Privacy Policy for ROIpad (PitchFlow)

Effective Date: December 23, 2025

Last Updated: December 23, 2025

1. Introduction

Welcome to ROIpad. This Privacy Policy explains how ROIpad (accessible via https://roipad.com and https://flow.roipad.com, collectively the “Platform”) collects, uses, and protects data. We provide an interactive “Product Journey” SaaS that allows our Users (the “Customers”) to create experiences for their prospective clients (the “Prospects”).

2. Information We Collect

A. From our Customers (The SaaS Users)

• Account Data: Name, business email, billing information, and company details.
• Integration Data: API keys for CRMs (e.g., Salesforce, HubSpot) and Calendly links.

B. From Prospects (People viewing a Journey)

• Behavioral Data: We track interactions within the “Journey,” including modules viewed, video watch time, quiz responses, and button clicks.
• Identification Data: Email addresses or names provided through “Value Gates.”
• Technical Data: IP addresses (anonymized where required), browser type, and device identifiers.

C. Via the “Behavioral Bridge” (The Pixel)

• Our snippet tracks which elements on a Customer’s website a Prospect interacts with to customize their subsequent PitchFlow journey.

3. Tracking Technologies (Cookies & “Behavioral Bridge”)

We use cookies and similar technologies to enhance session continuity and intent tracking.

• First-Party Cookies: Used to remember a Prospect’s progress in a journey.
• Ethical Tracking: For users who opt-out of cookies, we may use localized storage or hashed identifiers to maintain session context without cross-site tracking, ensuring a seamless user experience.

4. How We Use Information

We process data to:

• Generate Intent Scores: Calculate the “Heat Score” of a Prospect based on engagement.
• Consensus Mapping: Aggregate data from multiple stakeholders within the same organization to provide “Deal Health” insights.
• Service Delivery: Route Prospects to the appropriate branching path within a Journey.
• CRM Sync: Automatically transmit lead data to a Customer’s designated CRM via Webhooks.

5. Data Sharing and Third Parties

We do not sell data. We share data only with:

• Sub-processors: Infrastructure providers (e.g., Supabase, Vercel, Mux) required to run the Platform.
• Customer-Directed Integrations: Data sent to CRMs as configured by the User.
• Legal Necessity: If required by law or to protect our rights.

6. The Developer Marketplace

If you use third-party “Plugins” or “Templates” from our marketplace:

• The Developer of the plugin may receive anonymized usage statistics.
• Plugins are sandboxed; however, if a plugin requires data entry, that data is handled according to the specific plugin’s disclosure.

7. Data Retention

• Prospect Data: Retained as long as necessary to provide analytics to our Customers, or until a Customer deletes the record.
• Account Data: Retained for the duration of the subscription plus a grace period for data recovery.

8. Your Rights (GDPR/CCPA)

Depending on your location, you may have the right to:

• Access: Request a copy of the data we hold about you.
• Erasure: Request that we delete your personal data.
• Opt-out: Disable tracking via browser settings or our “Privacy Toggle” within the Journey player.

9. Security

We implement industry-standard encryption (AES-256) for data at rest and TLS for data in transit. We use secure “Edge Functions” to process Webhook data to ensure no exposure of sensitive PII.

10. Contact Us

For any questions regarding this policy or your data, please contact: ROIpad Privacy Team Email: privacy@roipad.com

Web: https://roipad.com/support