procurement or RFP processes, and following up on pre-contractual discussions.

  Legal basis: Steps taken at the request of the data subject prior to entering into a contract; and our legitimate interests in developing business relationships and responding to inquiries.

• Service Delivery

  We process personal data to manage our business relationship, provide the requested services to our clients, and respond to inquiries and operational requests.

  Legal basis: Performance of a contract (or steps prior to entering into one). Where relevant, we may also rely on legitimate interests to maintain service integrity and resolve technical issues.

• Billing and Transactions

  We process billing details, payment references, invoices, tax identifiers, and transaction history to complete purchases, and comply with financial reporting obligations.

  Legal basis: Performance of a contract and compliance with legal obligations (e.g., tax and accounting laws).

• Business Relationships and Professional Contacts

  We process professional contact information in the context of sales, partnerships, vendor management, events, and client or community engagement. This includes maintaining records of communications, proposals, and agreed actions.

  Legal basis: Legitimate interests in managing professional and commercial relationships. For communications that qualify as direct marketing, we rely on consent where required by law.

• Security, Integrity, and Abuse Prevention

  We process authentication logs, access records, diagnostic data, and related information to detect anomalies, prevent fraud, and investigate incidents.

  Legal basis: Legitimate interests in securing our Website, systems and business operations. In certain cases, processing may also be necessary to comply with legal obligations.

• Compliance and Risk Management

  We process limited personal data relating to business representatives (such as name, role, and business contact details), together with company-level information, to conduct Know Your Business (KYB) checks, sanctions screening, fraud prevention, and risk-management activities required to establish or maintain business relationships. These activities are limited to business-to-business due diligence and do not involve individual identity verification, biometric processing, or government-issued identification documents.

  Legal basis: Compliance with legal obligations. In limited cases, legitimate interests in preventing fraud, misuse, or legal exposure.

• Events, Training, and Recordings

  We process registration details, attendance records, and, where notified in advance, recordings of webinars, workshops, or demos to organize events, provide follow-ups, issue certificates, or improve programs.

  Legal basis: Performance of a contract (for example, where training is part of the Services) or our legitimate interests in managing events and improving offerings. Recordings are generally processed on the basis of legitimate interests, or, where legally required, on another applicable legal basis such as consent.

• Service Improvement and Operational Development

  We process feedback, survey responses, and engagement data to evaluate service quality, improve internal processes, refine training and quality-assurance programs, and enhance operational workflows and service delivery.

  Legal basis: Legitimate interests in improving our Services and innovating responsibly. Where participation is optional, such as surveys, we rely on consent.

• Website Analytics and Performance Monitoring

  We process browsing data using cookies and similar technologies to understand how visitors interact with our Website, measure traffic, improve navigation, and ensure the Website operates securely and effectively, as described in the “Cookies” section.

  Legal basis: Legitimate interests in maintaining and improving our Website, or consent where required under applicable cookie laws (see “Cookies”).

• Advertising and Outreach (Limited)

  We may use cookies or similar tools to deliver relevant information about our Services on other platforms, as described in the “Cookies” section. These tools allow us to reach audiences who have shown interest in our Services and measure campaign effectiveness.

  Legal basis: Consent where required by law (e.g., cookies for advertising or analytics). In jurisdictions where permitted, we may rely on legitimate interests.

• Marketing and Communications

  We process subscription preferences, communication history, and engagement metrics (such as whether you opened an email or clicked a link) to send relevant updates and measure the effectiveness of our campaigns. This may include communications with prospective clients in a pre-contractual context, such as follow-ups on inquiries, demos, or proposals.

  Legal basis: Legitimate interests in promoting and improving our Services, except where consent is required under applicable law (e.g., direct marketing), in which case we rely on consent.

• Preference Records and Personalization

  We process records of your privacy and marketing preferences and may derive limited, non-sensitive inferences (such as likely feature interests) to tailor communications.

  Legal basis: Compliance with legal obligations to respect your rights and preferences, and legitimate interests in making our communications relevant.

• Public Feedback and Community Interactions

  We may process information you make publicly available in reviews, forums, or professional community platforms to understand sentiment, respond to feedback, and improve our Services.

  Legal basis: Legitimate interests in engaging with our community and maintaining our reputation.

• Office Visits and On-Site Security

  If you visit our offices, we may process your identification details, visit logs, CCTV footage, or access credentials to ensure security, manage visitor access, and comply with health, safety, or regulatory requirements.

  Legal basis: Legitimate interests in maintaining a secure workplace and compliance with legal obligations (e.g., safety or access control laws).

• Protecting Legal Rights and Responding to Lawful Requests

  We may process and disclose personal data where necessary to protect our rights, property, or safety, to enforce agreements, or to prevent fraud or misuse of our Services. We may also process or share data to comply with lawful requests, court orders, or legal processes, or to assist regulators, law enforcement, or other authorities where required by law.

  Legal basis: Compliance with legal obligations and our legitimate interests in protecting our legal rights and ensuring the integrity of our Services.

• Affiliate and Referral Programs

  We process personal data of client representatives or other business contacts who voluntarily participate in our affiliate or referral programs. This may include business contact details, referral information, participation records, communications, and attribution data, which are used to administer the program, track referrals, manage communications, calculate and issue rewards or fees (where applicable), and meet accounting, audit, or contractual obligations.

  Legal basis: Performance of a contract or steps prior to entering into a contract; legitimate interests in promoting our services and managing business relationships; and compliance with legal or accounting obligations where applicable.

• Other Compatible Purposes

  We may also process personal data for additional purposes that are compatible with those above, such as internal governance, strategic planning, audits, compliance monitoring, or corporate restructuring.

  Legal basis: Legitimate interests or legal obligations, depending on the specific activity. Where law requires, we will seek your consent or provide a separate notice.

If You Do Not Provide Data

Providing personal data is generally voluntary. However, certain information is essential for us to deliver the Services, enter into or perform a contract with you, or comply with legal and regulatory obligations. If you do not provide required data, such as billing details, or legally mandated identification documents, we may be unable to process transactions, provide the Services, or fulfill applicable obligations.

Where the provision of data is mandatory, we will make this clear at the point of collection and explain the potential consequences of not providing it (for example, that we cannot verify required business information, complete a payment, or proceed with a requested service). In all other cases, choosing not to provide optional information may limit your user experience but will not affect your ability to use the core Services.

7. Storage and Data Protection Measures

We take the protection of personal data seriously and combine technical, organizational, and contractual safeguards to keep it secure against unauthorized access, loss, alteration, or misuse. Personal data is stored in secure environments, with access limited to trained and authorized personnel who are bound by confidentiality obligations. Our internal policies, training programs, and security procedures are designed to ensure that data is handled responsibly and that any potential threats are detected and addressed promptly.

Where we rely on third-party providers, such as cloud hosting, infrastructure, or analytics services, they are engaged under written agreements that require appropriate security measures, and we take steps to verify that those protections are in place. Data is retained only for as long as necessary to fulfill the purposes described in this Privacy Policy and is securely deleted or anonymized when no longer needed. While no system or transmission can be guaranteed as entirely secure, we apply safeguards proportionate to the sensitivity of the data and continually review and improve our practices.

8. Data Sharing and Disclosure

We share personal data only for the purposes described in this Privacy Policy and only with parties subject to appropriate confidentiality obligations and data protection safeguards. The categories of sharing are:

Internal Access and Affiliates

• Within SupportYourApp and affiliated entities. Personal data may be accessed by authorized SupportYourApp personnel and, where relevant, affiliated group companies for purposes such as business operations, administration, compliance, finance, marketing, and relationship management. Access is limited to what is necessary for the relevant function and subject to confidentiality obligations.

Service Providers Supporting Our Business Operations

• Business service providers. We engage third-party service providers to support our own business operations, such as website hosting, IT infrastructure, security monitoring, analytics, communications, marketing platforms, event management, accounting, and payment processing. These providers process personal data only as necessary to perform services for SupportYourApp and under contractual obligations requiring appropriate data protection and confidentiality safeguards.

Professional and Operational Partners

• Advisors and auditors. We may share limited personal data with external auditors, insurers, banks, lawyers, or accountants where reasonably necessary for audit, insurance, financing, dispute resolution, or legal advice.

• Events and community interactions. For events we host or co-host, registration and participation details may be shared with event platforms and co-organizers. In such cases, the other parties generally act as independent controllers with their own privacy notices. Where you post reviews, comments, or similar content in public forums, that information is available to others by nature of those platforms.

• Verification and enrichment (business contacts). In a professional B2B context, we may validate or update professional contact details with reputable sources, limited to business attributes and subject to applicable law.

• Payments and transactions. Billing and payment data may be shared with payment processors and financial institutions to complete transactions, prevent fraud, and meet financial or reporting obligations.

Cookies, Advertising, and Social Media

• Cookies and similar technologies. Where third-party cookies, pixels, or analytics tools are enabled, those providers may collect data directly via our properties. Where required, we will obtain your consent. See “Cookies” section for details and controls.

• Social Media Features. Our websites may include social media features or widgets (such as “like” or “share” buttons) that are either hosted directly on our sites or by the respective social networks. When you interact with these features, the third parties providing them may collect information (such as your IP address or the page you are visiting) and may set cookies to enable functionality. Your interactions with these features are governed by the privacy policies of the companies that provide them.

• Advertising and Marketing. We may partner with advertising networks and social media platforms that use cookies, pixels, or similar technologies to collect information about your browsing activities and deliver tailored advertising. These parties act as independent controllers of the data they collect. You can opt out of targeted advertising through industry tools (optout.networkadvertising.org, optout.aboutads.info, or youronlinechoices.eu), or manage your preferences through our cookie controls.

Other Disclosures

• Legal, Protection, and Exceptional Scenarios. We may disclose personal data where required to comply with applicable laws, lawful requests, or regulatory obligations; to cooperate with law enforcement; or in the good-faith belief that such disclosure is reasonably necessary to (i) take precautions against liability, (ii) protect SupportYourApp or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend against third-party claims, (iv) safeguard the security or integrity of the Services and related infrastructure, or (v) protect our rights, property, or safety, or those of our users or others.

• Business Transfers. If SupportYourApp undergoes a reorganization, merger, acquisition, financing, or sale of all or part of the business, including insolvency, bankruptcy, or receivership, personal data may be transferred to relevant parties as part of that transaction, provided the recipient is required to handle the data in a manner substantially consistent with this Privacy Policy.

• Aggregated or De-Identified Information. We may share insights that do not identify individuals (for example, aggregated usage statistics) for research, reporting, or service improvement.

• With Your Direction or Consent. We may share data with third parties where you ask us to (for example, publishing a testimonial) or otherwise provide consent.

No Sale of Personal Data. We do not sell personal data. In some jurisdictions, certain advertising technologies may be legally classified as a “sale” or “sharing” of data. Where applicable, you can manage these settings through your cookie and marketing preferences.

9. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law (for example, to meet audit, tax, accounting, compliance, or dispute-resolution obligations). When data is no longer needed, we delete it or irreversibly de-identify it.

How long we keep information depends on the type of data and the context in which it was collected. In determining retention periods, we consider factors such as:

• the nature and sensitivity of the data;

• the purposes for which it is processed;

• applicable legal or regulatory requirements;

• contractual commitments;

• operational needs (including security, fraud prevention, and business continuity); and

• applicable limitation periods for legal claims.

Examples of retention practices include:

• Business contact and engagement records. Business contact information and engagement-related records are retained for the duration of our relationship and deleted or de-identified within a reasonable period after the relationship ends, unless retention is required for legal, contractual, accounting, or security purposes.

• Service data. Where we process data on behalf of a client, retention, return, or deletion is governed by the client’s instructions and applicable contractual terms (see “Our Role in Data Processing”).

• Security and operational logs. Authentication, access, diagnostic, and audit logs are retained for rolling periods necessary to maintain security and investigate incidents. Records linked to suspected security events or abuse may be retained longer if required for investigations or legal obligations.

• Communications and support. Tickets, chats, call notes, and related correspondence are retained for a reasonable period to document requests, manage follow-ups, and improve service quality, unless longer retention is required by law or necessary to establish or defend legal claims.

• Billing and transactions. Invoices, payment records, and financial documentation are retained for periods mandated by tax, accounting, and financial-reporting rules.

• Events, training, and recordings. Registration details, attendance records, and recordings (where notice is given) are retained for the duration of the program and a reasonable follow-up period, unless longer retention is legally required or necessary for claims management.

• Marketing preferences and suppression lists. Marketing preference data is retained to honor your choices. If you opt out, we maintain a limited suppression record to ensure you do not receive further marketing communications.

• KYB and compliance checks. Records related to Know Your Business (KYB) checks, sanctions screening, and business due-diligence activities (such as company registration details, verification results, risk assessments, and limited information about authorized business representatives) are retained only for as long as necessary to satisfy applicable legal, regulatory, audit, or risk-management requirements, and are securely deleted or de-identified thereafter.

• Cookies and similar technologies. Data collected via cookies and similar tools is retained in line with the designated cookie lifespan (see “Cookies” section for details).

We may retain de-identified or aggregated information (which cannot reasonably be linked to an individual) for analytics, research, and service improvement.

If we are legally required to preserve personal data (for example, due to litigation holds, investigations, or regulatory requests), we will retain only what is necessary for as long as required, and deletion will resume once the hold ends.

Deletion requests. You may request deletion of your personal data at any time (see “Your Privacy Rights and Choices”).

10. International Data Transfers

In the course of providing Services and managing our business operations, your personal data may be accessed from or transferred to countries outside of your home jurisdiction. These transfers may occur, for example, when our teams, service providers, or infrastructure partners are located in other countries, or when you interact with clients or colleagues across borders.

Where personal data is transferred from jurisdictions that impose cross-border data transfer restrictions (such as the European Union, United Kingdom, or other locations with similar laws), we implement appropriate safeguards to ensure that such transfers are lawful and that your personal data remains protected. Depending on the circumstances, these safeguards may include:

• Adequacy Decisions. Where available, we rely on determinations by competent authorities (such as the European Commission) recognizing that the destination country provides an adequate level of data protection.

• Standard Contractual Clauses (SCCs) or Local Equivalents. We may incorporate approved transfer clauses into our agreements with service providers or partners to ensure equivalent protection for data transferred outside the EEA, UK, or comparable jurisdictions.

• Data Privacy Framework (DPF). Where relevant, we may rely on participation in recognized frameworks such as the EU-U.S. Data Privacy Framework, provided the recipient organization is certified and subject to its principles.

• Other Lawful Bases. In limited cases, and only where permitted by law, we may rely on other lawful grounds, such as where the transfer is necessary for contract performance, legal proceedings, or based on your explicit consent.

Where relevant, we may implement supplementary technical and organizational measures to align with applicable standards. In some cases, SupportYourApp personnel located outside your country may access personal data for support, troubleshooting, security, or service administration. Such access is limited to role-based needs and is subject to confidentiality commitments and data protection safeguards.

If your personal data is subject to international transfer safeguards, you may request further information about the transfer mechanism used. All cross-border transfers are subject to due diligence, contractual commitments, and security measures designed to ensure compliance with data-protection obligations and to safeguard your personal data.

11. Your Privacy Rights and Choices

The rights described in this section may vary depending on your country or region. We will respect and facilitate your rights in accordance with applicable data protection laws. Depending on your location and the circumstances of processing, you may have rights such as:

• Right of Access. You have the right to request confirmation as to whether we process your personal data, and, where we do, to receive a copy of that data along with relevant information about the processing activities.

• Right to Rectification. You may request that we correct inaccurate or incomplete personal data relating to you.

• Right to Erasure (Right to Be Forgotten). In certain circumstances, such as when data is no longer necessary for the purposes for which it was collected or where you withdraw your consent, you may request the deletion of your personal data.

• Right to Restrict Processing. You may ask us to limit the processing of your data while we assess a concern, for example, if you contest the accuracy of the data or object to the processing.

• Right to Object. You have the right to object to our processing of your personal data where it is based on our legitimate interests or involves direct marketing.

• Right to Data Portability. Where legally applicable, you may request to receive your personal data in a structured, commonly used, machine-readable format and to have that data transmitted directly to another data controller.

• Right to Withdraw Consent. Where we rely on your consent for processing, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

• Right Not to Be Subject to Automated Decision-Making. You have the right not to be subject to a decision based solely on automated processing, including profiling, where the decision produces legal effects or similarly significant consequences for you. Please note that we do not currently engage in solely automated decision-making that produces legal or similarly significant effect without meaningful human involvement, unless required or permitted by applicable law.

• Right to Lodge a Complaint. If you have any concerns about how we handle your personal data or believe that your data protection rights have been infringed, you have the right to lodge a complaint with the relevant data protection authority.

  • For individuals in the European Economic Area (EEA), you can find contact details of supervisory authorities here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

  • For individuals in the United Kingdom, you can contact the Information Commissioner's Office (ICO): https://ico.org.uk

  • For individuals in other countries, you can usually find contact details for your local data protection authority through official government websites or privacy agency portals.

12. How to Exercise Your Rights

If you wish to exercise any of your privacy rights, please contact us at privacy@supportyourapp.com.

To help us process your request efficiently, please include:

• Your full name and preferred contact details

• A clear description of the right(s) you wish to exercise

• Any relevant information that may assist us in locating your personal data (e.g., engagement period, terms, details)

We aim to respond to all valid requests within 30 calendar days, or within the legally required timeframe if different. For complex or multiple requests, this period may be extended, and we'll notify you of the extension.

Non-Discrimination. We respect your privacy choices and will not penalize you for exercising your rights. Exercising your privacy rights will not affect your ability to use our Services, or maintain your relationship with us. We will not deny Services, charge different prices or rates, or provide a different level or quality of Services as a result of your decision to exercise these rights.

Authorized Agents. If you prefer to exercise your rights through an authorized representative (such as a legal advisor or guardian), we may request:

• A signed authorization permitting the representative to act on your behalf

• Verification of your identity directly from you

• Proof of your representative’s identity and their legal authority to act on your behalf

These safeguards help us protect your personal data and ensure your rights are respected and secure.

Limits and exceptions. While we will make every effort to honor your privacy rights, some requests cannot be fulfilled in full. Certain data may need to be retained where deletion or disclosure would conflict with legal obligations, regulatory requirements, or the rights of others (for example, trade secrets or personal data of third parties). We may also be required to preserve necessary business records, such as transaction details or audit logs, and some requests (such as portability) may not apply to derived or system-generated data. In addition, complete deletion from all systems may not be immediate, as backups and archives are purged only on scheduled cycles.

Any limitations are applied narrowly and only to the extent required. Where legally permissible, we will explain the reasons if we cannot fully comply with your request.

Controls You Can Use Immediately

We respect your privacy rights and provide you with reasonable access to the personal data you have provided through your use of SupportYourApp Services. You may use the following controls to manage your information and preferences:

• Marketing Communications. You may opt out of receiving newsletters and other non-essential messages at any time by using the unsubscribe link in such emails or by contacting us at privacy@supportyourapp.com. Please note that you will continue to receive essential communications, including account notifications, security and privacy alerts, and necessary transactional or payment-related emails.

• Cookies and Similar Technologies. Adjust your preferences using our cookie management tool (where available) or directly through your browser settings.

• Managing your information. You may request to update, correct, or delete your business contact details or preferences by contacting us at privacy@supportyourapp.com. Where available, certain preferences (such as marketing subscriptions) can also be managed directly through unsubscribe links or cookie settings.

• Access, Amendments, or Deletion Requests. If you wish to access, amend, delete, or transfer personal data we hold about you (including data obtained from integrated services), you may contact us at privacy@supportyourapp.com . At your request, we will delete or block references to you in our databases, subject to the limitations described in the “Limits and Exceptions” section.

• Browser Privacy Signals. Some browsers and privacy tools offer settings or signals intended to limit tracking, such as Do Not Track (DNT) and Global Privacy Control (GPC). Our Services do not respond to DNT and do not currently detect or act on GPC or similar browser-level signals. You can manage data collection and use through our on-site cookie preferences, in-product settings where available, marketing opt-outs, your browser settings, and third-party tools (including anti-tracking extensions). If our practices change, we will update this Privacy Policy.

• Optional Information. You are not required to provide optional profile details or non-mandatory form fields. Declining to share optional information may mean that certain features or functions of the Services are unavailable, but it will not otherwise restrict your ability to use the core Services.

If you are unsure how these controls apply to you or need help, please contact us at privacy@supportyourapp.com and we will assist you.

13. U.S. State Privacy Disclosures

This section applies to individuals residing in U.S. states with comprehensive privacy laws (currently including California, Colorado, Connecticut, Utah, and Virginia, as well as any state that adopts comparable laws). It supplements this Privacy Policy and explains additional rights and disclosures required under those laws.

Scope of Collection and Use. The categories of personal information we collect, the purposes for which we use it, and the types of recipients are described in this Privacy Policy. In U.S. state-law terms, these categories generally include:

• Identifiers and contact details (e.g., name, email).

• Commercial and transaction information (e.g., billing records, purchases).

• Internet/electronic activity (e.g., log data, cookies, analytics).

• Coarse geolocation (inferred from IP address).

• Professional or business information (e.g., organization, role).

• Limited inferences drawn from the above.

We do not intentionally collect sensitive personal information through the Website except where such data is required to comply with applicable laws or regulatory obligations (for example, identity verification or compliance checks in a business-to-business context). Where processed, such information is used solely for legally required purposes and subject to appropriate safeguards.

For further details, you can review the following sections of this Privacy Policy:

• “Information We Collect”– what categories of personal data we collect and how we obtain it.

• “Legal Bases for Processing” – under what legal grounds (where applicable) we process personal data.

• “Purposes for Processing” – the reasons we use personal data (e.g., providing services, security, compliance).

• “Storage and Data Protection Measures” – how we safeguard personal data and the protections we apply.

• “Data Sharing and Disclosure” – who we may share personal data with and under what conditions.

• “Data Retention” – how long we keep different types of personal data and the criteria used.

• “International Data Transfers” – how we handle transfers of personal data outside your country.

• “How to Exercise Your Rights” – the process for submitting requests and how we verify them.

Your State-Specific Rights. Subject to verification and applicable exceptions, you may have the right to:

• Right to Know. You may request detailed information about the categories of personal data we collect, the purposes for which we use it, and the categories of third parties with whom we share it.

• Right to Delete. You may request that we delete personal data collected about you, subject to certain exceptions.

• Right to Correct. You may request the correction of inaccurate personal data maintained about you.

• Right to Opt Out. You may have the right to opt out of: the “sale” of personal information; the “sharing” or use of personal information for targeted advertising (also known as cross-context behavioral advertising); and certain profiling that produces legal or similarly significant effects. Where these rights apply, you can direct us not to sell or share your personal information, including for targeted advertising. Please note that we do not sell your personal information in exchange for money.

• Right to Limit Use of Sensitive Personal Data. In certain cases, you may request that we restrict the use and disclosure of sensitive personal data to those uses strictly necessary to provide requested services.

• Right to Appeal. To appeal any decision we make regarding your privacy rights request, where applicable under state law.

• Right to Non-Discrimination. You will not be discriminated against for exercising your rights.

How to exercise your rights (and appeals/agents). See “How to Exercise Your Rights” or email privacy@supportyourapp.com. We will verify your request to a reasonable degree (which may vary by request type). If we deny your request, you may appeal by replying to our decision or emailing us with “Appeal” in the subject line; we will explain our final decision and how to contact your state regulator if you remain unsatisfied. Where permitted, you may designate an authorized agent to act on your behalf; we may require proof of authorization and direct verification.

Sale, Sharing, and Targeted Advertising. We do not sell personal information for money. We may disclose limited identifiers (such as cookie or device IDs) and internet/electronic activity to analytics and advertising partners via cookies or similar technologies on our sites. Under some state laws, this may be deemed a “sale,” “sharing,” or “targeted advertising.”

• You can opt out at any time via our cookie preferences tool (available on our sites) or by emailing privacy@supportyourapp.com

• Opt-outs based on cookies are browser- and device-specific.

Shine the Light. We do not disclose personal information to third parties for their own direct marketing purposes. California residents may still contact privacy@supportyourapp.com with “Shine the Light” in the subject line for questions about this statement.

Sensitive Personal Information. We do not use or disclose sensitive personal information for purposes that would trigger a right to limit such use under state law. If this changes, we will provide a clear method to limit our use and disclosure consistent with applicable law.

Financial Incentives. We do not offer programs that provide discounts or benefits in exchange for personal information. If we introduce such a program, we will present a stand-alone notice describing material terms (categories of data involved, value of the data, how to opt in/out).

Past 12 Months Disclosure. In the preceding 12 months, we did not sell personal information for money. We may have “shared” limited identifiers (e.g., cookie or device IDs) and internet/electronic activity with advertising or analytics partners for cross-context behavioral advertising. You can opt out at any time via Your Privacy Rights and Choices or our cookie tool.

Retention and De-Identified Data. We retain personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law. We may create and use de-identified information and take reasonable measures to prevent re-identification.

14. Children’s Privacy

Our Services are intended for adults and are not designed for use by children. We do not knowingly collect or solicit personal data from individuals under 18 years of age (or the age of majority in their jurisdiction, if higher).

If we become aware that personal data has been collected from a minor without appropriate authorization, we will take reasonable steps to delete that information. Parents or guardians who believe that their child may have provided personal data to us are encouraged to contact us at privacy@supportyourapp.com.

15. Links to Third-Party Websites

Our Website may contain links to, or embed features from, websites, apps, and services operated by third parties. If you follow those links or interact with embedded content (for example, a video player or a share button), your activity may be visible to that third party, and any personal data you provide will be handled under their own privacy terms, not this Privacy Policy. We do not control, endorse, or accept responsibility for the content, security, or privacy practices of third-party sites.

Some embedded tools on our pages may allow the third party to set or read cookies or similar identifiers. For information on these technologies and how to manage your choices, see our Cookies section and your browser settings.

Certain integrations (including single sign-on and service connectors) involve limited data sharing to enable the feature. Details about what we receive or disclose in those scenarios are described in the “Information We Collect” and “Data Sharing and Disclosure” sections. We encourage you to review the privacy notices of any third-party service before using it.

16. Updates to this Privacy Policy

We may revise this Privacy Policy from time to time to reflect changes in our Services or our privacy practices, or for legal, regulatory, or operational reasons. When we do, we will post the updated version here and update the “Effective date” date. Changes take effect when posted unless a later effective date is stated.

If we make changes that meaningfully affect how we collect or use personal data, we will provide a more prominent notice, such as a banner on the Website, or an email to the active clients, and, where required, seek your consent for any new processing. We encourage you to review this page periodically to stay informed.

Contact Information

SupportYourApp, Inc.
221 W 10th Street, 4th Floor, Suite 122, Wilmington, DE 19801, USA.

If you have questions or wish to exercise your data protection rights, please contact our privacy team at: privacy@supportyourapp.com.

• SupportYourApp's Security
• Privacy and Cookie Policy
• Cookie Preferences
• Sub Processor List
• Terms of Use
• Data Privacy Framework Notice
• Candidate Privacy Notice