Information We Collect
Information You
Provide to Us
- Contact Information: Name, email address, phone number, company name
- Business Information: Team size, business type, operational challenges
- Account Information: Username, password, billing information
- Payment Information: Credit/debit card details, billing address (processed securely through Stripe)
- Communication Data: Messages, support requests, feedback
Information We
Collect Automatically
- Usage Data: How you interact with our website and services
- Device Information: Browser type, operating system, IP address
- Analytics Data: Page views, time spent, user behavior patterns
- Cookies: Small files that help us improve your experience
Business Data (When
Using PANDDA)
- Client Information: Contact details, project data, communication history
- Project Data: Tasks, timelines, files, collaboration records
- Financial Data: Invoicing information, payment records
- Team Data: User roles, permissions, activity logs
Information
How We Use Your
Information
For Service Delivery
- Provide and improve our CRM platform
- Process $1 Founding Circle payments and manage subscriptions
- Enable collaboration and project management features
- Deliver customer support and onboarding assistance
For Communication
- Send important service updates and notifications
- Respond to your inquiries and support requests
- Share product updates and feature announcements
- Provide Founding Circle member communications
For Business Operations
- Analyze usage patterns to improve our services
- Detect and prevent fraud or security breaches
- Comply with legal obligations and enforce our terms
- Plan product development and feature roadmap
For Marketing (With Your Consent)
- Send promotional emails about new features
- Share relevant industry insights and best practices
- Invite you to webinars, events, or case study participation
- Conduct surveys to improve our services
How We Share Your Information
We DO NOT sell your personal information to third parties.
We May Share Information With:
Service Providers: Trusted partners who help us
operate our business
Payment processors (Stripe) for secure credit card processing and billing
Email service providers for communications
Cloud hosting providers (AWS/Google Cloud) for data storage
Analytics providers for service improvement
servers. Stripe maintains PCI DSS compliance for secure payment processing.
Legal Requirements:
When required by law or to protect our rights
Court orders, legal processes, or government requests
Protecting against fraud, security threats, or illegal activity
Enforcing our Terms of Service or other agreements
Business Transfers:
In the event of a merger, acquisition, or sale
Your information may be transferred as part of business assets
You'll be notified of any changes to privacy practices
Data Security
We implement industry-standard security measures to protect your information:
- Encryption: Data encrypted in transit and at rest
- Access Controls: Role-based permissions and authentication
- Regular Audits: Security assessments and penetration testing
- Monitoring: 24/7 security monitoring and threat detection
- Employee Training: Staff educated on privacy and security practices
- Limited Access: Information accessed only by authorized personnel
- Data Minimization: We collect only what's necessary for our services
- Regular Updates: Software and security patches applied promptly
Your Rights and Choices
Access and
Control
- View: Request a copy of your personal information
- Update: Correct or modify your account information
- Delete: Request deletion of your personal information
- Export: Download your data in a portable format
Communication
Preferences
- Unsubscribe: Opt out of marketing emails at any time
- Notification Settings: Control which updates you receive
- Contact Preferences: Choose how we communicate with you
Account
Management
- Pause Service: Temporarily suspend your account
- Cancel Service: Close your account and delete associated data
- Data Retention: Choose how long we keep your information
International Data Transfers
PANDDA operates globally. Your information may be transferred to and processed in
countries other than your own. We ensure appropriate safeguards are in place:
Adequacy Decisions:
Transfers to countries with equivalent protection
Standard Contractual Clauses
Legal protections for international transfers
Certification Programs
Participation in recognized privacy frameworks
Data Retention
We retain your information only as long as necessary:
Active Accounts
- Personal information: While your account is active
- Business data: As long as you use our services
- Communication records: For customer service purposes
Closed Accounts
- Account deletion: Personal information deleted within 30 days
- Legal requirements: Some data retained for compliance purposes
- Business records: Financial data kept for tax and regulatory requirements
Children's Privacy
PANDDA is designed for business use. We do not knowingly collect
information from children under 13. If we discover we've collected such
information, we'll delete it immediately.
Changes to This Policy
We may update this Privacy Policy to
reflect changes in our practices or
legal requirements:
- Notification: We'll email you about significant changes
- Effective Date: Changes take effect 30 days after notification
- Continued Use: Using our services after changes means you accept the updated policy
Contact Us
Questions about this Privacy Policy or your data?
Privacy Officer Email: hello@pandda.com
Data Protection Requests Email: hello@pandda.com
Response time: Within 30 days
General Support Email: hello@pandda.com
Specific Rights by Region
European Union (GDPR)
- Right to access, rectify, erase, restrict, and port your data
- Right to object to processing and withdraw consent
- Right to lodge complaints with supervisory authorities
California (CCPA)
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of sale of personal information
- Right to non-discrimination for exercising privacy rights
Other Jurisdictions
We comply with applicable privacy laws in all regions
where we operate. Contact us for information about your
specific rights.
