Legal

Got a question? Contact us.

Privacy Policy

Last Updated: March 21, 2026

We are committed to protecting your privacy and ensuring the security of your personal data.

This Privacy Policy outlines how we collect, use, and protect your information in accordance with applicable data protection laws. Opportify is designed to respect the principles of the General Data Protection Regulation (GDPR) and other applicable privacy laws. Where Opportify processes personal data of individuals located in the EU/EEA or UK, we apply GDPR-aligned standards to that processing.

1. Who We Are

Opportify is a US-based provider of AI-driven email validation, IP insights, and fraud prevention APIs, primarily targeting the business-to-business (B2B) sector, though also serving individual users. Opportify, Inc. delivers advanced data intelligence and security features to help businesses make informed decisions, reduce fraud, and manage risk effectively.

2. Information We Collect

We collect various types of information to provide and improve our services, including:

We collect only the information necessary to provide our services and do not process personal data for unrelated purposes.

2.1 Personal Data

  1. Contact Information: This includes your name, email address, phone number, and job title, which we use to communicate with you regarding our services, updates, and support.
  2. Account Information: Information such as your username, password, and security questions, which are essential for you to access our services securely.
  3. Billing Information: Payment details, billing address, and transaction history are collected to process transactions and manage billing efficiently.

2.2 Technical Data

  1. Device Information: We collect information about your device, including IP address, browser type, operating system, and device identifiers, to ensure compatibility and enhance the user experience.
  2. Usage Data: This includes log files, user activity, and interactions with our APIs and services, helping us improve our services and detect any issues.

2.3 Other Data

  1. Feedback: Customer feedback, inquiries, and support requests are collected to improve our services and address any concerns or questions you may have.
  2. Marketing Data: Preferences, interests, and interactions with our marketing communications are collected to tailor our marketing efforts to your preferences.

2.4 Fraud Protection Service Data

Fraud Protection Service Data (collected via JavaScript snippet on our customers' websites): When you visit a website that uses Opportify's Fraud Protection service, we may collect the following data on behalf of that website's operator (our customer):

  • Device and browser information: browser type, version, operating system, screen resolution, timezone, installed fonts, and hardware capabilities
  • Behavioral signals: mouse movement patterns, keystroke timing (not content), scroll behavior, form interaction timing, and session activity patterns
  • Session metadata: page load timing, tab focus events, network request patterns
  • Identifier data: email address, IP address, and phone number submitted in forms (only as provided by you to the website)

This data is collected solely for fraud prevention purposes on behalf of our customer (the website operator). These signals may be analyzed and combined using automated systems to generate fraud risk indicators for the website operator. We act as a data processor — the website operator is the data controller responsible for notifying you of this data collection in their own privacy policy.

We do not:

  • Sell this data to any third party
  • Use this data for advertising or marketing purposes
  • Share this data with anyone other than the website operator that contracted our services
  • Use data from one customer's website to process another customer's data

Data Retention: Fraud analysis results and reason codes are retained for 120 days by default (configurable via the client dashboard). Raw behavioral signals are processed in real time and not stored beyond the analysis session.

Automated Decision-Making: Fraud Protection produces risk scores (200–1000) as advisory signals. Final decisions are always made by the website operator or their systems — Opportify's risk scores do not automatically block or approve any action without the customer's explicit implementation.

2.5 Cookies and Tracking Technologies

We and our service providers may use cookies and similar tracking technologies on our website and services. Cookies help us operate our platform, remember your preferences, and analyze usage patterns.

The Fraud Protection JavaScript snippet deployed on our customers' websites may collect device identifiers, browser attributes, and session signals solely for security and fraud prevention purposes as described in section 2.4. This collection is carried out on behalf of and at the direction of the website operator.

You can manage cookie preferences directly through our cookie consent manager (powered by CookieYes) or through your browser settings. For a full list of cookies we use, their purpose, provider, and retention period, please see our Cookie Notice. Note that disabling strictly necessary cookies may affect core platform functionality.

3. How We Use Your Information

We use your information for various purposes, including:

3.1 Service Delivery

  1. Providing and Maintaining Services:To ensure our AI-driven SaaS solutions are delivered effectively and maintained for optimal performance.
  2. Secure Access: To enable secure access to our services via APIs, ensuring your data is protected.
  3. Functionality and Security: To enhance the functionality and security of our platforms, ensuring they meet high-grade security standards.

3.2 Business Operations

  1. Transaction Processing: To process transactions and manage billing, ensuring a smooth and efficient service.
  2. Service Improvement: To use analytics and user feedback to continually improve our services.
  3. Communication: To communicate with you regarding updates, changes, or support, ensuring you are always informed and supported.

3.3 Marketing and Communication

  1. Promotional Materials: To send you promotional materials and newsletters, with your consent, to keep you informed about our services.
  2. Customized Marketing: To customize our marketing efforts based on your preferences and interests.
  3. Customer Feedback: To conduct surveys and obtain customer feedback, helping us improve our services and understand your needs better.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  1. Contractual Necessity: Processing your data is necessary to fulfill our obligations under the contract we have with you. This covers account creation and management, API access and service delivery, and billing and payment processing.
  2. Legitimate Interests: We have legitimate interests in processing your data to improve our services and maintain security. This covers fraud detection and prevention, system monitoring and security, and product improvement and analytics.
  3. Consent: We obtain your consent for specific data collection and processing activities. This covers marketing communications and promotional materials. You may withdraw your consent at any time.
  4. Legal Obligations: We process your data to comply with legal and regulatory requirements, including tax compliance and responding to lawful regulatory requests.

Data Controller and Processor Roles: Opportify, Inc. acts as a data controller for personal data processed in connection with account management, billing, customer support interactions, and our own marketing activities. When providing the Fraud Protection service, Opportify, Inc. acts as a data processor on behalf of the website operator (our customer), who is the data controller for that processing.

4.1 Sub-Processors and Third-Party Service Providers

We engage trusted third-party service providers ("sub-processors") to assist in delivering our services. All sub-processors are permitted to process personal data only under contractual obligations consistent with this Privacy Policy and applicable data protection law. We conduct due diligence on sub-processors to ensure they maintain appropriate technical and organizational measures.

Our current sub-processors include:

  • Amazon Web Services (AWS) — cloud infrastructure and hosting (data processing and storage in the United States via AWS)
  • Stripe — payment processing and billing
  • Xero — accounting and financial record management
  • ActiveCampaign — email marketing and customer communications
  • GitHub — source code management and CI/CD pipelines
  • BetterStack — observability, uptime monitoring, and log management

The full and up-to-date sub-processor list, including details of each provider's role and location, is maintained at opportify.ai/legal/sub-processors. You can subscribe to be notified of any additions or changes to our sub-processor list.

Third-party vendors that receive data via cookies and tracking technologies used on our website for analytics and marketing purposes are described separately in our Cookie Notice and are not sub-processors in the context of Opportify's service delivery.

5. Data Security

We implement high-grade security measures to protect your data, including: 

  1. Encryption: We use data encryption in transit and at rest to ensure your information is secure.
  2. Access Controls: Our security measures include Single Sign-On (SSO), IP Access Control Lists (ACLs), and granular permissions to protect your data.
  3. Monitoring: We conduct regular security assessments and monitoring to identify and address any vulnerabilities.

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. The following indicative retention periods apply:

  1. Account Data: Retained for the duration of the active account relationship. Customers may request full deletion of their account and associated personal data at any time by contacting legal@opportify.ai. Deletion will be completed within 30 days of a verified request, subject to the exceptions below.
  2. Billing Records: Retained for seven (7) years as required by applicable financial and tax regulations, regardless of account deletion requests.
  3. Support Requests: Retained for up to 3 years to support service improvement and to address any follow-up inquiries or disputes.
  4. Fraud Protection Telemetry: Fraud analysis results and reason codes are retained for 120 days by default. Customers can configure a shorter or longer retention period at any time via the client dashboard, subject to applicable law. Raw behavioral signals are processed in real time and not stored beyond the analysis session.
  5. Anonymized and Aggregated Data: Opportify may retain anonymized, aggregated, or de-identified data (data that cannot reasonably be used to identify an individual) indefinitely for product improvement, fraud model training, security research, and audit purposes. This data is not subject to deletion requests as it does not constitute personal data.

Upon expiry of applicable retention periods, personal data is securely deleted or anonymized. Certain data may be retained longer where required by law, legal proceedings, or legitimate dispute resolution.

7. Your Rights

Subject to applicable law, you have the following rights regarding your personal data: 

  1. Access: You have the right to request access to your personal data and obtain a copy of the information we hold about you.
  2. Rectification: You have the right to request correction of any inaccurate or incomplete data we have about you.
  3. Erasure: You have the right to request the deletion of your data, under certain conditions.
  4. Restriction: You can request the restriction of processing your data in specific circumstances.
  5. Portability: You have the right to request that we transfer your data to another organization or directly to you.
  6. Objection: You can object to the processing of your data based on legitimate interests.
  7. Withdraw Consent: You can withdraw your consent at any time for data processed based on your consent.

To exercise any of these rights, please contact us at legal@opportify.ai. We will respond to your request within the timeframe required by law.

To help us process your request efficiently, please note:

  1. Requests may require identity verification to protect your personal data from unauthorized access.
  2. We will respond within the timeframes required by applicable law: within 30 days under GDPR, and within 45 days under CCPA (with a possible extension of an additional 45 days where reasonably necessary).
  3. Requests should be submitted to legal@opportify.ai.

7.1 US State Privacy Rights

Residents of certain US states have additional privacy rights under applicable state law. These include residents of:

  • California (California Consumer Privacy Act / CPRA)
  • Virginia (Consumer Data Protection Act)
  • Colorado (Colorado Privacy Act)
  • Other states that have enacted comprehensive privacy legislation

Qualifying residents may have the right to:

  1. Access the personal data we hold about them;
  2. Request deletion of their personal data;
  3. Request correction of inaccurate personal data; and
  4. Opt out of certain processing activities, including the sale of personal data (we do not sell personal data).

To exercise any of these rights, please contact us at legal@opportify.ai.

8. International Data Transfers

We may transfer your personal data to countries outside the European Economic Area (EEA) that do not offer the same level of data protection. In such cases, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data. These safeguards ensure that your personal data remains protected and that your rights are upheld, even when your data is transferred internationally.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the new policy on our website and, where appropriate, notifying you via email. For material changes, we will provide at least 30 days' advance notice via email to the address associated with your account before changes take effect. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

10. Customer Obligations

If you are an Opportify customer using the Fraud Protection service, you are responsible for disclosing Opportify's data collection to your end users in your own privacy policy and/or cookie notice, and for obtaining any required consents under applicable law.

10.1 Children's Data

Opportify's services are directed exclusively at businesses and adult professionals. We do not intentionally collect personal data from children. We do not collect or verify age information from our registered customers, and our services are not designed for, marketed to, or intended to be used by, individuals under the age of 13 (or under 16 where required by applicable law, including GDPR Article 8 and COPPA).

If our Fraud Protection service is deployed on websites that may be visited by children, the customer (as data controller) is solely responsible for ensuring compliance with applicable children's privacy laws (including COPPA, GDPR Article 8, and equivalent regulations), including configuring appropriate data retention settings and obtaining any required parental consent. Opportify processes data solely on the customer's instructions and cannot independently assess the age of end users visiting customer websites.

If you believe Opportify has inadvertently collected personal data from a child in connection with our own platform (not via the Fraud Protection service on a customer's site), please contact us at legal@opportify.ai and we will take prompt steps to delete it.

11. Contact Us

For any questions or concerns, Opportify can be contacted at:

Email: legal@opportify.ai

Address: Opportify, Inc., a Delaware corporation with its principal place of business at: 2093 Philadelphia Pike, Unit 1183, Claymont, DE 19703, United States

Thank you for using Opportify. We are committed to providing you with high-quality, secure, and innovative AI-driven SaaS solutions.