Privacy Policy — DobePros

1

Who We Are

DobePros is a proprietary contact extraction API that provides real-time business data enrichment services. We help agencies, sales teams, and media buyers extract decision-maker contact information from publicly available business websites.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website, create an account, or use our API services.

2

Data We Collect

We collect only the information necessary to provide and improve our services:

Account information: Your name and email address when you register for an API key.
Payment information: Payment details are processed securely by Stripe. We do not store your credit card numbers, CVVs, or full card details on our servers. Stripe provides us with a tokenized reference and basic transaction metadata (last four digits, expiration date, billing address).
Usage data: API request logs including timestamps, number of URLs processed, and your API key identifier. This helps us enforce rate limits, monitor abuse, and improve performance.
Communication data: Any messages you send to our support email, including the content of those messages and your email address.

3

Data We Do NOT Collect

Scraped results are not stored on our servers. When you submit URLs for extraction, our system crawls the target websites, processes the data in real-time, returns the results to you via the API response, and then discards the scraped data. We do not maintain a database of extracted contacts.

Specifically, we do not collect or retain:

The emails, phone numbers, or social profiles extracted from target websites
The content of the websites you submit for processing
Browsing history, IP-based tracking profiles, or device fingerprints
Any data from third-party tracking pixels or advertising networks

4

How We Use Your Data

We use the information we collect for the following purposes:

Service delivery: To authenticate your API requests, process your URL submissions, and deliver enriched contact data.
Billing and payments: To process your purchases, manage your subscription or credit balance, and send payment receipts.
Transactional communications: To send you account-related emails such as API key delivery, usage alerts, password resets, and billing confirmations.
Service improvement: To analyze aggregate usage patterns, identify performance bottlenecks, and improve extraction accuracy.
Abuse prevention: To detect and prevent fraudulent use, enforce rate limits, and protect the integrity of our infrastructure.

We do not sell, rent, or share your personal information with third parties for their marketing purposes.

5

Third-Party Services

We rely on a limited number of trusted third-party services to operate DobePros:

Stripe — Payment processing. When you purchase a plan, your payment information is sent directly to Stripe and processed under their Privacy Policy. We never handle or store your full card details.
Resend — Transactional email delivery. We use Resend to send account-related emails (API key delivery, password resets, billing receipts). Your email address is shared with Resend solely for the purpose of delivering these messages.

These services are contractually obligated to protect your data and are prohibited from using it for any purpose other than providing their services to us.

6

Cookies

DobePros uses a small number of functional cookies to manage authentication for our internal tools and free product access. We do not use tracking cookies, analytics cookies, or advertising cookies.

dp_sso — A signed, HTTP-only cookie that stores your verified email address after authenticating via Google. Used to grant access to internal team tools (e.g., SamKnows, Trajectory Dashboard). Expires after 30 days.
dp_lead — A signed, HTTP-only cookie that stores your email address after signing up for free product access (e.g., Meta Ad Spy, Lead Enricher free tier, Fingerprint). Expires after 30 days.

Both cookies are HTTP-only (not accessible to JavaScript), signed to prevent tampering, and contain only your email address. They are used solely for authentication and are never shared with third parties.

API-based authentication continues to use API keys passed in request headers, without cookies.

7

Data Security

We take the security of your data seriously and implement appropriate technical and organizational measures to protect it:

All data transmitted between your browser/application and our servers is encrypted using TLS (HTTPS).
API keys are hashed before storage and are never stored in plaintext.
Payment processing is handled entirely by Stripe, which is PCI DSS Level 1 certified.
Access to production systems is restricted to authorized personnel and protected by multi-factor authentication.
Scraped data is processed in-memory and discarded immediately after the API response is delivered.

While no system can guarantee absolute security, we continuously review and improve our security practices to protect your information.

8

Data Retention

We retain your data only as long as necessary to provide our services and comply with legal obligations:

Account data: Retained for the lifetime of your account. If you request account deletion, we will remove your personal information within 30 days.
API usage logs: Retained for 90 days for performance monitoring and abuse prevention, then automatically purged.
Payment records: Retained as required by applicable tax and financial regulations (typically 7 years).
Scraped data: Not retained. Results are returned in real-time and immediately discarded from our systems.
Support correspondence: Retained for 1 year after the last communication to provide context for future support requests.

9

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Under the California Consumer Privacy Act (CCPA):

The right to know what personal information we collect, use, and disclose about you.
The right to request deletion of your personal information.
The right to opt out of the sale of your personal information. Note: we do not sell personal information.
The right to non-discrimination for exercising your privacy rights.

Under the General Data Protection Regulation (GDPR):

The right to access your personal data and obtain a copy.
The right to rectification of inaccurate or incomplete data.
The right to erasure ("right to be forgotten").
The right to restrict or object to processing of your data.
The right to data portability.
The right to withdraw consent at any time.

To exercise any of these rights, contact us at support@dobepros.com. We will respond to your request within 30 days.

10

Children's Privacy

DobePros is a business-to-business service designed for professionals. Our services are intended for individuals who are 18 years of age or older.

We do not knowingly collect personal information from anyone under the age of 18. If we become aware that we have collected data from a minor, we will promptly delete that information from our systems. If you believe a minor has provided us with personal information, please contact us at support@dobepros.com.

11

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

Update the "Last updated" date at the top of this page.
Send a notification to the email address associated with your account for significant changes.
Post a prominent notice on our website if the changes materially affect how we handle personal data.

We encourage you to review this policy periodically. Your continued use of DobePros after any changes constitutes your acceptance of the updated policy.

12

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us:

Email: support@dobepros.com

We aim to respond to all inquiries within 2 business days.