Privacy Policy
How PipeRocket Digital collects, uses, stores, and protects personal data from website visitors and B2B SaaS clients. GDPR and CCPA compliant.
What this policy covers
This Privacy Policy explains how PipeRocket Digital (“PipeRocket”, “we”, “us”, “our”) collects, uses, shares, and protects personal data when you visit piperocket.digital or any of its sub-paths, contact us, request a proposal, apply to a role, or engage us for B2B SaaS marketing services. It sits alongside our Cookies Policy and our Terms and Conditions . If anything in those documents conflicts with this policy on a data-handling question, this Privacy Policy controls.
By using the website or sharing information with us, you agree to the practices described here. If you do not agree, please do not use the site or submit information to us.
Who is responsible for your data
PipeRocket Digital is the controller of the personal data described in this policy for website visitors and prospective clients. Where we process personal data on behalf of a client as part of a paid engagement, we act as a processor under that client’s instructions, and a separate Data Processing Addendum (“DPA”) governs that relationship. This policy covers our role as a controller; the DPA covers our role as a processor.
You can reach us about any privacy matter at editorial@piperocket.digital .
What data we collect
We collect only what we need to run the website, respond to enquiries, deliver services, and meet our legal obligations. We group the data into the categories below.
Information you give us
- Contact and enquiry data. Your name, work email, company, role, phone number (if you provide it), and the content of any message you send through a contact form, proposal request, partnership application, or demo booking.
- Recruitment data. If you apply to a role, the information in your application, CV, portfolio links, and any correspondence about the role.
- Engagement data. If you become a client, the business and billing details, points of contact, and account access needed to deliver the services set out in your statement of work.
Information we collect automatically
- Usage and device data. IP address, browser type, device type, operating system, referring URL, pages viewed, time on page, and similar analytics events, collected through cookies and similar technologies described in our Cookies Policy .
- Marketing attribution data. UTM parameters, campaign identifiers, and referral source when you arrive from a paid campaign, an outbound email, or a partner link.
Information from third parties
- Enrichment and CRM data. Publicly available business information and data from tools such as HubSpot, LinkedIn, and B2B enrichment providers that help us understand whether we are a fit for your needs.
- Advertising and analytics platforms. Aggregated conversion and audience data from platforms such as Google Ads, Meta, and LinkedIn.
We do not knowingly collect special-category data (such as health, religion, or biometric data), and we do not seek it through the site. Please do not send us special-category data.
How we use your data
We use personal data for the following purposes:
| Purpose | Examples | Legal basis (GDPR) |
|---|---|---|
| Respond to enquiries | Replying to a contact form, proposal request, or demo booking | Legitimate interests; steps toward a contract |
| Deliver services | Running SEO, PPC, ABM, content, and reporting for a client | Performance of a contract |
| Run and improve the site | Measuring usage, fixing errors, improving page speed and content | Legitimate interests; consent for non-essential cookies |
| Marketing | Sending relevant service content and retargeting known visitors | Consent, or legitimate interests where permitted |
| Recruitment | Reviewing applications and communicating about roles | Steps toward a contract; legitimate interests |
| Legal and security | Preventing abuse, enforcing our Terms, meeting legal duties | Legal obligation; legitimate interests |
Where we rely on consent (for example, non-essential cookies or marketing email), you can withdraw it at any time without affecting processing that happened before withdrawal.
How we share your data
We do not sell your personal data. We share it only in these situations:
- Service providers (processors). Vendors that help us run the business under contract, such as hosting, analytics, CRM, email, and advertising platforms. Each is bound to process data only on our instructions and to keep it secure. The vendors that set cookies are listed in our Cookies Policy .
- Clients. If your enquiry relates to a partnership or referral, we may share the relevant details with the specific client or partner involved, with your knowledge.
- Professional advisers. Lawyers, accountants, and auditors where reasonably necessary.
- Legal and safety. Where required by law, court order, or regulator, or to protect our rights, users, or the security of the site.
- Business transfers. If we are involved in a merger, acquisition, or asset sale, personal data may transfer as part of that transaction, subject to this policy.
International data transfers
We operate across regions and use service providers based in different countries, including the United States. Where we transfer personal data out of the UK, the European Economic Area, or another restricted region, we rely on an appropriate safeguard, such as the European Commission’s Standard Contractual Clauses or an adequacy decision, so your data keeps an equivalent level of protection.
How long we keep your data
We keep personal data only as long as we need it for the purpose we collected it, or as long as the law requires.
- Enquiry data is kept for up to 24 months after our last contact, unless you become a client.
- Client engagement data is kept for the length of the engagement and for the retention period required by tax, accounting, and contractual obligations after it ends (typically up to 7 years).
- Recruitment data is kept for up to 12 months after a decision, unless you ask us to remove it sooner or agree to us keeping it for future roles.
- Analytics data follows the retention periods set out in our Cookies Policy .
When a retention period ends, we delete or anonymise the data.
Your rights
Depending on where you live, you have some or all of the following rights over your personal data.
Under the GDPR (UK/EU)
- Access a copy of the personal data we hold about you.
- Rectify data that is inaccurate or incomplete.
- Erase your data in certain circumstances (“right to be forgotten”).
- Restrict or object to certain processing, including direct marketing.
- Data portability for data you provided, in a machine-readable format.
- Withdraw consent at any time where we rely on it.
- Complain to a supervisory authority, such as the UK Information Commissioner’s Office.
Under the CCPA/CPRA (California)
- Know what personal information we collect, use, and disclose.
- Delete personal information we hold about you, subject to exceptions.
- Correct inaccurate personal information.
- Opt out of the “sale” or “sharing” of personal information. We do not sell personal information, and we honour recognised opt-out signals for cross-context behavioural advertising.
- Non-discrimination for exercising your rights.
To exercise any right, email editorial@piperocket.digital . We will verify your identity before acting and respond within the timeframe the law requires (generally 30 days under the GDPR and 45 days under the CCPA). You may use an authorised agent where the law allows.
How we protect your data
We use technical and organisational measures appropriate to the risk, including encryption in transit (HTTPS), access controls on internal systems, vendor due diligence, and the principle of least privilege for who can see what. No method of transmission or storage is completely secure, so we cannot guarantee absolute security, but we work to protect your data and to notify you and any regulator where the law requires if a breach affects you.
Marketing communications
If you opt in to marketing, or where we are permitted to email you about services similar to those you enquired about, we may send you relevant content. Every marketing email includes an unsubscribe link, and you can opt out at any time by using that link or by emailing us. Opting out of marketing does not stop service or transactional messages tied to an active engagement.
Cookies and tracking
We use cookies and similar technologies to run the site, measure usage, and support marketing. What we set, why, and how to manage your preferences is described in full in our Cookies Policy .
Children’s privacy
The website and our services are intended for businesses and professionals. We do not direct the site to children and do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, contact us and we will delete it.
Third-party links
Our site and content may link to third-party websites and platforms. We are not responsible for the privacy practices of those third parties. We encourage you to read the privacy policy of any site you visit from ours.
Changes to this policy
We review this policy at least annually and whenever we make a material change to how we handle personal data. The “Last updated” date below reflects the most recent revision. Where a change materially affects your rights, we will take reasonable steps to notify you, such as a notice on the site.
Last updated: July 5, 2026
Contact
Questions, requests, or complaints about this Privacy Policy or your personal data can go to:
PipeRocket Digital
editorial@piperocket.digital