Newsletter

Stay up to date with our news, ideas and updates

Get Started

Terms of Service

Last Updated: 05/11/2025

Welcome to Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”). These Terms of Service (“Terms”, “Agreement”) govern your access to and use of the Cocopipe platform, including our web application, mobile applications, public APIs, and related services (collectively, the “Services”).

By registering for, accessing, or using the Services, you agree to be bound by these Terms and all additional documents incorporated by reference.

If you do not agree, you may not access or use the Services.

1. Scope of Services

Cocopipe provides an AI-assisted sales CRM and pipeline management platform (“Cocopipe App”) including modules such as Contacts, Deals, Pipelines, Reports, Dashboard, Task Management, and CocoAI (AI Copilot).

Services are accessible via:

  • Web application: https://app.cocopipe.com
  • iOS & Android apps
  • Public API & Webhooks

A free plan is available, and all paid plans include a 14-day trial.

Features, limits, and pricing are shown on the Pricing Page.

Cocopipe reserves the right to add, modify, or remove features at its discretion, as announced on the Changelog.

Beta or experimental features may be introduced and can be changed or removed without notice.

For feature-specific rules, see the Product-Specific Terms.

2. Account and Access

2.1 Registration

Users register using a valid email address and password.

Each organization account has one Admin User who controls billing and can add or remove Seat Users (team members).

2.1 Account Security

Users are solely responsible for maintaining account credentials.

Unauthorized access must be reported immediately to [email protected].

Cocopipe may require verification before restoring access.

2.3 Account Ownership & Transfer

Admin ownership may be transferred upon verified written request from the registered email.

Cocopipe may perform reasonable verification (including proof of identity or business domain validation).

For details, see Account Lifecycle Policy.

2.4 Account Inactivity & Deletion

Inactive accounts (no login for 6 months) will be notified via registered email and suspended after 30 days if no activity occurs.

User data is retained for 30 days post-deletion, after which it is permanently deleted, per the Data Retention Policy.

Suspension and reactivation rules are detailed in the Suspension Policy.

 

3. Acceptable Use

Users must use Cocopipe lawfully and refrain from:

  • Sending spam or unsolicited messages,
  • Hacking, probing, or accessing other accounts,
  • Using CocoAI to produce misleading or manipulative content,
  • Engaging in fraud, money laundering, or any illegal activity,
  • Circumventing usage limits or payment mechanisms.

Full prohibited use list: Acceptable Use Policy.

4. Fees and Payments

4.1 Subscription & Billing

Cocopipe offers paid subscriptions billed monthly or annually.

Pricing and limits are shown on the Pricing Page.

4.2 Payment

Payments are processed by recognized third-party providers.

By submitting payment details, you authorize Cocopipe and its payment processor to charge your method of payment.

You must keep payment details current.

4.3 Taxes

All prices include VAT unless otherwise stated.

Non-EU customers may have taxes vary depending on jurisdiction.

4.4 Renewal & Cancellation

Subscriptions renew automatically.

Monthly plans can be canceled anytime; annual plans are non-refundable but remain active until period end.

Failure to pay within 15 days may result in suspension.

4.5 Refunds

Refund requests within 30 days of purchase will be honored.

Cocopipe reserves the right to offset refunded amounts against outstanding charges or prior reversals.

4.6 Price Changes

Cocopipe may change fees with 30 days’ advance notice via email or in-app message.

For uptime, billing cycles, and service credit details, see Service Level Agreement (SLA).

5. Term and Termination

5.1 Effective Date

This Agreement begins when the user first registers or accesses the Services.

5.2 Termination by Cocopipe

Cocopipe may suspend or terminate an account for:

  • Breach of these Terms or the Acceptable Use Policy,
  • Unpaid invoices beyond 15 days,
  • Security or legal risks.

Users will be notified via registered email.

5.3 Termination by Customer

Customers may cancel anytime via account settings.

Data retention and deletion follow the Data Retention Policy.

5.4 Insolvency

Either party may terminate immediately if the other becomes insolvent or enters liquidation.

5.5 Force Majeure

Cocopipe shall not be liable for service failures due to events beyond its control (natural disasters, war, outages), as defined in the Service Level Agreement.

6. Intellectual Property

Cocopipe owns all intellectual property rights in the Services.

Customers retain ownership of their Customer Data, granting Cocopipe a limited license to host, process, and display data solely for service delivery and improvement, including aggregated and anonymized AI training.

6.1 CocoAI Outputs

Outputs generated by CocoAI belong to the Customer.

Cocopipe retains ownership of the underlying models and training data.

See AI Ethics & Usage Guidelines.

6.2 Feedback & Brand Use

Cocopipe may identify the Customer as a user (e.g., in client lists) unless the Customer opts out in writing.

Use of Cocopipe’s brand for commercial purposes requires written consent.

Reverse engineering is prohibited except as permitted by law.

 

 

7. Data Protection and Privacy

Cocopipe acts as data processor, and the Customer as data controller.

Personal data is processed in compliance with GDPR and Estonian law.

Relevant documents:

Cocopipe notifies customers and authorities within 72 hours of any data breach.

No automated decisions producing legal effects are made solely by AI.

8. Confidentiality

Parties agree to keep all non-public information confidential for five (5) years.

Exceptions include public information, prior knowledge, independent development, or legal requirements.

Breach of confidentiality may lead to immediate termination and damages.

9. Warranties and Disclaimers

Cocopipe warrants that Services will be delivered with reasonable skill and care.

However, Cocopipe does not guarantee:

  • Uninterrupted or error-free operation,
  • Accuracy of CocoAI outputs,
  • Continuity of third-party APIs.

All Services are provided “as is” and “as available.”

AI recommendations are for informational purposes only.

10. Limitation of Liability

Cocopipe’s total liability for all claims shall not exceed the total fees paid in the preceding 12 months.

Cocopipe is not liable for:

  • Loss of profits, data, accuracy, goodwill, or business opportunity,
  • Business interruption,
  • Data loss during maintenance,
  • Indirect or consequential damages.

These limits apply to all legal theories and remain valid even if a remedy fails its essential purpose.

11. Indemnification

Each party shall indemnify and hold harmless the other from claims resulting from:

  • Breach of these Terms,
  • Violation of laws or third-party rights,
  • Misuse of the Services or data.

Defense procedures align with standard commercial practice.

12. Miscellaneous

Governing Law: Estonian law applies.

Disputes are resolved in Harju County Court (Tallinn).

Assignment: Customer may not transfer rights without written consent.

Notices:

Language: English version prevails.

Updates: Material changes will be notified via email or in-app message and recorded in the Legal Updates Log.

13. Contact

For any legal or contractual inquiries:
📧 [email protected]
📍 Registered Address: [to be added – Tallinn, Estonia]

Referenced Documents

Privacy Notice (Privacy Policy)

Last Updated: 06/11/2025

This Privacy Notice explains how Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”) collects, uses, stores, and protects personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

It applies to:

  1. Visitors and users of https://cocopipe.com (marketing website, blogs, contact forms, etc.), and
  2. Registered users of the Cocopipe App (our SaaS platform for CRM and sales pipeline management).

For any privacy inquiries, contact: [email protected]

1. Data Controller

Cocopipe OÜ acts as the data controller for personal data processed through both its website and application.

Cocopipe may engage trusted third-party data processors (e.g., hosting, payment, analytics, or communication providers) to support operations, all of whom are contractually bound to comply with GDPR.

Section A – Privacy Notice for Website Visitors

2. Scope

This section applies to individuals visiting or interacting with Cocopipe’s websites, including https://cocopipe.com and related subdomains (the “Website”).

3. Data We Collect

We may collect the following categories of personal data:

  • Technical Data: IP address, browser type, device identifiers, operating system, referral URL.
  • Analytics Data: usage statistics, page views, time on site, click events.
  • Form Data: name, email address, company name, and message when you fill out a contact or newsletter form.

Cookies and Tracking: small data files stored on your device to improve functionality, analytics, and marketing.

4. Purposes and Legal Bases

Purpose
Legal Basis (GDPR Art. 6)
Provide and operate the Website
Legitimate interest
Monitor performance and improve usability
Legitimate interest
Manage cookies, marketing tools, and analytics
Consent
Respond to inquiries or contact form submissions
Legitimate interest / Consent
Ensure network security and prevent abuse
Legitimate interest

5. Cookies and Tracking Technologies

Cocopipe uses cookies and similar technologies for:

  • Essential functions (e.g., login sessions, navigation),
  • Analytics (e.g., Google Analytics with anonymized IPs),
  • Marketing (e.g., email signup tracking, retargeting ads).

You can control your preferences through our on-site Cookie Settings banner or browser options. For details, see our separate Cookie Policy.

6. Third-Party Tools

Our Website may use external services such as analytics, social media widgets, or embedded videos (e.g., YouTube, LinkedIn).

These third parties may collect personal data through their own technologies; Cocopipe does not control their tracking methods.

Please review their respective privacy policies for more information.

7. Data Retention

  • Analytics and log data are retained for up to 26 months.
  • Contact form submissions and newsletter data are retained for up to 12 months or until you withdraw consent.
  • Cookies expire according to the preferences selected in the Cookie Settings banner.

8. International Transfers

Website data may be processed by third-party vendors located outside the EU/EEA. Where applicable, Cocopipe ensures adequate safeguards such as Standard Contractual Clauses (SCCs).

Section B – Privacy Notice for Cocopipe App Users

9. Scope

This section applies to individuals or organizations who create an account and use the Cocopipe App (free, trial, or paid).

10. Scope

We process the following categories of data when you register or use the App:

  • Account Data: name, email address, password, company, team members.
  • Billing Data: payment method, billing address, VAT number (processed via secure third-party payment processors).
  • Usage Data: login times, activity logs, device/browser info, IP address.
  • Customer Data: contacts, deals, notes, and content you upload into your Cocopipe account.
  • AI Data: prompts and outputs generated through CocoAI (processed for feature delivery and anonymized improvement).
  • Support Data: communications with our support or technical team.

11. Purposes and Legal Bases

Purpose
Legal Basis (GDPR Art. 6)
Provide and operate the Cocopipe App
Contractual necessity (Art. 6(1)(b))
Manage billing, payments, and account renewals
Contractual necessity / Legal obligation
Provide customer support and technical assistance
Contractual necessity
Analyze and improve service performance
Legitimate interest
Monitor and prevent fraud or security incidents
Legitimate interest / Legal obligation
Comply with tax and audit obligations
Legal obligation

12. Data Sharing and Subprocessors

We may share limited personal data with carefully selected subprocessors, including:

  • Hosting providers (EU-based data centers),
  • Payment processors (PCI-DSS certified),
  • Email and communication tools,
  • Analytics or monitoring providers.

All subprocessors operate under written agreements ensuring GDPR compliance. An up-to-date list can be requested from [email protected].

13. International Data Transfers

Customer data is primarily stored in the European Union (EU). If transferred outside the EU, Cocopipe implements safeguards under GDPR Chapter V (e.g., SCCs or adequacy decisions).

14. Data Retention

Cocopipe retains Customer Data while the account is active. Upon deletion, all Customer Data (including contacts, deals, tasks, and files) is permanently deleted after 30 days, except for anonymized backups retained up to 90 days for security purposes.

See also: Data Retention Policy and Data Processing Addendum (DPA).

15. Security

Cocopipe uses technical and organizational measures including:

  • Data encryption in transit and at rest,
  • Role-based access control (RBAC),
  • Network intrusion detection,
  • Periodic audits of subprocessors (ISO 27001 / SOC 2 / equivalent).

16. Your Rights

As a data subject, you have the right to:

  • Access and obtain a copy of your personal data,
  • Rectify inaccuracies,
  • Request deletion (“right to be forgotten”),
  • Restrict or object to certain processing,
  • Request data portability,
  • Lodge a complaint with your local authority or the Estonian Data Protection Inspectorate.

To exercise these rights, contact [email protected]. Cocopipe will respond within one month in compliance with GDPR.

17. Automated Processing and AI Outputs

Cocopipe does not use automated decision-making that produces legal or significant effects. AI outputs generated via CocoAI are for informational purposes only and are not guaranteed to be accurate, complete, or suitable for reliance.

18. Data Security and Confidentiality

All personal data—whether from Website or App use—is processed confidentially. Access is limited to authorized personnel under strict access control and monitoring.

19. Updates to this Privacy Notice

We may update this Privacy Notice periodically to reflect operational, legal, or regulatory changes. Material changes will be communicated via email or in-app notification prior to enforcement.

The latest version will always be available at https://cocopipe.com/privacy-policy/.

20. Contact

For any questions or privacy-related requests, contact:

Cocopipe Data Processing Addendum (DPA)

Last Updated: 10/11/2025

This Data Processing Addendum (“Addendum” or “DPA”) is incorporated into and forms part of the Cocopipe Terms of Service (“Agreement”) between Cocopipe OÜ (“Cocopipe”, “Processor”, “we”, “our”) and the customer (“Customer”, “Controller”, “you”, or “your”) that uses the Cocopipe App or related services (“Services”).

This DPA governs Cocopipe’s processing of personal data on behalf of the Customer in accordance with Article 28 of the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Definitions

For the purposes of this Addendum:

  • Data Protection Laws” means all applicable privacy and data protection laws, including the GDPR (EU Regulation 2016/679).
  • Customer Data” means any personal data processed by Cocopipe on behalf of the Customer under the Agreement.
  • Controller” means the Customer who determines the purposes and means of processing.
  • Processor” means Cocopipe, which processes personal data on behalf of the Customer.
  • Subprocessor” means any third party engaged by Cocopipe to process personal data.
  • Data Subject” means an identified or identifiable natural person.
  • Personal Data Breach” means any security incident leading to accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of personal data.

2. Roles of the Parties

For the avoidance of doubt:

  • The Customer acts as the Data Controller, and
  • Cocopipe acts as the Data Processor in relation to all Customer Data processed through the Services.

Cocopipe shall process Customer Data only on documented instructions from the Customer, unless required to do so by law.

3. Nature and Purpose of Processing

Cocopipe processes Customer Data for the duration of the Customer’s subscription. Upon account deletion, Cocopipe will:

  1. Retain Customer Data for 30 days to allow export,
  2. Permanently delete all Customer Data from production systems thereafter, and
  3. Maintain anonymized backups for up to 90 days for disaster recovery and audit purposes.

See also the Data Retention Policy.

4. Duration of Processing

Cocopipe processes Customer Data solely for:

  • Providing, maintaining, and supporting the Services,
  • Performing analytics, diagnostics, and service improvements,
  • Preventing, detecting, and investigating security incidents or misuse,
  • Fulfilling contractual and legal obligations,
  • Training and optimizing AI models in aggregated, anonymized, and non-identifiable form.

No other processing will occur unless expressly authorized by the Customer.

5. Subprocessing

Cocopipe may engage Subprocessors to perform limited data processing activities on its behalf.

  • A current list of authorized Subprocessors is available upon request from [email protected].
  • Cocopipe ensures that Subprocessors are bound by data protection obligations no less protective than those set out in this DPA.
  • Cocopipe remains fully liable for the actions or omissions of its Subprocessors.

Customers will be notified of material Subprocessor changes in advance via email or in-app notification.

6. International Data Transfers

Customer Data is stored and processed within the European Union (EU). Where transfers outside the EU/EEA occur, Cocopipe shall:

  • Use the European Commission’s Standard Contractual Clauses (SCCs), or
  • Ensure that the destination country has an adequacy decision under GDPR Article 45.

Cocopipe will not transfer personal data internationally without appropriate safeguards.

7. Security Measures

Cocopipe implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data in transit and at rest,
  • Network and system access controls,
  • Multi-factor authentication and intrusion detection,
  • Regular vulnerability testing and patch management,
  • Staff confidentiality agreements and training.

Cocopipe reviews these measures periodically and updates them as necessary.

8. Data Subject Rights

Cocopipe will assist the Customer in fulfilling data subject rights requests under GDPR (Articles 12–23), including:

  • Access, rectification, erasure, restriction, data portability, and objection.

Requests received directly by Cocopipe will be forwarded promptly to the Customer unless prohibited by law.

9. Data Breach Notification

In the event of a Personal Data Breach, Cocopipe shall:

  • Notify the Customer without undue delay and, where feasible, within 72 hours of becoming aware of the breach,
  • Provide information about the nature of the breach, affected data, likely consequences, and remedial actions taken,
  • Cooperate with the Customer and supervisory authorities as required by law.

10. Confidentiality

All Customer Data processed by Cocopipe is treated as confidential. Cocopipe ensures that only authorized personnel with a need-to-know basis have access to such data and are bound by confidentiality obligations.

11. Audits and Compliance

Upon reasonable written request, the Customer may obtain information to demonstrate compliance with this DPA, including:

  • Relevant documentation, certifications (ISO 27001 / SOC 2 or equivalent), or audit summaries.

Cocopipe may also allow third-party audits where required by law, subject to reasonable notice, scope, and confidentiality conditions.

12. Return or Deletion of Data

Upon termination or expiration of the Agreement:

  • Cocopipe will delete or return all Customer Data upon request,
  • Except where retention is required by law or legitimate business necessity (e.g., tax records, security logs).

Deletion confirmations can be provided upon written request.

13. Liability and Indemnity

All Customer DaThe liability of each party under this DPA shall be subject to the limitations set forth in the Terms of Service. Nothing in this DPA limits a party’s liability for willful misconduct, gross negligence, or breach of data protection obligations.

14. Governing Law and Jurisdiction

This DPA is governed by the laws of Estonia. Any disputes arising from or relating to this Addendum shall be resolved in accordance with Section 12 (“Dispute Resolution”) of the Cocopipe Terms of Service.

15. Contact

For data protection or DPA-related inquiries, please contact:
📧 [email protected]
📍 Registered address: [To be added – Tallinn, Estonia]

References:

Cocopipe Acceptable Use Policy

Last Updated: 06/11/2025

This Acceptable Use Policy (“AUP”) sets forth the rules and restrictions governing the use of Cocopipe OÜ’s products and services (“Cocopipe”, “we”, “our”, or “us”), including the Cocopipe App, APIs, and related online services (collectively, the “Services”).

This AUP forms part of and is incorporated into the Cocopipe Terms of Service. By using the Services, you agree to comply with this Policy. Violations may result in account suspension or termination, as described in the Terms of Service.

1. Purpose and Scope

This Policy is intended to ensure that all Cocopipe users use the Services in a lawful, responsible, and secure manner.

It applies to all users, including individuals, teams, and organizations using free, trial, or paid plans.

2. Prohibited Activities

You may not use the Services for any unlawful, abusive, or harmful purpose. In particular, you agree not to:

2.1 Illegal or Harmful Conduct
  • Engage in or promote any activity that violates applicable law, regulation, or third-party rights.
  • Upload, transmit, or store material that is defamatory, obscene, discriminatory, harassing, or otherwise objectionable.
  • Use Cocopipe to facilitate fraud, money laundering, terrorism financing, identity theft, or any other criminal activity.
  • Use the Services to promote or distribute hate speech, misinformation, or content intended to cause harm.
2.2 Security and System Abuse
  • Attempt to gain unauthorized access to any account, system, or network.
  • Probe, scan, or test the vulnerability of the Cocopipe infrastructure or networks without authorization.
  • Interfere with or disrupt the integrity or performance of the Services or connected systems.
  • Introduce malware, viruses, or malicious scripts into the Service.
  • Create excessive load, spam requests, or denial-of-service attacks.
2.3 Spam and Communication Misuse
  • Send unsolicited or bulk messages (“spam”) through Cocopipe or its integrations.
  • Use contact or communication data stored in Cocopipe for mass marketing without consent.
  • Impersonate another person or entity or misrepresent your affiliation.
2.4 Data Misuse
  • Collect, store, or share personal data of others without valid legal basis or consent.
  • Export or process data in violation of applicable privacy, data protection, or export control laws.
  • Attempt to access or use data belonging to another Cocopipe customer or account.

3. AI and CocoAI Usage Restrictions

Cocopipe includes AI-assisted features (“CocoAI”) to help users analyze and generate insights. To ensure ethical and responsible use, you must not:

  • Use CocoAI to create or spread false, misleading, or manipulative content.
  • Attempt to generate output that infringes intellectual property, privacy, or publicity rights.
  • Use CocoAI to impersonate individuals or simulate human behavior deceptively.
  • Submit prompts or data that contain illegal, hateful, or harmful content.
  • Attempt to reverse-engineer, retrain, or extract data from CocoAI models.
  • Rely solely on AI-generated outputs for decision-making with legal or financial consequences.

Cocopipe makes no warranty regarding the accuracy or reliability of AI-generated outputs. All AI results are for informational purposes only.

4. Security and System Integrity

You are responsible for maintaining the confidentiality of your account credentials and ensuring secure use of the Service.

Users must:

  • Use strong passwords and keep them confidential.
  • Promptly notify Cocopipe of any unauthorized access or suspected breach.
  • Avoid sharing credentials or allowing unapproved access to your account.

Cocopipe reserves the right to monitor, log, and audit user activity for security and compliance purposes, as permitted by law.

5. Enforcement and Consequences

Cocopipe may suspend, restrict, or terminate accounts that violate this Policy or applicable law. In addition, Cocopipe may:

  • Block access to offending content or systems,
  • Report violations to appropriate authorities,
  • Cooperate with law enforcement or regulators, and
  • Pursue civil or criminal remedies where appropriate.

Cocopipe determines enforcement actions at its sole discretion and may act without prior notice in urgent cases.

6. Reporting Violations

If you become aware of any misuse or violation of this Policy, please report it immediately to: [email protected]

Include detailed information such as:

  • The nature of the violation,
  • Account or user details (if known),
  • Relevant logs, messages, or screenshots.

Cocopipe reviews all reports in good faith and takes appropriate action.

7. Changes to this Policy

Cocopipe may update this Acceptable Use Policy from time to time to reflect legal, operational, or technical changes.

Material changes will be communicated via email or in-app notice prior to taking effect. The latest version will always be available at https://cocopipe.com/acceptable-use.

8. Contact

For questions regarding this Policy, please contact: [email protected]

Registered address:

References:

Cocopipe Service Level Agreement (SLA)

Last Updated: 11/11/2025

This Service Level Agreement (“SLA”) forms part of the Cocopipe Terms of Service and describes the service availability, performance, and support commitments of Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”) to its customers (“Customer”, “you”, or “your”).

This SLA applies to all paid subscriptions and, where specified, to free or trial accounts on the Cocopipe App.

1. Service Availability

1.1 Uptime Commitment

Cocopipe targets a Monthly Uptime Percentage of 99.9% for all production systems, excluding scheduled maintenance, emergency maintenance, and force majeure events.

1.2 Measurement

Uptime is measured monthly and calculated as follows:

Uptime % = (Total Minutes in Month – Downtime Minutes) / Total Minutes in Month × 100

Downtime excludes:

  • Planned maintenance (with prior notice),
  • Issues caused by third-party services or integrations,
  • Force majeure events,
  • User or Customer network/environment errors.
1.3 Planned Maintenance

Cocopipe will provide advance notice of scheduled maintenance via in-app or email notification at least 48 hours in advance whenever feasible.
Maintenance windows are typically performed during off-peak hours (UTC time zone).

1.4 Emergency Maintenance

In urgent cases (e.g., critical security fixes), Cocopipe may perform maintenance without prior notice.

Cocopipe will take commercially reasonable steps to minimize disruption and notify Customers post-resolution.

2. Support and Response Times

2.1 Support Channels

Support is available to Customers via:

  • Email: [email protected]
  • In-app support widget (during business hours)
  • Live-chat on Cocopipe Website and App.
  • Ticket system on Cocopipe App

Live-chat Support is provided Monday–Friday, 9:00–18:00 (Estonia Time, UTC+2), excluding public holidays. 

Ticket and Email support is provided 24/7, including weekends.

2.2 Response Time Targets
Severity Level
Description
Target Initial Response
P1 – Critical
Complete service outage or data loss
4 business hours
P2 – Major
Major feature malfunction with significant user impact
8 business hours
P3 – Moderate
Minor issue, performance degradation, or UI defect
1 business day
P4 – Low
General inquiry or non-urgent request
2 business days

These targets are not guarantees, but reflect Cocopipe’s commitment to high-quality service.

3. Exclusions

This SLA does not apply to:

  • Beta or experimental features,
  • Free or trial plans (unless explicitly stated),
  • Third-party integrations or external systems (e.g., Google, Microsoft, Slack, Zoom),
  • Scheduled downtime and force majeure events,
  • Downtime caused by Customer misuse, configuration errors, or unauthorized modifications.

4. Remedies

If Cocopipe fails to meet the uptime target for a given month, Customers on paid plans may request Service Credits.

4.1 Service Credit Calculation
Monthly Uptime Percentage
Credit (%) of Monthly Fee
99.0%–99.9%
10%
95.0%–98.9%
25%
Below 95.0%
50%

Service Credits:

  • Are the sole and exclusive remedy for downtime,
  • Must be requested within 30 days after the affected month,
  • Are applied to future invoices (no cash refunds).
4.2 Claim Process

To request a Service Credit, email [email protected] including:

  • Account name and billing email,
  • Date and duration of outage, and
  • Description of the impact.

Cocopipe will verify logs and respond within 10 business days.

5. Force Majeure

Cocopipe is not liable for downtime or failure to perform due to circumstances beyond its reasonable control, including but not limited to:

  • Acts of nature, war, terrorism, civil unrest, or government action,
  • Power or internet outages,
  • Strikes or labor disputes,
  • Data center or infrastructure failures.

In such cases, Cocopipe will use commercially reasonable efforts to restore Services as soon as practicable.

6. Monitoring and Reporting

Cocopipe continuously monitors system health using automated uptime tracking and internal monitoring tools.

Service status updates may be published on the Cocopipe status page.

7. Updates to this SLA

Cocopipe may revise this SLA from time to time to reflect new features, infrastructure improvements, or operational changes.

Material changes will be communicated via email or in-app notification.

The current version is always available at https://cocopipe.com/service-level-agreement.

8. Contact

For SLA or service-related inquiries:
📧 [email protected]
📍 Registered address: [To be added – Tallinn, Estonia]

References:

Cocopipe Product-Specific Terms

Last Updated: 11/11/2025

These Product-Specific Terms (“Terms”) supplement and form part of the Cocopipe Terms of Service.

They describe additional or different terms applicable to certain Cocopipe modules and features.

In case of conflict between these Terms and the main Terms of Service, these Terms shall prevail with respect to the relevant feature.

1. CocoAI (AI Copilot)

1.1 Description

CocoAI is Cocopipe’s artificial intelligence feature that assists users with lead insights, text generation, sales suggestions, and workflow automation.

1.2 Use of Customer Data

CocoAI may process Customer Data (including text, tasks, notes, and messages) to provide AI-generated insights.

All AI processing occurs under the same data-protection obligations as described in the Data Processing Addendum (DPA).

Cocopipe may use anonymized and aggregated data to improve AI model performance.

1.3 Accuracy and Responsibility
  • CocoAI outputs are for informational purposes only and are not guaranteed to be accurate or complete.
  • Customers remain solely responsible for reviewing, validating, and acting on any AI-generated content.
  • CocoAI should not be relied upon for decisions with legal, medical, or financial consequences.
1.4 Prohibited AI Use

Users may not use CocoAI to:

  • Generate or distribute misleading, harmful, or discriminatory content,
  • Attempt to reverse-engineer or extract underlying model data,
  • Train or develop external AI models, or
  • Circumvent content or rate-limit controls.

Violation of these restrictions may lead to account suspension under the Acceptable Use Policy.

2. API and Webhooks

2.1 Access and Licensing

Cocopipe provides API and webhook access to allow Customers to build integrations and automate workflows.

API access is subject to:

  • Registration of an API key,
  • Compliance with published rate limits, and
  • Use solely for lawful business purposes.
2.2 Restrictions

You may not:

  • Use the API in a way that disrupts or degrades Cocopipe’s Services,
  • Re-sell or sublicense the API to third parties,
  • Access data belonging to other Cocopipe users,
  • Circumvent authentication or rate-limit mechanisms.

Cocopipe reserves the right to revoke API access at any time for security, misuse, or operational reasons.

2.3 Liability

Cocopipe makes no warranty regarding API uptime or compatibility with third-party systems.

API integrations are provided “as is”, and any resulting data loss or interruption is the Customer’s responsibility.

3. Integrations with Third-Party Services

3.1 Supported Integrations

Cocopipe may offer integrations with third-party services such as Google, Microsoft, Slack, and Zoom and not limited to these to enhance functionality.

3.2 Separate Terms

Use of third-party integrations is governed by the respective provider’s terms and privacy policies.

Cocopipe is not responsible for the data processing, availability, or functionality of such external services.

3.3 Authorization and Revocation

Customers grant Cocopipe permission to connect to and interact with selected third-party accounts.

Connections can be revoked at any time via account settings or the third-party platform.

4. Beta and Experimental Features

4.1 Overview

Cocopipe may offer certain features, modules, or functionalities as Beta, Preview, or Experimental releases.

Participation may be limited to specific users or offered publicly at Cocopipe’s discretion.

4.2 Disclaimer

Beta Features are provided “as is” without warranties of any kind.

They may:

  • Contain errors or bugs,
  • Change or be removed at any time, and
  • Not meet the same reliability or performance standards as generally available features.

Cocopipe shall have no liability arising from or related to the use of Beta Features.

4.3 Feedback

By using Beta Features, the Customer grants Cocopipe a royalty-free, worldwide license to use feedback, comments, or suggestions to improve the Service.

5. Product Updates and Modifications

Cocopipe may modify, enhance, or discontinue any Product Feature at any time.
Material changes will be communicated via email or in-app notice and reflected on the Changelog Page.

6. Governing Terms

These Product-Specific Terms are governed by the laws of Estonia and subject to the dispute-resolution provisions of the Cocopipe Terms of Service.

7. Contact

For questions or feedback regarding product modules or integrations:
📧 [email protected]
📍 Registered address: [To be added – Tallinn, Estonia]

Cocopipe AI Ethics & Usage Guidelines (CocoAI Appendix)

Last Updated: 11/11/2025

These AI Ethics & Usage Guidelines describe the principles, responsibilities, and restrictions governing the use of CocoAI, the artificial intelligence module within Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”).

This document forms part of the Cocopipe Terms of Service, the Acceptable Use Policy, and the Data Processing Addendum (DPA).

1. Purpose of CocoAI

CocoAI is designed to assist users in performing sales, CRM, and productivity tasks more efficiently — including text generation, summarization, insight extraction, and automation recommendations.

It is an AI-assisted productivity tool, not a replacement for human judgment, legal, or financial advice.

2. Ethical Principles

Cocopipe adheres to the following principles in the development and operation of CocoAI:

  1. Transparency:
    CocoAI clearly indicates when content or insights are AI-generated.
  2. Privacy by Design:
    CocoAI processes Customer Data under strict GDPR and Estonian data protection requirements.
  3. Security:
    AI processing occurs within secure, monitored environments. No training is performed on identifiable customer data.
  4. Fairness and Non-Discrimination:
    CocoAI is designed to minimize bias and prevent outputs that could be discriminatory, defamatory, or misleading.
  5. Accountability:
    Users and Cocopipe share responsibility for ensuring ethical and lawful use of AI.

3. AI Usage Restrictions

Users are prohibited from using CocoAI to:

  • Generate or spread false, misleading, or manipulative content,
  • Engage in spam, harassment, or hate speech,
  • Violate any law or regulation (including privacy, intellectual property, or export controls),
  • Circumvent filters, moderation systems, or output limitations,
  • Create or distribute content promoting violence, discrimination, or illegal activity,
  • Use CocoAI outputs as factual or verified information without review.

Violations may result in immediate account suspension under the Suspension Policy.

4. Accuracy and Limitations

4.1 Informational Use Only

CocoAI outputs are for informational purposes only and are not guaranteed to be accurate, complete, or current.

Cocopipe does not assume liability for errors or omissions in AI-generated content.

4.2 User Responsibility

Users are solely responsible for:

  • Verifying AI outputs before using them in business or public communication,
  • Ensuring compliance with applicable laws, and
  • Preventing harm caused by misuse of AI content.

5. Data Processing and Privacy

5.1 Processing of Inputs

CocoAI may process text and metadata provided by the Customer to generate responses.

Such processing occurs under the same legal basis as described in the DPA.

5.2 Model Training

Cocopipe does not train its AI models on identifiable Customer Data.

Aggregated and anonymized usage data may be used to improve model performance.

5.3 Storage

AI prompts and responses are retained temporarily for processing and moderation, typically up to 30 days, and are then anonymized.

6. Human Oversight

Cocopipe encourages users to apply human review and ethical judgment before relying on any AI output for:

  • Financial, contractual, or compliance decisions,
  • Customer communications, or
  • Automated workflows affecting others.

7. Transparency to End Users

If a Customer uses CocoAI to generate communications for third parties (e.g., clients or leads), the Customer must ensure:

  • The message does not misrepresent itself as written by a human, and
  • AI involvement is disclosed where required by law or ethics guidelines.

8. Reporting Misuse

If you believe CocoAI has been used for unethical, illegal, or harmful activity, report it to:

📧 [email protected]

Cocopipe investigates all reports promptly and may suspend access or notify authorities where applicable.

9. Updates to this Policy

Cocopipe may update this AI Ethics & Usage Policy to reflect new technologies, regulations, or ethical standards.

Material updates will be communicated via email or in-app notifications.

The latest version will always be available at https://cocopipe.com/ai-ethics.

10. Contact

For inquiries about CocoAI, ethical use, or compliance obligations:
📧 [email protected]
📍 Registered address: [To be added – Tallinn, Estonia]

References:

Cocopipe Security & Compliance Overview

Last Updated: 11/11/2025

At Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”), we take the protection of our customers’ data and the security of our systems seriously.

This Security & Compliance Overview describes our key technical, organizational, and procedural measures to safeguard information processed through the Cocopipe App and cocopipe.com.

This document complements the Privacy Policy, Data Processing Addendum (DPA), and Service Level Agreement (SLA).

1. Data Center & Infrastructure Security

  • Cocopipe’s production systems are hosted in EU-based data centers, managed by reputable cloud providers (such as AWS or an equivalent EU provider).
  • All data centers meet ISO 27001, SOC 2, or equivalent international security standards.
  • Data is replicated across multiple availability zones for high availability and disaster recovery.
  • Physical access to data centers is strictly controlled using biometric and electronic access systems.

2. Data Encryption

  • In Transit: All data transmitted between user devices and Cocopipe servers is encrypted using TLS 1.2 or higher.
  • At Rest: All databases, backups, and files are encrypted using AES-256 encryption.
  • Encryption keys are managed securely and rotated according to industry best practices.

3. Access Control & Authentication

  • Access to production systems is restricted to authorized personnel only, using role-based access control (RBAC).
  • All administrative actions are logged and reviewed.
  • Two-factor authentication (2FA) is required for internal access to administrative environments.
  • Customers can enable MFA (multi-factor authentication) within their Cocopipe accounts.

4. Network & Application Security

  • Firewalls, intrusion detection, and automated threat monitoring are implemented across all environments.
  • Regular vulnerability scans and penetration tests are conducted.
  • Security patches and updates are applied promptly following vendor releases.
  • Cocopipe employs a zero-trust architecture approach for internal systems.

5. Data Protection & Privacy Compliance

  • Cocopipe complies with the EU General Data Protection Regulation (GDPR) and relevant Estonian data protection laws.
  • Cocopipe acts as a data processor for Customer Data and as a data controller for account and billing information.
  • A dedicated Data Protection Officer (DPO) oversees compliance, audit readiness, and incident response.
  • Customer data is never sold or shared with third parties without legal basis or consent.

6. Monitoring, Logging & Incident Response

  • All access to systems, APIs, and data is logged and monitored for anomalies.
  • Logs are retained for at least 12 months and protected against tampering.
  • In the event of a security incident or breach:
    • Cocopipe will notify affected customers and authorities within 72 hours, where feasible.
    • Incident response procedures include containment, investigation, and remediation steps.

7. Backup & Disaster Recovery

  • Automated encrypted backups are performed daily and retained for up to 90 days.
  • Backup data is stored separately within EU-based environments.
  • Disaster recovery procedures are tested periodically to ensure service continuity.

8. Vendor & Subprocessor Management

  • Cocopipe engages subprocessors (e.g., hosting, analytics, payment processors) that meet security and compliance standards equivalent to ours.
  • All subprocessors are subject to GDPR-compliant Data Processing Agreements.
  • The current list of subprocessors is maintained at https://cocopipe.com/subprocessors.

9. Employee Security & Training

  • All employees and contractors undergo background verification and security awareness training.
  • Confidentiality agreements are mandatory.
  • Access to data and systems follows the principle of least privilege (PoLP).

10. Compliance Framework

Cocopipe aligns its security program with internationally recognized frameworks and best practices:

  • ISO/IEC 27001 Information Security Management
  • SOC 2 Type II (or equivalent control framework)
  • GDPR Articles 28, 32, and 35 compliance principles
  • Regular internal and external audits to assess compliance

11. Responsible Disclosure

We welcome reports of security vulnerabilities.

If you discover a potential issue, please contact our security team:
📧 [email protected]

Reports are reviewed promptly, and valid findings may be acknowledged publicly once resolved.

12. Updates to this Policy

Cocopipe may periodically update this Security Overview to reflect evolving practices, technologies, or compliance requirements.

The current version is always available at https://cocopipe.com/security.

13. Contact

For questions about security or compliance:
📧 [email protected]
📍 Registered address: [To be added – Tallinn, Estonia]

References:

Cocopipe Data Retention Policy

Last Updated: 10/11/2025

This Data Retention Policy explains how Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”) stores, retains, and deletes personal data collected through the Cocopipe App and https://cocopipe.com in compliance with the EU General Data Protection Regulation (GDPR) and related data protection laws.

This Policy forms part of the Data Processing Addendum (DPA) and the Privacy Policy.

1. Purpose and Scope

This Policy defines:

  • How long Cocopipe retains customer, user, and visitor data,
  • The principles guiding secure storage, archival, and deletion, and

  • How users can request deletion or export of their data.

It applies to both:

  • Cocopipe App Users (registered customers and team members), and
  • Website Visitors (non-registered users interacting with cocopipe.com).

2. General Retention Principles

Cocopipe retains personal data only for as long as necessary to:

  • Fulfill contractual or legal obligations,
  • Provide the Services,
  • Maintain security and audit trails, or
  • Comply with statutory retention periods (e.g., financial or tax laws).

After these purposes are met, data is securely deleted or anonymized. Anonymized data may be used for analytics and service improvement.

3. Retention Periods

3.1 Cocopipe App Users

Data Category
Description
Retention Period
Customer Account Data
Name, email, company, account configuration
Stored while the account is active; deleted 30 days after account deletion
Customer Data (CRM content)
Contacts, deals, notes, tasks, and uploaded files
Deleted 30 days after account deletion; anonymized backups kept for 90 days
AI Prompts & Outputs (CocoAI)
Inputs and generated outputs
Temporarily stored for processing; anonymized logs retained up to 30 days
Billing & Payment Records
Invoices, payment confirmations, VAT details
Retained for up to 7 years (legal/tax compliance)
Support Communications
Emails, chat transcripts, tickets
Retained up to 24 months for quality and audit
Audit Logs & Security Events
Login records, access logs, system actions
Retained up to 12 months; may be extended in case of security incidents

3.2 Website Visitors

Data Category
Description
Retention Period
Analytics & Cookies Data
IP address, browser, session ID, page views
Up to 26 months (as configured in analytics tools)
Contact Form Submissions
Name, email, message
Up to 12 months or until user requests deletion
Newsletter / Marketing Data
Email, consent logs
Retained until consent is withdrawn
Server Logs
Security and access logs
Up to 90 days for operational security

4. Backups and Disaster Recovery

  • Cocopipe maintains encrypted system backups for up to 90 days.
  • Backups are stored within EU-based data centers.
  • These backups are not accessible for operational use and are automatically purged after expiry.

5. Deletion and Anonymization

When retention periods expire or a deletion request is received:

  • Data is securely erased from active databases.
  • Related backups are overwritten after the next rotation cycle (within 90 days).
  • Certain financial or security records may be retained as required by law.

Cocopipe uses irreversible anonymization for data kept for statistical or performance analysis.

6. User-Initiated Data Deletion

  • App users may delete their account and all associated data via in-app settings or by contacting [email protected].
  • Cocopipe will confirm deletion within 30 days of verified request.
  • Website visitors may withdraw consent or request deletion of form submissions or marketing data through the same email.

7. Data Export Requests

Within the 30-day post-deletion period, Customers may request an export of their data.

Exports are provided in a machine-readable format (e.g., CSV or JSON) upon verification of account ownership.

8. Exceptions to Deletion

Cocopipe may retain certain data for longer periods if:

  • Required by law (e.g., tax, financial regulations),
  • Necessary to establish, exercise, or defend legal claims, or
  • Needed for ongoing investigations or dispute resolution.

All such data will remain protected and restricted to authorized personnel.

9. Security Measures

Cocopipe applies strict data protection controls including:

  • Encryption at rest and in transit,
  • Role-based access control (RBAC),
  • Logging and monitoring of deletion operations,
  • Regular audits of storage and retention processes.

10. Policy Updates

Cocopipe may update this Policy periodically to reflect legal or operational changes.
Material changes will be announced via email or in-app notice.

The current version is always available at https://cocopipe.com/data-retention.

11. Contact

For questions or data deletion requests, contact:
📧 [email protected]
📍 Registered address: [To be added – Tallinn, Estonia]

References:

Cocopipe Suspension Policy

Last Updated: 11/11/2025

This Suspension Policy explains when and how Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”) may suspend or restrict access to the Cocopipe App and related services (“Services”).

It supplements and forms part of the Cocopipe Terms of Service and applies to all registered users and organizations using Cocopipe.

1. Purpose and Scope

Cocopipe may temporarily or permanently suspend an account to:

  • Protect system security and data integrity,
  • Enforce compliance with the Acceptable Use Policy,
  • Prevent fraud or misuse, or
  • Ensure compliance with applicable laws or regulatory requests.

Suspensions are applied as a last resort, except in cases involving urgent security or legal risks.

2. Grounds for Suspension

Cocopipe may suspend access, without liability, under any of the following circumstances:

2.1 Non-Payment or Billing Issues
  • Failure to pay subscription fees within 15 days of due date, despite reminders.
  • Invalid, expired, or unauthorized payment methods.
2.2 Security or Privacy Risks
  • Evidence or suspicion of unauthorized account access.
  • Compromise of account credentials or detected malware activity.
  • Violation of security measures or system integrity.
2.3 Policy or Legal Violations
  • Breach of the Acceptable Use Policy (AUP).
  • Use of the Services for illegal, abusive, or harmful purposes.
  • Misuse of CocoAI to generate false, misleading, or harmful content.
  • Violation of applicable laws, court orders, or data protection regulations.
2.4 Inactive Accounts
  • Accounts with no login activity for six (6) consecutive months may be marked inactive.
  • Cocopipe will notify the account owner 30 days before suspension.
  • If no login occurs during this period, the account and data may be permanently deleted.

3. Notification Process

Unless immediate suspension is required for legal or security reasons, Cocopipe will:

  • Notify the account owner via registered email address, and/or
  • Provide an in-app notification specifying:
    • The reason for suspension, and
    • Any actions required to restore access.

If the suspension results from overdue payment, Cocopipe may continue attempting automated charges during the notice period.

4. Effect of Suspension

While an account is suspended:

  • User access to the Cocopipe App and APIs will be restricted,
  • Data and configurations will remain stored but inaccessible,
  • Automations and integrations will pause automatically.

Suspension does not relieve the Customer of any outstanding payment obligations.

5. Reactivation Process

To restore access after suspension, the account owner must:

  1. Resolve the underlying issue (e.g., payment, verification, compliance), and
  2. Contact Cocopipe at [email protected] for reactivation.

Cocopipe may require identity or business verification (e.g., proof of ownership, domain validation). Reactivation may take up to 5 business days once all requirements are met. A reactivation fee may apply in certain cases.

6. Termination After Suspension

If an account remains suspended for:

  • 30 days (non-payment or AUP violation), or
  • 90 days (inactivity or lack of response),

Cocopipe may permanently terminate the account and delete associated data in accordance with the Data Retention Policy.

7. Emergency Suspension

Cocopipe reserves the right to immediately suspend access without prior notice if:

  • There is a reasonable belief of imminent harm to other users, the platform, or data integrity, or
  • The account is being used for unlawful or malicious activity.

In such cases, Cocopipe will notify the Customer as soon as reasonably practicable.

8. Appeals and Disputes

If you believe your account has been wrongfully suspended, you may appeal by emailing [email protected] within 15 days of suspension notice.

Your request should include:

  • Account details,
  • Description of the issue, and
  • Any supporting documentation.

Cocopipe will review and respond within 10 business days.

9. Updates to this Policy

Cocopipe may update this Policy from time to time to reflect changes in law, business practices, or risk management.

The latest version will always be available at https://cocopipe.com/suspension-policy.

9. Updates to this Policy

For suspension-related inquiries, please contact:
📧 [email protected]
📍 Registered address: [To be added – Tallinn, Estonia]

References:

Cocopipe Account Lifecycle Policy

Last Updated: 11/11/2025

This Account Lifecycle Policy describes how Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”) manages user and organization accounts throughout their lifecycle — from creation and verification to suspension and deletion — in accordance with the Terms of Service, the Data Processing Addendum (DPA), and the Data Retention Policy.

This Policy applies to all registered Cocopipe App users, including administrators (“Admin Users”) and team members (“Seat Users”).

1. Account Creation

1.1 Registration
  • Users may create a Cocopipe account by providing a valid email address and password.
  • Cocopipe may request additional details such as company name or billing information depending on the selected plan.
1.2 Verification

Cocopipe may perform verification checks to confirm account ownership or authenticity, including:

  • Email confirmation,
  • Domain validation (for organizations), or
  • Identity verification if required by law or in cases of suspected misuse.

Cocopipe reserves the right to refuse registration if the provided information is inaccurate, incomplete, or violates this Policy.

2. Account Roles and Ownership

2.1 Admin Account

Each organization account has one designated Admin User who holds primary ownership and management rights.

The Admin is responsible for:

  • Managing billing, team members, and permissions,
  • Ensuring compliance with Cocopipe’s Terms, and
  • Responding to communications related to the account.
2.2 Transferring Admin Ownership

To transfer account ownership to another user:

  1. The current Admin must submit a written request from the registered email address to [email protected].
  2. Cocopipe will verify both the current and new Admin identities.
  3. Ownership transfer will be completed once verification is successful.

If the current Admin is unavailable (e.g., employment termination), Cocopipe may require additional verification such as domain or business documentation.

2.3 Team Members (Seat Users)
  • Seat Users are invited by the Admin to join the organization’s Cocopipe workspace.
  • They are granted limited access and must comply with all Cocopipe policies.
  • Seat Users cannot transfer ownership or modify billing information.

3. Account Access and Security

Users must:

  • Maintain the confidentiality of login credentials,
  • Use strong passwords and enable security features,
  • Promptly report unauthorized access or suspicious activity to [email protected].

Cocopipe may suspend or restrict access to protect accounts from suspected compromise, in accordance with the Suspension Policy.

4. Inactive Accounts

4.1 Identification of Inactivity

Accounts with no login or activity for six (6) consecutive months are classified as inactive.

4.2 Notifications

Cocopipe will send a reminder email to the registered address 30 days before an account is scheduled for suspension due to inactivity.

4.3 Suspension and Deletion

If no login occurs during the 30-day notice period:

  • The account will be suspended, restricting access to data.
  • If no activity occurs for an additional 30 days post-suspension,
    all associated data will be permanently deleted in accordance with the Data Retention Policy.

5. Account Suspension and Termination

Accounts may be suspended or terminated for reasons including:

The full suspension procedure is defined in the Suspension Policy.

6. Account Reactivation

Suspended or inactive accounts may be reactivated upon:

  • Resolution of the issue (e.g., payment, verification, compliance), and
  • Identity confirmation by Cocopipe.

Reactivation may take up to five (5) business days and may include a reactivation fee. Cocopipe reserves the right to deny reactivation in cases of prior policy violations.

7. Account Deletion

7.1 Voluntary Deletion

Users may delete their account at any time via in-app settings or by submitting a request to [email protected].

Upon verification:

  • Account data is deleted after 30 days,
  • Backups and logs are purged after an additional 90 days (see Data Retention Policy).
7.2 Deletion Confirmation

Upon completion of deletion, Cocopipe can provide written confirmation upon request.

8. Account Recovery

If a user loses access to their registered email or domain:

  • Cocopipe may verify ownership through alternative means, such as ID verification, domain proof, or company authorization letter.
  • This process (“reasonable verification process”) ensures account recovery while maintaining security.

9. Data Portability

Users may export their data before deletion or termination.

Data exports are provided in a machine-readable format (CSV/JSON) within the 30-day retention window after deletion or termination.

10. Compliance and Record Keeping

Cocopipe maintains audit logs of key account lifecycle actions (creation, deletion, access changes) for compliance and troubleshooting.

Logs are retained for 12 months in accordance with the Data Retention Policy.

11. Updates to this Policy

Cocopipe may modify this Policy periodically to reflect operational or legal changes.

Material changes will be communicated via email or in-app notification before implementation.

The latest version is always available at https://cocopipe.com/account-lifecycle.

12. Contact

For account-related questions, deletions, or ownership transfers:
📧 [email protected]
📍 Registered address: [To be added – Tallinn, Estonia]

Cocopipe Cookies & Tracking Policy

Last Updated: 11/11/2025

This Cookies & Tracking Policy explains how Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”) uses cookies and similar technologies on https://cocopipe.com (“Website”).

By continuing to browse or use our Website, you agree to our use of cookies in accordance with this Policy.

1. What Are Cookies?

Cookies are small text files that websites store on your device to remember your preferences, enhance your browsing experience, and collect analytics data.
Some cookies are essential for site operation, while others help us improve performance or personalize content.

2. Types of Cookies We Use

Category
Purpose
Examples / Tools
Duration
Strictly Necessary Cookies
Enable website functionality such as login, page navigation, and security.
Session cookies, Cloudflare security token
Session / up to 24h
Analytics Cookies
Help us understand how visitors interact with our Website.
Google Analytics, Plausible, or equivalent EU-based tools
Up to 26 months
Functional Cookies
Remember your preferences (e.g., language, region, theme).
Preference cookies
Up to 12 months
Marketing / Tracking Cookies
Track engagement with marketing content (used only with consent).
Meta Pixel, LinkedIn Insight Tag
Up to 12 months

3. Cookie Consent

When you first visit cocopipe.com, a cookie banner will appear requesting your consent.

You can:

  • Accept all cookies,
  • Reject non-essential cookies, or
  • Customize your preferences.

Your consent choices are stored for 12 months, after which you will be prompted again.

4. Managing Cookies

You can control or delete cookies anytime by adjusting your browser settings.
To learn how to manage or block cookies, visit:

Please note: disabling cookies may affect some features or functionality of our Website.

5. Third-Party Tools

Some analytics or marketing cookies are provided by third parties.

These third parties process data in accordance with their own privacy policies. You can find their documentation here:

Cocopipe ensures all third-party partners comply with GDPR and use EU or adequacy-approved data transfer mechanisms.

6. Do Not Track Signals

Cocopipe does not currently respond to “Do Not Track” (DNT) signals due to inconsistent industry standards.

However, you may manage tracking preferences through the cookie banner or browser extensions.

7. Updates to this Policy

We may update this Policy periodically to reflect changes in technology, law, or business operations.

Updates will be posted on this page with a revised “Last updated” date.

The latest version is always available at https://cocopipe.com/cookies.

8. Contact

For questions about cookies or privacy:
📧 [email protected]
📍 Registered address: [To be added – Tallinn, Estonia]

References:

Cocopipe Subprocessor List

Last Updated: 11/11/2025

This page lists all subprocessors engaged by Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”) that may process Customer Data as part of the Cocopipe App and related services.

This document forms part of the Data Processing Addendum (DPA) and is provided in accordance with Article 28 of the GDPR.

1. Overview

Subprocessors are third-party companies that provide infrastructure, hosting, analytics, communication, or payment services that support Cocopipe’s operations.

Cocopipe ensures that all subprocessors:

  • Sign a Data Processing Agreement (DPA) with Cocopipe,
  • Comply with GDPR and equivalent security standards (e.g., ISO 27001, SOC 2),
  • Store and process data within the European Economic Area (EEA) or under approved transfer mechanisms (e.g., Standard Contractual Clauses).

2. Current Subprocessors

Category
Vendor
Location
Purpose of Processing
Data Stored / Processed
Infrastructure & Hosting
Amazon Web Services (AWS)
EU (Ireland, Frankfurt)
Cloud hosting, database, backups
All service data and files
Website DNS & Security
Cloudflare, Inc.
EU / USA (SCCs)
CDN, DDoS protection, caching
IP, request metadata
Payment Processing
Stripe Payments Europe, Ltd.
Ireland
Subscription billing and invoicing
Billing info, payment tokens
Email & Notifications
Resend
USA (SCCs)
Transactional and notification emails
Email address, message logs
Email Marketing
Brevo
EU
Marketing and system emails
Email address, preferences

3. Subprocessor Onboarding & Due Diligence

Before engaging a new subprocessor, Cocopipe:

  1. Reviews the vendor’s privacy and security practices,
  2. Ensures contractual GDPR compliance, and
  3. Performs a risk assessment based on the type of data processed.

All subprocessors are required to:

  • Use data only for authorized purposes,
  • Maintain confidentiality, and
  • Implement industry-standard security controls.

4. Updates to Subprocessors

Cocopipe may update this list periodically as new vendors are engaged or existing ones are replaced.

Customers will be notified via email or in-app notification at least 30 days before any new subprocessor begins processing Customer Data.

To object to a new subprocessor, contact us at [email protected] within that 30-day period.

5. Data Transfers

All subprocessors located outside the European Economic Area (EEA) operate under:

  • The EU Standard Contractual Clauses (SCCs), or
  • An adequacy decision by the European Commission ensuring lawful cross-border data transfers.

5. Data Transfers

For questions about Cocopipe’s subprocessors or data transfer mechanisms:
📧 [email protected]
📍 Registered address: [To be added – Tallinn, Estonia]

References:

Cocopipe Legal Updates Log

Last Updated: 11/11/2025

This page provides a historical record of updates made to Cocopipe’s legal and compliance documentation.

We maintain transparency regarding any changes to our Terms of Service, Privacy Policy, and related documents.

1. Purpose

Cocopipe OÜ (“Cocopipe”, “we”, “our”, or “us”) updates its legal documents to reflect:

  • Changes in applicable laws or regulations,
  • Introduction of new features or products,
  • Adjustments to our business structure or subprocessors, and
  • Clarifications to existing terms for greater transparency.

Each change is logged below with the effective date and summary of modifications.

2. Update History

Date
Document
Summary of Change
Effective Date
11/11/2025
Terms of Service
Initial publication of Cocopipe Terms of Service including scope, accounts, payments, liability, and governing law.
Immediate
11/11/2025
Privacy Policy
Added details on data retention, third-party processors, and GDPR rights.
Immediate
11//11/2025
Acceptable Use Policy
Clarified restricted activities (spam, hacking, AI misuse).
Immediate
11/11/2025
Data Processing Addendum
Defined roles of Controller and Processor; added breach notification clause (72 hours).
Immediate
11/11/2025
Service Level Agreement (SLA)
Introduced 99.9% uptime commitment and support response targets.
Immediate
11/11/2025
Product-Specific Terms
Added CocoAI, API, and Beta features usage terms.
Immediate
11//11/2025
Security & Compliance Overview
Published data encryption, infrastructure, and audit framework details.
Immediate
11/11/2025
Subprocessor List
Published list of subprocessors and EU transfer mechanisms.
Immediate
11/11/2025
Cookies Policy
Immediate

3. Notifications

  • Material updates are communicated via email and/or in-app notification at least 30 days before taking effect.
  • Non-material clarifications (e.g., formatting or typo fixes) are reflected here without prior notice.

4. Contact

For questions about any legal update:
📧 [email protected]
📍 Registered address: [To be added – Tallinn, Estonia]

References: