Newsletter

Stay up to date with our news, ideas and updates

Get Started

Privacy Notice (Privacy Policy)

Last Updated: 06/11/2025

This Privacy Notice explains how Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”) collects, uses, stores, and protects personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

It applies to:

  1. Visitors and users of https://cocopipe.com (marketing website, blogs, contact forms, etc.), and
  2. Registered users of the Cocopipe App (our SaaS platform for CRM and sales pipeline management).

For any privacy inquiries, contact: [email protected]

1. Data Controller

Cocopipe OÜ acts as the data controller for personal data processed through both its website and application.

Cocopipe may engage trusted third-party data processors (e.g., hosting, payment, analytics, or communication providers) to support operations, all of whom are contractually bound to comply with GDPR.

Section A – Privacy Notice for Website Visitors

2. Scope

This section applies to individuals visiting or interacting with Cocopipe’s websites, including https://cocopipe.com and related subdomains (the “Website”).

3. Data We Collect

We may collect the following categories of personal data:

  • Technical Data: IP address, browser type, device identifiers, operating system, referral URL.
  • Analytics Data: usage statistics, page views, time on site, click events.
  • Form Data: name, email address, company name, and message when you fill out a contact or newsletter form.

Cookies and Tracking: small data files stored on your device to improve functionality, analytics, and marketing.

4. Purposes and Legal Bases

Purpose
Legal Basis (GDPR Art. 6)
Provide and operate the Website
Legitimate interest
Monitor performance and improve usability
Legitimate interest
Manage cookies, marketing tools, and analytics
Consent
Respond to inquiries or contact form submissions
Legitimate interest / Consent
Ensure network security and prevent abuse
Legitimate interest

5. Cookies and Tracking Technologies

Cocopipe uses cookies and similar technologies for:

  • Essential functions (e.g., login sessions, navigation),
  • Analytics (e.g., Google Analytics with anonymized IPs),
  • Marketing (e.g., email signup tracking, retargeting ads).

You can control your preferences through our on-site Cookie Settings banner or browser options. For details, see our separate Cookie Policy.

6. Third-Party Tools

Our Website may use external services such as analytics, social media widgets, or embedded videos (e.g., YouTube, LinkedIn).

These third parties may collect personal data through their own technologies; Cocopipe does not control their tracking methods.

Please review their respective privacy policies for more information.

7. Data Retention

  • Analytics and log data are retained for up to 26 months.
  • Contact form submissions and newsletter data are retained for up to 12 months or until you withdraw consent.
  • Cookies expire according to the preferences selected in the Cookie Settings banner.

8. International Transfers

Website data may be processed by third-party vendors located outside the EU/EEA. Where applicable, Cocopipe ensures adequate safeguards such as Standard Contractual Clauses (SCCs).

Section B – Privacy Notice for Cocopipe App Users

9. Scope

This section applies to individuals or organizations who create an account and use the Cocopipe App (free, trial, or paid).

10. Scope

We process the following categories of data when you register or use the App:

  • Account Data: name, email address, password, company, team members.
  • Billing Data: payment method, billing address, VAT number (processed via secure third-party payment processors).
  • Usage Data: login times, activity logs, device/browser info, IP address.
  • Customer Data: contacts, deals, notes, and content you upload into your Cocopipe account.
  • AI Data: prompts and outputs generated through CocoAI (processed for feature delivery and anonymized improvement).
  • Support Data: communications with our support or technical team.

11. Purposes and Legal Bases

Purpose
Legal Basis (GDPR Art. 6)
Provide and operate the Cocopipe App
Contractual necessity (Art. 6(1)(b))
Manage billing, payments, and account renewals
Contractual necessity / Legal obligation
Provide customer support and technical assistance
Contractual necessity
Analyze and improve service performance
Legitimate interest
Monitor and prevent fraud or security incidents
Legitimate interest / Legal obligation
Comply with tax and audit obligations
Legal obligation

12. Data Sharing and Subprocessors

We may share limited personal data with carefully selected subprocessors, including:

  • Hosting providers (EU-based data centers),
  • Payment processors (PCI-DSS certified),
  • Email and communication tools,
  • Analytics or monitoring providers.

All subprocessors operate under written agreements ensuring GDPR compliance. An up-to-date list can be requested from [email protected].

13. International Data Transfers

Customer data is primarily stored in the European Union (EU). If transferred outside the EU, Cocopipe implements safeguards under GDPR Chapter V (e.g., SCCs or adequacy decisions).

14. Data Retention

Cocopipe retains Customer Data while the account is active. Upon deletion, all Customer Data (including contacts, deals, tasks, and files) is permanently deleted after 30 days, except for anonymized backups retained up to 90 days for security purposes.

See also: Data Retention Policy and Data Processing Addendum (DPA).

15. Security

Cocopipe uses technical and organizational measures including:

  • Data encryption in transit and at rest,
  • Role-based access control (RBAC),
  • Network intrusion detection,
  • Periodic audits of subprocessors (ISO 27001 / SOC 2 / equivalent).

16. Your Rights

As a data subject, you have the right to:

  • Access and obtain a copy of your personal data,
  • Rectify inaccuracies,
  • Request deletion (“right to be forgotten”),
  • Restrict or object to certain processing,
  • Request data portability,
  • Lodge a complaint with your local authority or the Estonian Data Protection Inspectorate.

To exercise these rights, contact [email protected]. Cocopipe will respond within one month in compliance with GDPR.

17. Automated Processing and AI Outputs

Cocopipe does not use automated decision-making that produces legal or significant effects. AI outputs generated via CocoAI are for informational purposes only and are not guaranteed to be accurate, complete, or suitable for reliance.

18. Data Security and Confidentiality

All personal data—whether from Website or App use—is processed confidentially. Access is limited to authorized personnel under strict access control and monitoring.

19. Updates to this Privacy Notice

We may update this Privacy Notice periodically to reflect operational, legal, or regulatory changes. Material changes will be communicated via email or in-app notification prior to enforcement.

The latest version will always be available at https://cocopipe.com/privacy-policy/.

20. Contact

For any questions or privacy-related requests, contact: