Privacy Policy

Last updated: September, 2025

1. Introduction

This Privacy Policy describes how DM Champ B.V. ("DM Champ," "we," "us," or "our"), a company registered in the Netherlands (CoC: 78315654, VAT: NL861343529B01), collects, uses, and shares information when you use our AI-powered sales and customer engagement platform and related services ("Services").

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller Contact:

• Email: hi@dmchamp.com

• Address: The Netherlands

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, phone number, company name, billing information

• Business Data: Customer lists, conversation histories, product information, pricing data

• Communication Data: Messages, voice notes, images, and documents shared through our platform

• Payment Information: Processed securely through Stripe (we don't store card details)

2.2 Automatically Collected Information

• Usage Data: Features used, conversation metrics, API calls, performance data

• Device Information: IP address, browser type, operating system, device identifiers

• Log Data: Access times, pages viewed, system activity, error reports

• Location Data: Approximate location based on IP address

2.3 Information from Third Parties

• Social Media Platforms: When you connect WhatsApp, Instagram, Facebook Messenger

• OAuth Providers: Profile information from Google, Microsoft, or Facebook login

3. How We Use Your Information

3.1 Primary Purposes

• Provide and maintain our Services

• Process AI-powered conversations and sales automation

• Handle customer support and respond to inquiries

• Process payments and manage subscriptions

• Send service updates and important notifications

3.2 AI Processing

• We use AI services from: OpenAI, Anthropic (Claude), Google (Gemini)

• Important: Your data is NOT used to train AI models

• AI processes your data solely to provide our Services

• All AI processing is done in accordance with our Data Processing Agreements

3.3 Legal Basis for Processing (GDPR)

We process your data based on:

• Contract Performance: To provide Services you've requested

• Legitimate Interests: To improve our Services and ensure security

• Consent: For marketing communications and certain data processing

• Legal Obligations: To comply with applicable laws

4. Data Sharing and Sub-Processors

4.1 We share data with:

• AI Service Providers:

  • OpenAI (AI processing)

  • Anthropic (AI processing)

  • Google (AI processing - Gemini)

• Communication Providers:

  • Meta (WhatsApp, Instagram, Messenger)

  • Twilio (messaging infrastructure)

  • Telnyx (communication services)

• Infrastructure Providers:

  • Google Cloud Platform (hosting)

  • Stripe (payment processing)

• Data Enhancement Services:

  • Scraping Bee (web data)

  • Bright Data (data services)

4.2 We do NOT:

• Sell your personal data

• Share data for third-party marketing

• Transfer data outside the EU without appropriate safeguards

5. Data Retention

We retain your data in accordance with GDPR requirements:

• Active Account Data: As long as your account is active

• Conversation Data: 3 years after last activity (configurable)

• Financial Records: 7 years per Dutch tax requirements

• Marketing Data: Until consent withdrawn

• Backup Data: Maximum 90 days after deletion request

Upon account termination, we delete or anonymize your data within 30 days, except where retention is required by law.

6. Your Rights Under GDPR

You have the right to:

• Access: Request copies of your personal data

• Rectification: Correct inaccurate data

• Erasure: Request deletion ("right to be forgotten")

• Portability: Receive your data in a machine-readable format

• Restriction: Limit processing of your data

• Object: Oppose certain processing activities

• Withdraw Consent: At any time for consent-based processing

To exercise these rights, contact: hi@dmchamp.com

Response time: Within 30 days of request

7. Cookie Policy

7.1 Types of Cookies We Use

• Essential Cookies: Required for platform functionality

• Analytics Cookies: Google Analytics (performance monitoring)

• Functional Cookies: Remember preferences and settings

• Marketing Cookies: Track campaign effectiveness (with consent)

7.2 Managing Cookies

• Browser settings can block or delete cookies

• Disabling essential cookies may limit functionality

• We respect "Do Not Track" signals where legally required

7.3 Third-Party Cookies

Services like Google Analytics may set their own cookies. Review their privacy policies for details.

8. Data Security

We implement industry-standard security measures:

• Encryption in transit (TLS/SSL)

• Encryption at rest for sensitive data

• Regular security audits and penetration testing

• Access controls and authentication

• Employee training on data protection

• Incident response procedures

While we strive for maximum security, no system is 100% secure. We notify users of breaches as required by GDPR (within 72 hours).

9. International Data Transfers

Your data is primarily processed in the EU. When transferred outside the EU:

• We use Standard Contractual Clauses (SCCs)

• Ensure adequate protection levels

• Only transfer to countries with adequacy decisions where applicable

10. Children's Privacy

Our Services are designed for business use. We do not knowingly collect data from individuals under 16. If we discover such data, we delete it immediately.

11. White-Label and Agency Services

11.1 For White-Label Partners

• You are the data controller for your end-users

• We are your data processor

• Separate Data Processing Agreement required

• You must have your own privacy policy

11.2 Sub-Account Data

• Managed according to main account holder's instructions

• Agency is responsible for sub-account compliance

• End-users should review agency's privacy policy

12. AI-Specific Disclosures

12.1 AI Processing Transparency

• AI analyzes conversations to provide responses

• AI does not make autonomous decisions about individuals

• Human oversight available for high-value transactions

• AI outputs are not guaranteed to be error-free

12.2 Your AI Rights

• Request human review of AI decisions

• Opt-out of certain AI processing (may limit functionality)

• Access AI-generated insights about your data

13. Marketing Communications

• Opt-in required for marketing emails

• Unsubscribe link in every marketing message

• Separate consent for different communication types

• Service messages sent regardless of marketing preferences

14. Legal Disclosures

We may disclose information when required to:

• Comply with legal obligations

• Respond to valid legal requests

• Protect rights, property, or safety

• Investigate fraud or security issues

15. Changes to This Policy

We may update this policy to reflect:

• Changes in our Services

• New legal requirements

• Improved privacy practices

Material changes notified via email or platform notification 30 days before taking effect.

16. Data Protection Officer

For privacy concerns or questions:

• Email: hi@dmchamp.com

17. Supervisory Authority

EU residents may lodge complaints with:

• Dutch Data Protection Authority (Autoriteit Persoonsgegevens)

• Website: https://autoriteitpersoonsgegevens.nl

• Your local data protection authority

18. California Privacy Rights

California residents have additional rights under CCPA:

• Know what personal information is collected

• Know if personal information is sold or disclosed

• Say no to the sale of personal information

• Access personal information

• Equal service and price

To exercise these rights: hi@dmchamp.com

19. Consent and Agreement

By using our Services, you acknowledge that you have read and understood this Privacy Policy. For certain processing activities, we will seek explicit consent.

20. Language

This policy is provided in English. In case of translations, the English version prevails.

OneGlimpe B.V. (trading as DM Champ) The Netherlands hi@dmchamp.com CoC: 78315654 VAT: NL861343529B01