SIGBOT
1. Regulatory Compliance
Sigbot complies with applicable privacy laws, including: UK GDPR & Data Protection Act 2018, EU GDPR, and Canada PIPEDA.
2. Data Protection Roles
- Users/business customers = Data Controllers
- Sigbot = Data Processor (for hosted contact data)
- Sigbot = Data Controller (for account/billing data)
3. Personal Data We Process
Account Data: Name, Email address, Login credentials, Subscription status.
Contact Data (User Imported): Names, Emails, Phone numbers, Job titles, Company data, Email signatures.
4. Cloud Storage & Sync
Sigbot uses secure cloud infrastructure (including Firebase) to provide device synchronization, backups, team collaboration, and real-time databases. Data may be cached locally and stored in the cloud.
5. Lawful Basis for Processing
We rely on contractual necessity, legitimate interests, legal obligations, and consent (where required).
6. Data Sharing
We do not sell personal data. We may share data with subprocessors providing cloud hosting, authentication, and payment processing. All processors operate under data protection agreements.
7. International Transfers
Data may be transferred outside the UK/EU/Canada. We rely on Standard Contractual Clauses, UK IDTA, and Adequacy decisions.
8. Security Measures
We implement encryption in transit, encryption at rest, access controls, authentication safeguards, and monitoring systems.
9. Data Retention
- Account data → Active lifecycle
- Billing data → Legal retention
- Contact data → Until deleted by user
10. User Rights
Users may access data, correct data, delete data, restrict processing, request portability, and object to processing. Requests: support@sigbot.com
11. Children’s Data
Sigbot is not intended for individuals under 18.
12. Complaints
You may contact: UK ICO, EU Data Protection Authorities, or Office of the Privacy Commissioner of Canada.
13. Policy Updates
We may update this Privacy Policy periodically.