Privacy Policy

1. Who We Are

Rapid Affiliates provides a platform enabling Clients to create and manage affiliate programs and for Affiliates to track their performance. PureSoft Labs OÜ is the parent company responsible for data processing, and we ensure compliance with GDPR, CCPA, and other applicable data protection laws.

2. Data We Collect

We collect only the basic information necessary to provide our services. This may include:

2.1 Information You Provide to Us:

• Clients: Name, email address, billing details, payment information, and any company details necessary for subscription setup.
• Affiliates: Name, email address, payment details, and other profile information used to track referrals and process payouts.

2.2 Automatically Collected Data:

• IP address, browser type, operating system, and usage data (e.g., pages visited, time spent on the platform).
• Cookies and similar technologies to enhance user experience and track user behavior.

2.3 Third-Party Data:

• Information from integrated third-party services such as Stripe for payments, Firebase for authentication, and Google Analytics for usage analytics, if applicable.

3. Data We Collect (For CCPA)

For California residents, the types of personal information we collect fall under the following categories:

• Identifiers: Name, email address, IP address, and unique user identifiers.
• Personal Information Categories: Billing details, payment information, company details, and profile information.
• Commercial Information: Transaction data related to subscriptions and affiliate payouts.
• Internet or Other Electronic Network Activity: Browser type, pages visited, and usage data.
• Geolocation Data: Approximate location derived from IP address.

4. How We Use External Services

We rely on external services to support essential platform features and business operations:

• Google Analytics (provided by Google Inc.): Used to analyze website traffic and usage patterns, helping us improve user experience. Google Analytics may collect your IP address and usage data; however, we do not share personal data that can directly identify you with Google.
• Firebase (provided by Google LLC): Used for user authentication and to securely manage user sessions. Firebase may store email addresses or other data necessary for login and account recovery.
• Stripe (provided by Stripe, Inc.): Used to process subscription fees and affiliate payouts. Stripe may collect payment details (e.g., credit card or bank information) to facilitate transactions.
• Azure (provided by Microsoft Corporation): Used for hosting, MySQL databases, and other infrastructure. Azure may process data (including logs) to ensure reliable service operation and security.

5. How We Use Your Data

We process personal data for the following purposes:

• Providing Services: To deliver our platform’s functionality to Clients and Affiliates.
• Communication: To send updates, respond to inquiries, and provide user support.
• Billing and Payments: To process subscription fees for Clients and affiliate payouts for Affiliates.
• Compliance: To comply with legal obligations (e.g., tax, accounting, and regulatory requirements).
• Improvement: To analyze usage trends and user interactions, allowing us to enhance the platform’s features.
• Security: To maintain a secure environment by detecting and preventing fraudulent or unauthorized activity.

6. Legal Basis for Processing

We process personal data under the following legal bases. For each category of processing, the corresponding legal ground is as follows:

• Contractual Necessity: Data required for delivering our services (e.g., processing subscription payments and affiliate payouts) is processed to fulfill our contractual obligations with you.
• Legitimate Interests: Certain data (such as usage analytics and performance metrics) is processed under our legitimate interests to operate, improve, and secure our platform. These interests are balanced against your fundamental rights.
• Consent: For optional services (such as receiving marketing communications), processing is based on your explicit consent. You may withdraw your consent at any time without affecting the lawfulness of processing that occurred prior to withdrawal.
• Legal Compliance: We process data as necessary to meet our legal and regulatory obligations, including financial and tax reporting.

7. Data Subject Request Procedures

To exercise your rights under the CCPA or GDPR—including the right of access, rectification, erasure, restriction of processing, data portability, and objection—please submit your request by sending an email to our Data Protection Officer at [[email protected]]. We commit to responding to all valid requests within the timeframes required by applicable law.

8. Data Protection Impact Assessments (DPIAs)

For processing activities that may pose a high risk to your rights and freedoms, we conduct Data Protection Impact Assessments (DPIAs). If you would like more information about our DPIA process, please contact our Data Protection Officer.

9. Sharing Your Data

We may share your personal data with trusted third parties under the following circumstances:

• Service Providers: Such as hosting providers, payment processors, analytics partners, or authentication services that assist in delivering our services. These processors are contractually obligated to protect your data.
• Legal Requirements: To comply with legal processes, respond to requests from public and government authorities, or meet national security or law enforcement requirements.
• Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction.

We ensure that all data processors comply with GDPR and CCPA and apply appropriate safeguards to protect your personal data.

10. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce agreements. Once your data is no longer required, we will securely delete or anonymize it.

11. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or otherwise subject to the GDPR, you have the following rights regarding your personal data:

• Right of Access: You can request information about the personal data we hold about you.
• Right to Rectification: You can request correction of inaccurate or incomplete personal data.
• Right to Erasure: You can ask us to delete your personal data when it is no longer needed for the purposes outlined above.
• Right to Restrict Processing: You can request that we limit how we process your data in certain circumstances.
• Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Object: You can object to the processing of your personal data where the legal basis is our legitimate interests.
• Right to Withdraw Consent: If we process your data based on consent, you have the right to withdraw that consent at any time.
• Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, please contact our Data Protection Officer at [[email protected]]. We will respond to your request within the timeframes required by applicable data protection laws.

12. Your Rights Under CCPA (California Consumer Rights)

For residents of California, we provide the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You have the right to request information about the categories of personal information we collect, the sources of that information, the purposes for which it is used, and the categories of third parties with whom we share your data.
• Right to Delete: You have the right to request that we delete your personal information, subject to certain exceptions required by law.
• Right to Opt-Out: We do not sell any personal information. However, should our practices change in the future, you will have the right to opt-out of any sale of your personal data through a dedicated mechanism.
• Right to Non-Discrimination: Exercising your rights under the CCPA will not result in any form of discrimination, such as denial of services or different pricing.

If you are a California resident and wish to exercise any of these rights,, please contact our Data Protection Officer at [[email protected]]. We will process your request in accordance with the requirements of the CCPA.

13. Do Not Sell My Personal Information

Although we currently do not sell any personal data, if our practices change, you will have the option to opt out of any sale of your information via contacting our Data Protection Officer.

14. International Data Transfers

If your data is transferred outside the European Economic Area (EEA), we ensure it receives an adequate level of protection by using approved safeguards, such as Standard Contractual Clauses or other lawful transfer mechanisms.

15. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include encryption, secure hosting on Azure, access controls, and regular security audits. However, no method of transmission over the Internet or method of electronic storage is 100% secure, so we cannot guarantee absolute security.

16. Children's Privacy

Our platform is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we learn that we have inadvertently collected data from a child, we will delete it promptly.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other factors. Any updates will be posted with a revised effective date. We encourage you to review this Privacy Policy regularly.

18. Contact Us

If you have any questions or concerns about this Privacy Policy, or if you would like to exercise your data protection rights, please contact:

• Product Email: [[email protected]]
• Data Protection Officer: [[email protected]]
• Company Email: [[email protected]]