Tracer Lab

Privacy Policy

Last updated: [EFFECTIVE DATE]

Placeholders to fill in: [EFFECTIVE DATE], [LEGAL ENTITY NAME], [STATE OF FORMATION], [CONTACT EMAIL], [REGISTERED ADDRESS]. Strong starting template, not legal advice.

1. Who We Are

[LEGAL ENTITY NAME], a [STATE OF FORMATION] limited liability company ("Tracer Lab," "we," "us"), provides a go-to-market intelligence service that helps businesses identify potential customers. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

This Policy covers two distinct groups: (A) users of the Service (the founders and businesses who sign up and run scans), and (B) business contacts — individuals whose professional contact information may appear in or be surfaced through the Service. Different rules apply to each, described below.

2. Information We Collect

A. From users of the Service

  • Account and contact details you provide: name, email address, password, company, and similar.
  • The websites and URLs you submit to scan, and the reports generated from them.
  • Usage data: scans run, leads viewed or revealed, features used, and similar activity.
  • Billing information if you purchase a paid plan (processed by our payment provider; we do not store full card numbers).
  • Technical data: IP address, browser type, device, and cookies/similar technologies used to operate and secure the Service.

B. Business contact data (third-party individuals)

To help users identify potential customers, the Service surfaces professional, business-context contact information — such as a person's name, job title, employer, and work email — obtained from third-party data providers. This information relates to individuals in their professional or business capacity. We do not knowingly collect special categories of sensitive personal data, and we do not collect this data for consumer-profiling, credit, employment, housing, or insurance decisions.

3. How We Use Information

  • Provide, operate, secure, and improve the Service;
  • Generate go-to-market reports and surface potential business contacts for users;
  • Authenticate users, process payments, and enforce usage limits;
  • Communicate with users about the Service;
  • Create aggregated and de-identified insights and benchmarks. We may analyze scans, outcomes, and usage in aggregate and de-identified form to improve our models and produce benchmark intelligence. We do not sell raw personal contact data, and any benchmark or aggregate product is built from de-identified, aggregated information that does not identify individuals.
  • Comply with law and protect our rights and users.

4. How We Share Information

  • Service providers / processors who help us operate, including: website and content extraction, market-research and AI providers, business-contact data providers, cloud hosting and database, payment processing, and analytics. These providers process data on our behalf under contract.
  • Legal and safety: when required by law, to enforce our Terms, or to protect rights, safety, and security.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, subject to this Policy.

We do not sell users' personal information for money. Certain disclosures to data providers may be considered "sharing" or "selling" under some state laws; see Your Rights below for how to opt out.

5. Cookies

We use cookies and similar technologies to keep you signed in, remember preferences, secure the Service, and understand usage. You can control cookies through your browser settings; some features may not work without them.

6. Data Retention

We keep personal information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. Users may request deletion of their account data as described below.

7. Your Rights

For everyone

You may contact us at [CONTACT EMAIL] to access, correct, or delete personal information we hold about you, or to object to certain processing, subject to legal limits.

California residents (CCPA/CPRA)

If you are a California resident, you have the right to: know what personal information we collect and how we use it; access and delete your personal information; correct inaccurate information; and opt out of "sale" or "sharing" of personal information. We do not discriminate against you for exercising these rights. To exercise any right, email [CONTACT EMAIL]. We will verify your request as required by law.

Business contacts

If your professional contact information appeared in the Service and you wish to access it, correct it, or have it removed, email [CONTACT EMAIL] and we will process your request and, where applicable, suppress your information from future results.

EU/UK individuals

Where the GDPR or UK GDPR applies, you have additional rights (access, rectification, erasure, restriction, portability, objection). Our lawful bases include legitimate interests (providing B2B intelligence), contract, and consent where required.

8. Security

We use reasonable technical and organizational measures to protect personal information, including access controls and row-level security on stored data. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

9. Children

The Service is for business use by adults. It is not directed to children under 18, and we do not knowingly collect their information.

10. International Users

We operate from the United States. If you access the Service from elsewhere, your information may be processed in the U.S., which may have different data-protection laws than your jurisdiction.

11. Changes to This Policy

We may update this Policy. We will revise the "Last updated" date and, for material changes, provide additional notice where appropriate.

12. Contact

Questions or requests: [CONTACT EMAIL] · [LEGAL ENTITY NAME], [REGISTERED ADDRESS].