Privacy Policy

Last updated: March 19, 2026

Pelin ApS ("Pelin", "we", "us", or "our"), a company registered in Denmark with its office in Copenhagen, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard your information when you use our products and services ("Services").

1. Data Controller

Pelin ApS is the data controller for the personal data we collect about you as a user of our Services (e.g., account information, usage data). When you upload Customer Data containing personal data of your own customers or end users, you remain the data controller and Pelin acts as data processor on your behalf.

2. Information We Collect

Account Information

When you create an account, we collect:

  • Name and email address
  • Company name and role
  • Payment information (processed securely by our third-party payment provider; we do not store card details)

Customer Data

To provide our Services, you may connect data sources that contain:

  • Support tickets and conversations
  • Customer feedback and surveys
  • Sales call recordings and transcripts
  • Internal communications (e.g., Slack messages)
  • Product analytics data

This data belongs to you. We process it solely to provide the Services. You are responsible for ensuring that you have a valid legal basis (e.g., consent or legitimate interest) to share any personal data contained within Customer Data with Pelin.

Usage Information

We automatically collect:

  • Log data (IP address, browser type, pages visited)
  • Device information
  • Feature usage and interaction data
  • Cookies and similar tracking technologies

3. Legal Basis for Processing (GDPR)

We process personal data on the following legal bases under Article 6 of the GDPR:

  • Performance of a contract — to provide the Services you have subscribed to
  • Legitimate interests — to improve the Services, prevent fraud, and ensure security, where such interests are not overridden by your data protection rights
  • Legal obligation — to comply with applicable laws and regulations
  • Consent — where applicable, for optional processing such as marketing communications (which you may withdraw at any time)

4. How We Use Your Information

We use your information to:

  • Provide, operate, and maintain the Services
  • Process Customer Data to generate insights
  • Send transactional and service-related communications
  • Provide customer support
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations
  • Improve and develop the Services (using aggregated and anonymized data only)

5. AI Processing

Our Services use artificial intelligence and machine learning to analyze Customer Data and generate insights. You acknowledge that:

  • AI processing occurs on secure servers with strict access controls
  • We do not use your Customer Data to train general-purpose AI models
  • AI-generated outputs are for informational purposes only and may contain inaccuracies
  • No automated decision-making with legal or similarly significant effects is carried out without human oversight

6. Data Sharing and Sub-processors

We do not sell your personal data. We share data only in the following circumstances:

  • Sub-processors — trusted service providers who assist in operating the Services (e.g., cloud hosting, payment processing, analytics). All sub-processors are bound by data processing agreements and are required to comply with GDPR
  • Legal compliance — when required by law, court order, or governmental request
  • Business transfers — in connection with a merger, acquisition, or sale of assets, subject to confidentiality obligations

7. International Data Transfers

Your data is primarily stored within the European Economic Area (EEA). Where data is transferred outside the EEA, we ensure adequate protection through:

  • EU Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable
  • Supplementary technical and organizational measures as recommended by the EDPB

8. Data Retention

We retain your Account Information for as long as your account is active and for a reasonable period thereafter as required by law or for legitimate business purposes. Customer Data is retained in accordance with your subscription plan. Upon termination of your account, we will delete or anonymize your data within 90 days, unless retention is required by law. You may request deletion of your data at any time.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Regular security assessments
  • Role-based access controls and authentication
  • Continuous monitoring and incident response procedures

While we take reasonable steps to protect your data, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. Your Rights Under GDPR

If you are located in the European Economic Area, you have the following rights under the GDPR:

  • Right of access (Art. 15) — obtain a copy of your personal data
  • Right to rectification (Art. 16) — correct inaccurate or incomplete data
  • Right to erasure (Art. 17) — request deletion of your data
  • Right to restriction (Art. 18) — restrict processing in certain circumstances
  • Right to data portability (Art. 20) — receive your data in a structured, machine-readable format
  • Right to object (Art. 21) — object to processing based on legitimate interests
  • Right to withdraw consent (Art. 7) — where processing is based on consent
  • Right to lodge a complaint — with the Danish Data Protection Agency (Datatilsynet) or your local supervisory authority

To exercise any of these rights, contact us at privacy@pelin.ai. We will respond within 30 days.

11. Cookies

We use cookies and similar technologies for the following purposes:

  • Essential cookies — required for the Services to function (authentication, security)
  • Analytics cookies — to understand how the Services are used and to improve them

You can manage cookie preferences through your browser settings. For more information, see our Terms of Service.

12. Children's Privacy

The Services are intended for business use and are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Services at least 30 days before they take effect. The "Last updated" date at the top indicates when this policy was last revised. Continued use of the Services after changes take effect constitutes acceptance.

14. Contact Us

For privacy-related questions, please contact us at:

Pelin ApS
Copenhagen, Denmark
privacy@pelin.ai

You may also contact our Data Protection Officer at dpo@pelin.ai.