Privacy Policy

Last updated: January 15, 2025

1. Introduction

CCP De-Dupe ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Salesforce application and related services.

Key Points

  • We only process data necessary for duplicate detection
  • Your data never leaves the Salesforce environment
  • We comply with GDPR, CCPA, and other privacy regulations
  • You maintain full control over your data

2. Information We Collect

2.1 Salesforce Data

CCP De-Dupe processes data within your Salesforce organization to identify and merge duplicate records. This includes:

  • Standard and custom object records
  • Field values used for matching and merging
  • User activity logs related to duplicate detection
  • Configuration settings and matching rules

2.2 Usage Information

We collect information about how you use our application:

  • Feature usage statistics
  • Performance metrics
  • Error logs and diagnostic information
  • User preferences and settings

2.3 Account Information

When you subscribe to our service, we collect:

  • Contact information (name, email, company)
  • Billing and payment information
  • Subscription details and usage limits

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Provision

  • Detecting and merging duplicate records
  • Generating data quality reports
  • Providing customer support
  • Processing billing and payments

3.2 Service Improvement

  • Analyzing usage patterns to improve features
  • Identifying and fixing technical issues
  • Developing new functionality
  • Optimizing performance

3.3 Communication

  • Sending service notifications and updates
  • Providing technical support
  • Sharing product announcements (with consent)

4. Data Security and Storage

4.1 Security Measures

We implement industry-standard security measures to protect your data:

  • End-to-end encryption for data transmission
  • Secure data processing within Salesforce infrastructure
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms
  • Employee training on data protection practices

4.2 Data Location

Your Salesforce data is processed within your Salesforce organization and does not leave the Salesforce platform. Metadata and usage statistics may be stored on secure servers in Australia and the United States.

4.3 Data Retention

We retain your data only as long as necessary to provide our services:

  • Salesforce data: Processed in real-time, not stored permanently
  • Usage logs: Retained for 12 months for support and improvement
  • Account information: Retained for the duration of your subscription plus 7 years for legal compliance

5. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

5.1 Service Providers

We may share information with trusted third-party service providers who assist us in:

  • Payment processing
  • Customer support
  • Analytics and monitoring
  • Infrastructure hosting

5.2 Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal processes
  • Protect our rights and property
  • Ensure user safety
  • Investigate fraud or security issues

6. Your Rights and Choices

6.1 Access and Control

You have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Restrict processing activities

6.2 Communication Preferences

You can control how we communicate with you:

  • Opt out of marketing emails
  • Manage notification preferences
  • Update contact information

6.3 Data Portability

You can request a copy of your data in a machine-readable format and transfer it to another service provider.

7. Compliance and Certifications

7.1 Regulatory Compliance

CCP De-Dupe complies with major privacy regulations:

  • GDPR: European General Data Protection Regulation
  • CCPA: California Consumer Privacy Act
  • PIPEDA: Personal Information Protection and Electronic Documents Act (Canada)
  • Privacy Act 1988: Australian Privacy Principles

7.2 Salesforce Security

Our application leverages Salesforce's enterprise-grade security infrastructure, which includes:

  • SOC 2 Type II certification
  • ISO 27001 compliance
  • FedRAMP authorization
  • HIPAA compliance capabilities

8. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

9. International Data Transfers

If you are located outside Australia, your information may be transferred to and processed in Australia or other countries where our service providers operate. We ensure appropriate safeguards are in place for such transfers, including:

  • Standard contractual clauses
  • Adequacy decisions
  • Certification schemes

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Displaying in-app notifications

Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.

11. Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us:

Address:
CCP De-Dupe Privacy Officer
Level 15, 1 Margaret Street
Sydney NSW 2000
Australia