Privacy Policy 

Effective Date: Dec 28th, 2023

1. Introduction


TheySaid, Inc. (“TheySaid”) is committed to protecting and respecting your privacy. This Privacy Policy (“Policy”) details our commitment to protecting the privacy of individuals who visit our Website and use our Services (“Subscribers” or “You”). This Policy describes how TheySaid collects, uses, shares and secures the personal information you provide. It also describes your choices regarding use, access and correction of personal information and how it can be accessed and updated. In case of any questions or complaints regarding our Policy or practices, please get in touch at 
support@theysaid.io


2. Scope of This Policy

This Policy applies to the information that we obtain through your use of "Services" or when you otherwise interact with TheySaid.

“Subprocessors” shall have the meaning ascribed to it in the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“General Data Protection Regulation” or “GDPR”). Sub-processors are provided at https://www.theysaid.io/subprocessors.

“Services” means the services provided by TheySaid through its messaging and productivity platform (the “Platform”).

“Personal Information” means information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as family name, first name, photograph, postal address, email address, telephone numbers, date of birth, data relating to your transactions on the Website, detail of your orders and subscriptions, bank or credit card number, Payment Information as well as any other information about you that you choose to provide us with. The use of information collected through our Service shall be limited to the purpose of providing the Service for which you have engaged with us.


3. Data Protection Officer

To communicate with our Data Protection Officer, please email privacy@theysaid.io 


4. TheySaid is a Data Processor/Service provider for its customers

Data protection law in certain jurisdictions differentiates between the “Data Controller” and “Data Processor” under the EU General Data Protection Regulation (“GDPR”), a “service provider” under the California Consumer Privacy Act (“CCPA”) of information. In general, TheySaid’s customers, and not TheySaid determine how and why personal data submitted to the TheySaid Service is used, either by or at the direction of such customers. With respect to Personal Data, TheySaid customers are the “Data Controller”, TheySaid is the “Data Processor” under (“GDPR”), a “service provider” under (“CCPA”) of Customer Data. This Privacy Policy describes how TheySaid processes Personal Data as a Data Process/Service Provider for the purpose of providing the TheySaid Service to our customers pursuant to the applicable data processing terms with those customers.

As Data Controllers, TheySaid’s customers are responsible for disclosing the rights of individuals (“Data Subjects”) with respect to their Personal Data and other information regarding the collection and use of that Personal Data, in accordance with the GDPR, CCPA, and other laws requiring such disclosures.

5. Personal Data Processed Under this Policy


TheySaid acts as a Data Process/Service Provider with respect to any Personal Data comprised in the Customer Data, By “Customer Data” we mean the content or information which individuals authorized by a customer submit to the TheySaid Service.


6. Information we collect

Registration and Contact Information. We collect personal information about you when you (a) register to use the Services and (b) otherwise provide contact information to us via email. This information you provide may include your username, first and last name, email address, mailing address or phone number. We do not collect or process any special category data from you (example: any data revealing racial/ ethnic origin, political opinions, religious/ philosophical beliefs, processing of genetic data, biometric data, etc.).

Payment Information. When you purchase the Services, we will also collect transaction information, which may include your credit card information, billing and mailing address, and other payment-related information (“Payment Information”).

Technical, Usage and Location Information. We automatically collect information on how you interact with the Service, such as the IP address from which you access the Service, email receipts and views, and date and time and information about your browser. We use cookies and similar technologies to collect some of this information.

Third Party Platforms. We may collect information when you interact with our advertisements and other content on third-party sites or platforms integrated into the Services, such as email, chat or social networking sites.

Analytics. We collect analytics information when you use Services to help us improve them. We may also share anonymous data about your actions on our website with third-party service providers of analytics services.


7. How We Use the Information We Collect

We use your information to administer your account, authenticate and provide access to Services and to process payment for the Services. We also will use your information to send you communication regarding the Services, including maintenance and customer support communications as well as promotions and special offers or information about new products and services.

Legal Basis for Processing (EEA only):

If you are an individual from the European Economic Area (EEA), our legal basis for collecting and using the personal information will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you only where: (a) we have your consent to do so, (b) where we need the personal information to fulfill our contractual obligations with you (e.g. to deliver the Services you have requested), or (c) where the processing is in our legitimate business interests (as defined in the GDPR). In some cases, we may also have a legal obligation to collect personal information from you, or we may otherwise need the personal information to protect your vital interests or those of another person.

Where we rely on your consent to process the personal information, you have the right to withdraw or decline or opt-out of providing your consent at any time. Please note that this does not affect the lawfulness of the processing based on consent before its withdrawal.


8. Usage of Google APIs

TheySaid Inc's use of information received from Google APIs will adhere to Google API Services User Data Policy including the Limited Use requirements.


9. Sharing of Information Collected

We do not sell, trade, share or transfer your personal information to third parties, except in the following limited circumstances:

We may share your personal information with third parties to permit such parties to provide services that help us to provide our business activities, which may include assisting us with marketing, advertising our product/service offerings, or providing, maintaining and improving the features and functionality of the Services, among other things (“Subprocessors”). All third parties are engaged under contract and obliged to meet appropriate security requirements and comply with all applicable legislation; We may share your personal information when we have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to: (a) satisfy any applicable law, regulation, legal process or enforceable governmental request; (b) enforce a Customer Agreement, including investigation of potential violations thereof; or (c) protect against imminent harm to our rights, property or safety, or that of our users or the public as required or permitted by law; We may share your personal information with third parties (including our Subprocessors and government entities) to detect, prevent, or otherwise address fraud or security or technical issues; We may share your Payment Information to process your payments, as further described below; and We may share and/or transfer your personal information if we become involved in a merger, acquisition, bankruptcy, or any form of sale of some or all of our assets;


10. Payment Information

When you purchase the Services, any banking or credit card information you provide as part of your Payment Information is collected and processed directly by our payment processor. We never receive or store your full credit card information.


11. Onward Transfer of Personal Data

We may transfer information that we collect about you, including personal information, to affiliated entities, or to other third parties (including our Subprocessors) across borders and from your country or jurisdiction to other countries or jurisdictions around the world. If you are located outside the U.S. please note that you are transferring information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to the U.S. and the use and disclosure of information about you, including personal information, as described in this Policy. We shall at all times provide an adequate level of protection for the Customer Data processed, in accordance with the requirements of applicable Data Protection Laws.


12. Privacy Shield Frameworks

TheySaid participates in and has certified its compliance with the EU-U.S. and Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information transferred from the European Union and Switzerland to the United States. TheySaid has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view Our certification, please visit https://www.privacyshield.gov/ 

TheySaid is overseen by the US Federal Trade Commission (FTC) and US laws shall be applicable to questions of interpretation and compliance with this Policy. JAMS is the US-based independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance – free of charge to you. We ask that you first submit any such complaints directly to us at privacy@theysaid.io. If you are not satisfied with our response, please contact JAMS at www.jamsadr.com/eu-us-privacy-shield. In the event that your concern still is not addressed by JAMS, you may be entitled to a binding arbitration under Privacy Shield and its principles.

If we have received your personal information under the Privacy Shield and subsequently transfer it to a third party service provider for processing, we will remain responsible if they process your personal information in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.


13. CCPA

Beginning January 1, 2020, in order for TheySaid (and you as Subscribers) to comply with the California Consumer Privacy Act of 2018, as amended (Cal. Civ. Code §§ 1798.100 to 1798.199), and any related regulations or guidance provided by the California Attorney General (collectively the “CCPA”), we have established the 
CCPA Supplemental Privacy and Security Requirements Annex ("Annex")

. The terms of the Annex will be incorporated into all agreements under which you and/or your affiliates process personal information on behalf of TheySaid ("Agreements") effective January 1, 2020.


12. Cookies

When you use our Websites or Services, we may store some information on your computer. This information will be in the form of a “cookie” or similar technologies. Cookies are alphanumeric identifiers that are transferred to your computer or mobile device from your browser. We do not use cookies to spy on you or otherwise invade your privacy. They cannot invade your hard drive and steal information. We use cookies to help you navigate the website and Services as easily as possible, and to remember information about your current session. You must enable cookies on your web browser to use the Services.


13. Communications Preferences

We offer those who provide personal information a means to choose how we use the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of our marketing emails or you may send a request to privacy@theysaid.io 

14. How Long We Retain Your Personal Information

We will retain your personal information for as long as is needed to fulfill the purposes outlined in this Policy, unless a longer retention period is necessary, required or permitted by law for archiving purposes in the public interest or for statistical purposes. We delete all your data upon written request, except as otherwise prohibited by applicable law.


15. Accessing and Updating your personal information

Where we have not obtained personal information from you directly, but from the Subprocessors or any other sources, you shall be intimated about the identity and contact details of the controller, purpose, recipients of personal information, etc. within a reasonable time period. To request this information please contact us at privacy@theysaid.io. To make a request to have personal information returned to you or removed, please email support@theysaid.io Requests to access, change, or remove your information will be handled within thirty (30) days.


16. Rights

To ensure fair and transparent processing, you shall have the right to request access to your personal information, or request rectification, deletion or restriction of the processing of your personal information by emailing 
privacy@theysaid.io

ou shall also have the right to request information of the recipients of the personal information and the right to know the source from where your personal information originated in the event it was not obtained directly from you.

17. Children’s Personal Information

We do not knowingly collect any personal information from children under the age of 18. If you are under the age of 18, please do not submit any personal information through our Websites or Services. If you have reason to believe that a child under the age of 18 has provided personal information to us through the website or Services, please contact us at privacy@theysaid.io, and we will use commercially reasonable efforts to delete that information.


18. Security

The security of your personal information is important to us. We maintain a variety of appropriate technical and organizational safeguards to protect your personal information. We limit access to personal information about you to employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their jobs. Further, we have implemented reasonable physical, electronic, and procedural safeguards designed to protect your personal information. No method of transmission over the Internet, method of electronic storage or other security methods are one hundred percent secure. Therefore, while we strive to use reasonable efforts to protect your personal information, we cannot guarantee its absolute security.


19. Vulnerabilities

If you think you've found a security vulnerability, or a problem that puts our users, their emails, or messages at risk, please email our security team. We will respond within 72 business hours, and would love to work with you to make TheySaid safer for everyone security@theysaid.io 


20. Changes to This Policy


We reserve the right to change our Privacy Policy at any time. If we make material changes to this policy, we will notify you by email or through a prominent notice on the website prior to the changes being effective. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of the Websites or the Services constitutes your agreement to be bound by such changes to this Policy. You can choose to discontinue use of the websites or Services if you do not accept the terms of this Policy, or any modified version of this Policy.


21. Contact Us

If you have questions or need to contact us about this Privacy Policy, please email us at 
support@theysaid.io