Effective date: July 2026
Looply provides marketing automation for businesses. This policy covers two kinds of people: customers (businesses with Looply accounts) and contacts (people on our customers' lists).
Account details (name, email, business name), billing information (processed by Stripe — card numbers never touch our servers), and product usage data used to operate and improve the Service.
Customers upload their contact lists (names, emails, phone numbers, birthdays, visit history, consent records). For this data we act as a processor on the customer's behalf. We never sell contact data, never use it to build advertising profiles, and never message contacts except on the customer's instruction.
We keep an auditable log of every marketing opt-in and opt-out — including source, timestamp, and IP where available — to protect contacts' choices and support our customers' legal compliance.
Every marketing email includes an unsubscribe link and every SMS supports STOP — both take effect immediately. To request deletion of your data, contact the business that messaged you, or email us at privacy@looply.fun and we will assist.
We use vetted subprocessors to operate: payment processing (Stripe), email delivery, SMS delivery (telecommunications carriers), cloud hosting, and AI text generation for draft content. Each receives only the data needed for its function.
Data is encrypted in transit, tenant data is isolated per account, access is role-based, and sensitive actions are audit-logged. No system is perfectly secure; we will notify affected parties of any breach as required by law.
Customers can export or delete their contact data at any time. Closed accounts are deleted from production systems within 90 days, except records we must retain by law (e.g., billing).
We'll notify customers of material changes. Questions: privacy@looply.fun.