privacy policy.

this policy explains what data we collect, how we use it, and your rights. it applies to segmento.co and all services we provide.

short version: we collect the minimum needed to run the business. we don't sell data. we don't use ad trackers. you can email team@segmento.co to delete anything we have on you.

1. who we are

Segmento is the data controller for your personal data. contact: team@segmento.co.

2. what we collect

on the website (segmento.co):

• anonymized analytics via Plausible (no cookies, no personal identifiers, GDPR-compliant) — we see aggregate page views, referrers, and approximate country only
• email addresses you submit via the request-a-call form or the lead magnet form
• any information you include in the form fields (name, company, offer description, volume goals)

as a client:

• business information you share during intake (domain name, ICP, offer, volume targets)
• payment information — processed and stored by Stripe. we never see full card numbers
• communication records (emails, Slack messages) related to service delivery
• technical data about your cold email stack — inbox performance metrics, bounce rates, deliverability scores

what we don't collect:

• we don't use cookies except for essential session cookies
• we don't run ad retargeting pixels (no Facebook, LinkedIn, Google Ads trackers)
• we don't track users across other websites
• we don't collect anything "just in case"

3. how we use it

• to deliver the services you paid for
• to respond to your inquiries
• to send operational emails (intake, updates, handoff, invoices)
• to improve our service (aggregate, de-identified metrics only)
• to comply with legal obligations

we don't use your data to train AI models, sell to third parties, or market to your contacts.

4. who we share it with

we use the following subprocessors to run the business. each has their own privacy policy:

• Stripe — payment processing
• Porkbun — domain registration (domains registered in your name)
• Maildoso / Mailforge / Google Workspace — inbox hosting (whichever we use for your setup)
• Smartlead / Instantly — sequencer (whichever we use for your setup)
• Loops or ConvertKit — email delivery for newsletters and operational emails
• Plausible — website analytics
• Notion — internal project management and client-shared pages
• Slack — internal and client communication

we don't share your data with anyone else unless:

• you ask us to
• we're legally required to (court order, etc.) — we'll notify you first if legally permitted

5. how long we keep it

• active client data: for the duration of the engagement, plus 6 years after (for tax and legal reasons)
• prospect form submissions: 24 months. if you don't become a client, we delete on request or after 24 months, whichever is first
• lead magnet emails: until you unsubscribe. one-click unsubscribe in every email

6. your rights

depending on your location, you may have the right to:

• access the personal data we hold about you
• correct inaccurate data
• delete your data
• export your data in a portable format
• object to processing
• withdraw consent

to exercise any of these, email team@segmento.co. we respond within 30 days, usually within 48 hours.

7. GDPR (EU/UK residents)

our legal basis for processing:

• contract — when we're delivering services to you as a client
• legitimate interest — when you've requested information or downloaded the lead magnet
• consent — for marketing emails (you can withdraw any time)

EU residents may file complaints with their local data protection authority.

8. CCPA (California residents)

we don't sell personal information. we don't share it for cross-context behavioral advertising. if you want to know what we have on you or delete it, email team@segmento.co.

9. data security

we use:

• HTTPS on all pages
• Stripe for payment data (PCI compliant)
• 2FA on all internal accounts that touch client data
• limited-access shared tooling (Notion, Slack)

no system is 100% secure. if we suffer a breach affecting your data, we'll notify you within 72 hours of discovery.

10. children

we don't serve anyone under 18. we don't knowingly collect data from minors. if you believe we have, email us and we'll delete it.

11. international transfers

Segmento is based in the United States. if you're outside the US, your data will be transferred to and processed in the US. by using our services, you consent to this transfer.

12. changes

if we update this policy materially, we'll email current clients and post the update here. minor clarifications happen without notice.

13. contact

questions, requests, complaints: team@segmento.co. we respond personally, usually within 24 hours.