Privacy Policy

This Policy applies to information we collect through the ripdr website, application, and APIs (the "platform"). It does not apply to the people you contact through ripdr — when you upload contact data and send voicemail drops or missed calls, you are the data controller for that data and the sender of those communications, and you are solely responsible for providing any privacy notice and obtaining any consent required by law. ripdr acts as your processor and service provider for that data and uses it on your behalf and as otherwise described here.

By accessing the platform, you acknowledge and consent to the collection, use, disclosure, transfer, and retention of information as described in this Policy, to the fullest extent permitted by applicable law.

We collect a broad range of information, including:

• Account information — name, email, organization, role, and authentication identifiers managed through our auth provider.
• Billing information — plan, credit balance, transaction history, and payment-method metadata processed through Stripe (we do not store full card numbers).
• Contact and campaign data you upload — names, phone numbers, emails, titles, companies, list memberships, tags, notes, recordings, scripts, and any other fields you import.
• Communications data — call control identifiers, delivery and answer outcomes, missed-call results, inbound callback records, sequence and enrollment state, and related telephony metadata.
• Usage and device data — IP address, browser and device characteristics, pages viewed, actions taken, timestamps, request identifiers, and log data.
• Analytics and cookies — including Google Analytics identifiers and cookies we set (such as referral attribution and session cookies).
• Communications with us — support requests, emails, and any content you choose to send us.

We may use information for any lawful business purpose, including to:

• Provide, operate, maintain, secure, and improve the platform.
• Process payments, manage credits, and enforce billing.
• Route and deliver voicemail drops, missed calls, and related communications through our telephony and voice providers.
• Detect, investigate, and prevent fraud, abuse, security incidents, and violations of our Terms or applicable law.
• Develop new features, conduct analytics, and train and improve our models and heuristics using aggregated or de-identified data.
• Communicate with you about the service, including transactional and, where permitted, promotional messages.
• Comply with legal obligations and enforce our agreements.

We may create de-identified and aggregated data from any information we hold and use and retain it indefinitely for any lawful purpose without further obligation to you.

We share information in the following circumstances:

• Service providers and subprocessors — telephony carriers, voice synthesis, payment processing, enrichment, hosting, database, analytics, and email vendors that process data on our behalf.
• Within your organization — other members of your ripdr organization may access shared data.
• Legal and safety — to comply with law, legal process, or government request; to enforce our Terms; and to protect the rights, property, or safety of ripdr, our users, or others.
• Business transfers — in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as a business asset.
• With your direction or consent — including integrations you enable, such as HubSpot.

We do not sell personal information for money. To the extent that sharing for certain analytics or advertising purposes is deemed a "sale" or "sharing" under some state laws, you may exercise applicable opt-out rights as described below.

We retain information for as long as your account is active and thereafter for as long as we deem necessary to operate the platform, comply with our legal and regulatory obligations, resolve disputes, enforce our agreements, maintain security and backups, and pursue our legitimate business interests. We may retain de-identified and aggregated data indefinitely. Deletion requests are honored as described below, subject to our right to retain data where permitted or required by law.

We implement reasonable technical and organizational measures designed to protect information, including access controls, encryption in transit, and tenant isolation. However, no method of transmission or storage is completely secure, and we cannot and do not guarantee absolute security. You use the platform at your own risk and are responsible for safeguarding your credentials. To the extent permitted by law, we disclaim liability for any unauthorized access not caused by our gross negligence.

Depending on your jurisdiction, you may have rights to access, correct, delete, or port certain personal information, or to opt out of certain processing. For contact data you uploaded, those rights generally run to you as the controller; where ripdr is the controller of your account data, you may submit a request to hello@sumwest.com. We will verify your identity and respond as required by applicable law. We may decline requests that are unfounded, excessive, or that we are permitted to decline by law, and we will not discriminate against you for exercising your rights.

We use cookies and similar technologies for authentication, security, referral attribution, and analytics, including Google Analytics. You can control cookies through your browser settings, but disabling them may impair the platform. Where required, analytics may be governed by additional opt-out mechanisms described by the relevant provider.

ripdr is a business tool not directed to children and is not intended for use by anyone under 18. We do not knowingly collect personal information from children. If we learn we have collected such information, we will delete it.

ripdr is operated from the United States. If you access the platform from outside the United States, you consent to the transfer, storage, and processing of your information in the United States and other countries that may not provide the same level of data protection as your jurisdiction.

We may update this Policy at any time and in our sole discretion. Changes are effective when posted with an updated effective date. Your continued use of the platform after a change constitutes acceptance of the revised Policy. It is your responsibility to review this Policy periodically.

Questions or requests regarding this Policy may be directed to Summit West LLC DBA ripdr at hello@sumwest.com.