B2B Rocket, Inc. ("B2B Rocket," "we," "our," or "us") provides software tooling that helps companies prospect, enrich business‑contact data, and automate multichannel outreach. Protecting your privacy—and the privacy of the business contacts processed through our platform—is central to our mission.
This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit b2brocket.ai, app.b2brocket.ai, or otherwise interact with our products, services, or sales and marketing activities (collectively, the "Services"). Capitalized terms not defined here have the meanings given in our Terms of Service.
Age restriction – 18 years or older. You must be at least 18 to use the Services. We do not knowingly collect personal data from anyone under 18.
1. Information We Collect
1.1 Information you provide directly
Account & profile data. Name, company, job title, email address, telephone number, workspace‑owner details, and authentication credentials.
Billing data. Payment‑method details (handled by Stripe; see Stripe Privacy Policy).
Content. Prompts you send to our AI Agents, email copy, call scripts, or other content uploaded to or generated through the Services.
Imported contacts. When you upload spreadsheets or connect a CRM, those contacts are stored exclusively within your workspace and are never merged into our global database.
1.2 Information we collect automatically
Usage & telemetry. We instrument in‑app clicks, event timestamps, and feature adoption data—anonymized via Microsoft Clarity analytics—to understand product performance and improve usability.
Log data. IP address, browser type, device identifiers, referring URLs, pages viewed, and actions taken in the Platform.
Cookies & similar tech. Small files (Google Analytics, Microsoft Clarity cookies) that store session information. You can block cookies in your browser, but parts of the Services may not function.
Approximate geolocation. Derived from IP address or device settings to customize content and detect abuse.
1.3 Business‑contact data (Public‑source database)
We compile a Contact & Company Database from public records, open‑web crawling, government filings, professional social networks, and licensed data partners. These records can include, but are not limited to:
business‑contact names;
corporate email formats (algorithmically predicted);
company roles and firmographics;
technology footprints and publicly available phone numbers.
Accuracy notice. While we strive for accuracy, this database may contain outdated, inaccurate, or incomplete information.
Legal basis. We process business‑contact data under the “legitimate interest” ground of the GDPR and comparable statutes. We conducted a balancing test and believe the benefits for B2B communications outweigh any minimal privacy impact. Contacts may opt‑out at any time via links provided in each email.
Internal‑use license. Clients receive a non‑exclusive, non‑transferable right to use the data for their own direct B2B outreach. Reselling, redistributing, or sublicensing is prohibited.
2. How We Use Information
We process information only where we have a legal basis—your consent, a contract with you, our legitimate interests, or a statutory obligation.
Typical uses include:
Providing the Services. Account creation, authentication, delivering AI outputs, contact searches, outreach execution, and storing outreach content on Microsoft‑hosted servers for deliverability analytics.
Analytics & product improvement. Debugging, usage analysis, feature development, and improving AI performance—without using your identifiable content to retrain our AI models.
Processing transactions. Billing, subscription management, fraud prevention, and accounting.
Security & compliance. Detecting abuse, enforcing the Terms of Service, and complying with laws (e.g., CASL, CCPA/CPRA, GDPR, CAN‑SPAM, other applicable U.S. state privacy statutes).
Marketing (with consent). Sending product updates or demo invitations via email or SMS; you may opt out at any time.
3. How We Share Information
We disclose information only:
With your consent. For example, when you connect a third‑party integration.
To service providers. Secure vendors such as cloud hosting, email delivery, telephony, analytics, and Stripe—bound by confidentiality and used solely to provide services to us.
For legal reasons. To comply with court orders or lawful requests, or to defend against legal claims.
Corporate transactions. In connection with a merger, acquisition, financing, or sale of assets (notice will be provided).
We do not sell or rent personal data—including business‑contact data, imported contacts, or customer prompts—to third parties.
4. International Transfers
We are incorporated in Delaware (USA). Information may be processed and stored in the United States or any country where we or our providers operate. Where required, we rely on Standard Contractual Clauses and similar safeguards for cross‑border transfers.
5. Data Retention
Data category | Standard retention period |
Account & profile data | Active account + 12 months |
Billing & transaction records | 7 years (tax & audit) |
Outreach content (sent emails, call recordings) | Up to 24 months for deliverability and performance dashboards |
Encrypted backups | 7 years, then purged or anonymized |
Business‑contact database | Refreshed or removed as it becomes inaccurate |
When you request deletion under GDPR/CCPA, we remove copies within 30 days.
6. Your Rights & Choices
Depending on your jurisdiction, you may have rights to access, correct, delete, port, or object to processing of personal data. To exercise rights, email [email protected]. We respond within 30 days and may request reasonable verification (e.g., confirmation e‑mail or additional ID for sensitive requests). If you reside in the EEA, U.K., Switzerland, or a U.S. state with privacy statutes, you may lodge complaints with your local supervisory authority.
6.1 Marketing preferences
Email. Click “unsubscribe” in any marketing email or change settings in your account. Service and transaction emails will still arrive.
SMS. Reply “STOP” to any text or update preferences in your profile. Message & data rates may apply.
7. Security, Incident Response, and AI Disclaimers
Security measures. We use encryption in transit and at rest, least‑privilege access, and 24 × 7 monitoring. No internet transmission is 100 % secure; you use the Services at your own risk.
Incident response. If a breach involving user‑account data (not prospects from our database) occurs, we will notify affected users without undue delay as required by applicable law.
AI outputs. Users design the prompts and approval workflows; B2B Rocket is not responsible for decisions made solely by AI Agents. Users must review output for accuracy and compliance.
8. Cookies, Do‑Not‑Track & Analytics
We use Google Analytics and Microsoft Clarity cookies to understand site performance. Manage cookies in your browser or use tools such as the Google Analytics opt‑out add‑on. Because no uniform “Do Not Track” standard exists, we do not currently respond to DNT signals.
9. Compliance Statements
CASL. Express or implied consent prior to sending CEMs; clear identification; one‑click unsubscribe processed within 10 business days.
CAN‑SPAM & TCPA. All U.S. marketing emails and SMS comply with sender identification, opt‑out, and prior express written consent requirements. Carrier delivery may fail or be filtered; B2B Rocket and its telephony partners are not liable for such failures.
CCPA/CPRA & other U.S. state laws. We do not “sell” personal info as defined by these laws. Residents of California, Virginia, Colorado, Connecticut, and Utah may exercise statutory rights via [email protected].
GDPR. Legal bases include consent, contract performance, and legitimate interests. We have not appointed an EU Article 27 representative; EU data subjects may contact [email protected].
10. SMS & Demo Booking
By providing your mobile number, you consent to receive periodic SMS messages (frequency varies) related to product updates, demo scheduling, or account activity. Message & data rates may apply.
You can opt out at any time by replying “STOP” or following instructions in each message.
Mobile numbers are never shared with third parties.
Voice‑call services may be provided by integrated partners. Connection quality or carrier filtering is outside B2B Rocket’s control.
11. Changes to This Policy
We may update this Privacy Policy at any time without prior notice. We will post the revised version with an updated “Last updated” date. Material changes will be highlighted in‑app or by email where appropriate. Continuing to use the Services after a change means you accept the updated Policy.
12. Contact Us
Data Protection Team: [email protected]
Mailing address: 16192 Coastal Highway, Lewes, DE 19958
By using B2B Rocket you acknowledge that you have read and understood this Privacy Policy.