Privacy Policy

This Privacy Policy explains how Pipeline Labs LLC ("Pipeline Labs", "we", "us", or "our") collects, processes, and handles personal data in connection with our B2B data infrastructure services. We are committed to operating transparently and in accordance with applicable data protection legislation.

1. Data Controller

The data controller responsible for personal data processed by Pipeline Labs is:
Pipeline Labs LLC
30 N Gould St Ste N, Sheridan, WY 82801
Email: privacy@pipelinelabs.dev

2. What Data We Process

Pipeline Labs processes B2B professional contact information relating to individuals in their capacity as business professionals. This includes:

• Full name
• Job title and seniority
• Employer / company name
• Business email address
• Business telephone number
• Company size, industry, and location

We do not process sensitive personal data (special category data), financial data, or personal data relating to individuals in a private (non-professional) capacity.

3. Lawful Basis for Processing

GDPR — Legitimate Interest (Art. 6(1)(f))

Where applicable, we process B2B contact data on the basis of Legitimate Interest under Article 6(1)(f) of the General Data Protection Regulation (GDPR). Our legitimate interests are to provide B2B sales intelligence and contact discovery services to business clients. We have conducted a balancing test and are satisfied that the processing is proportionate, that data subjects would reasonably expect their professional contact information to be used for B2B outreach, and that such processing does not override individual rights.

CCPA — Business Purpose

Under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), we process B2B contact data for a business purpose. Pipeline Labs does not sell personal data as defined under CCPA. Data is provided to enterprise clients under contractual terms that restrict use to legitimate B2B business purposes only.

4. Data Sources

We source contact data exclusively from publicly available professional records. All contact records are verified across multiple independent public sources prior to inclusion in our database. We do not include contact data that cannot be independently corroborated. We do not purchase data from data brokers who obtain data through unlawful means, and we do not process data obtained from private or access-controlled systems.

5. How We Use the Data

We use the data we process to:

• Provide B2B lead data and contact intelligence services via the Apify Marketplace
• Develop and improve our proprietary data infrastructure and SaaS platform
• Supply data to enterprise clients for their own legitimate B2B outreach purposes
• Respond to data subject rights requests

6. Data Retention

We conduct a rolling 24-month review of all contact records in our database. Records that are no longer accurate, verifiable, or relevant are removed. Upon receipt of a valid erasure request, the relevant record will be deleted within 30 days and will not be re-introduced into our database.

7. Disclosure to Third Parties

Contact data may be shared with enterprise clients who have agreed to our terms of service, which restrict use to lawful B2B business purposes only. We do not sell personal data to third parties for advertising, profiling, or consumer marketing purposes. We do not share data with government or law enforcement agencies except where required by applicable law.

8. International Data Transfers

Pipeline Labs is based in the United States. Data processed by Pipeline Labs is stored and processed in the USA. Where contact data relates to individuals located in the European Economic Area (EEA) or United Kingdom, such transfers are conducted in accordance with applicable transfer mechanisms, including Standard Contractual Clauses (SCCs) where required.

9. Your Rights

Depending on your jurisdiction, you may have the following rights in relation to your personal data held by Pipeline Labs:

• Right of Access (SAR) — request a copy of the data we hold about you
• Right to Erasure — request deletion of your data from our database
• Right to Rectification — request correction of inaccurate data
• Right to Data Portability — receive your data in a structured, machine-readable format
• Right to Object — object to processing based on Legitimate Interest

To exercise any of these rights, contact our Data Privacy Officer at privacy@pipelinelabs.dev. We will respond within 30 days of receiving a valid request. We may ask you to verify your identity before processing your request.

10. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure, commensurate with the nature of the data processed.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date at the top of this page. Continued use of our services following any update constitutes acceptance of the revised policy.

12. Contact

For all data protection enquiries, Subject Access Requests, or to exercise your rights:
privacy@pipelinelabs.dev
Pipeline Labs LLC — 30 N Gould St Ste N, Sheridan, WY 82801