Back to Home

Privacy Policy

Last updated: February 26, 2026

Privacy Summary

  • We collect only what's necessary to provide the service
  • We never sell your data to third parties
  • Your emails and leads are stored securely and encrypted
  • You can export or delete your data at any time
  • We use industry-standard security practices

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Password (stored hashed, never in plain text)
  • Payment information (processed by Stripe, not stored by us)

Product Information

To provide personalized outreach, we collect:

  • Your product URL and website content (for understanding your business)
  • Product descriptions and positioning you provide
  • Target audience and ideal customer profile settings

Lead Data

When discovering and managing leads, we collect:

  • Lead contact information from our data providers (names, titles, emails, companies)
  • Research data gathered from public websites
  • Email engagement data (opens, clicks, replies)
  • Leads you manually import

Gmail Integration

If you connect your Gmail account, we access:

  • Permission to send emails on your behalf
  • Permission to read replies to emails sent through UserFinder
  • We do NOT read your entire inbox - only threads initiated by UserFinder

Usage Data

We automatically collect:

  • IP address and browser type
  • Pages visited and features used
  • Error logs and performance data

2. How We Use Your Information

  • Provide the Service: Discover leads, generate personalized emails, send outreach
  • Improve the Service: Analyze usage patterns, fix bugs, develop new features
  • Communicate: Send product updates, billing notices, and support responses
  • Security: Detect and prevent fraud, abuse, or violations of our Terms
  • Legal Compliance: Comply with applicable laws and legal requests

3. Information Sharing

We do NOT sell your personal data. We share information only in these circumstances:

Service Providers

We share data with trusted third parties who help us operate:

  • Lead Data Providers: Lead discovery (we send your ICP criteria, they return matching leads)
  • OpenAI: Email generation (we send context, they return email drafts)
  • Google: Email sending via Gmail API
  • Stripe: Payment processing
  • MongoDB Atlas: Database hosting
  • Render: Application hosting

Legal Requirements

We may disclose information if required by law, court order, or government request, or if necessary to protect our rights, safety, or property.

Business Transfers

If UserFinder is acquired or merged, your information may be transferred. We will notify you before your data becomes subject to a different privacy policy.

4. Data Security

We implement industry-standard security measures:

  • All data transmitted over HTTPS/TLS encryption
  • Passwords hashed using bcrypt
  • Database encryption at rest
  • Regular security audits and monitoring
  • Access controls and authentication

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide services. After account deletion:

  • Personal data is deleted within 30 days
  • Aggregated, anonymized data may be retained for analytics
  • Data required for legal compliance may be retained longer

6. Your Rights

Depending on your location, you may have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate data
  • Deletion: Request deletion of your data
  • Portability: Export your data in a machine-readable format
  • Objection: Object to certain processing activities
  • Restriction: Request we limit how we use your data

To exercise these rights, contact us at privacy@userfinder.io or through your account settings.

7. GDPR Compliance (EU Users)

For users in the European Economic Area:

  • Our legal basis for processing is contract performance and legitimate interests
  • Data may be transferred to the US where our servers are located
  • We use Standard Contractual Clauses for international transfers
  • You have the right to lodge a complaint with a supervisory authority

8. CCPA Compliance (California Users)

California residents have additional rights under CCPA:

  • Right to know what personal information we collect
  • Right to delete personal information
  • Right to opt-out of sale (we don't sell your data)
  • Right to non-discrimination for exercising rights

9. Cookies

We use essential cookies for:

  • Authentication and session management
  • Security and fraud prevention
  • Remembering your preferences

We do not use third-party advertising or tracking cookies.

10. Children's Privacy

UserFinder is not intended for users under 18 years old. We do not knowingly collect data from children. If you believe we have, please contact us.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or prominent notice on our website. Continued use after changes constitutes acceptance.

12. Contact Us

For privacy-related questions or to exercise your rights:

Email: privacy@userfinder.io
Support: Contact Page