Cofy Privacy Policy

Privacy Policy

Last Updated April 22, 2025

Introduction

Lithuania Notice at Collection: See the Lithuania law privacy rights section below for important information about your rights under Lithuania privacy laws.

This Privacy Policy describes how Cofy, MB and its corporate affiliates (collectively, "Cofy," "we", "us" or "our") processes personal information that we collect through our digital or online properties or services that link to this Privacy Policy (including our website, social media pages, marketing activities, and other activities described in this Privacy Policy) (collectively, the "Service").

Cofy may provide additional or supplemental privacy policies to individuals for specific products or services that we offer at the time we collect personal information. Cofy provides various services, including a business representative-to-business representative ("B2B") lead database, designed to help its enterprise customers scale their email outreach campaigns.

For data processing activities where we act at the direction of and on our relevant customer's behalf, this Privacy Policy does not apply to such personal information. Our use of personal information that we process on the relevant customer's behalf may be governed by our agreements with such customers.

NOTICE TO EUROPEAN USERS: Please see the Notice to European Users section for additional information for individuals located in the European Economic Area or United Kingdom.

Personal information we collect

We may collect personal information from or about you from a variety of sources, including information you provide directly, third-party sources, and automatic data collection.

  • Contact data, demographic data, account data, communications data, transactional data, marketing data, user-generated content data, financial data, and other data.
  • Third-party sources may include public sources, private sources, customers, service providers, marketing partners, and parties to corporate transactions.
  • Automatic data collection may include device data, online activity data, and communication interaction data.

Some automatic data collection is facilitated by cookies and similar technologies. For information, see our Cookie Notice.

How we use your personal information

  • Service delivery and operations, account management, and support.
  • Service personalization and experience optimization.
  • Research and development, including de-identified or anonymized analysis.
  • Marketing and advertising, including direct marketing and interest-based advertising.
  • Service improvement, analytics, compliance, fraud prevention, and security protection.

For Google Analytics opt-out details, visit Google Analytics Opt-out.

How we share your personal information

We may share personal information with affiliates, service providers, payment processors, advertising partners, subscribers/enterprise customers, data providers, designated third parties, professional advisors, authorities, and business transferees.

Payment card information is collected and processed by our payment processors, such as Stripe.

Your choices

  • Access or update account information by logging into your account.
  • Opt out of marketing communications by using unsubscribe links or contacting us.
  • Control cookies and tracking technologies via browser and cookie settings.
  • Learn more about Do Not Track at allaboutdnt.com.
  • Use Global Privacy Control guidance at globalprivacycontrol.org.

Other sites and services

The Service may contain links to third-party websites, mobile applications, and online services. We do not control such services and are not responsible for their actions.

Security

We use technical, organizational, and physical safeguards to protect personal information. However, no method of storage or transmission can be guaranteed to be fully secure.

International data transfer

We may transfer personal information to countries where privacy laws may differ from those in your location. Users in Europe should review the Notice to European users section below.

Children

The Service is not intended for use by anyone under 18 years of age. If we become aware of collection in violation of law, we will comply with legal deletion requirements.

Changes to this Privacy Policy

We may modify this Privacy Policy at any time. Material updates will be posted on the Service and may be communicated by other appropriate means.

Lithuania privacy rights notice

This section applies only to residents of Lithuania and describes rights and request mechanisms referenced in your policy text.

  • Information, access, correction, deletion, and opt-out.
  • Limit processing of sensitive personal information.
  • Nondiscrimination for exercising privacy rights.

You may submit rights requests by email at david@getcofy.com or by phone at +37060101401.

We may verify identity and authority before processing requests, including requests submitted by authorized agents.

Personal information categories (LCPA summary)

During the prior 12 months, categories of personal information collected, used, and disclosed may include:

  • Contact data
  • Demographic data
  • Account data
  • Communications data
  • Transactional data
  • Marketing data
  • User-generated content data
  • Financial data
  • Other data
  • Data collected via cookies and similar technologies

Third parties may include affiliates, service providers, payment processors, advertising partners, subscribers, data providers, advisors, authorities, and business transferees depending on the context and legal basis.

LCPA statistics (prior calendar year): requests received 22; complied in whole or part 22; denied 0; median response time 1 day; mean response time 1 day.

Shine the Light requests may be sent to david@getcofy.com with subject line "Shine the Light Request".

Notice to European users

This section applies to users in the UK and EEA. References to personal information include personal data under the GDPR.

Cofy acts as controller for processing covered by this policy. Our EU and UK GDPR representative is EDPO.

  • EDPO (EU): Avenue Huart Hamoir 71, 1030 Brussels, Belgium.
  • EDPO (UK): 8 Northumberland Avenue, London WC2N 5BY, United Kingdom.

A useful U.S. state privacy legislation tracker is available at IAPP.

Legal bases may include contractual necessity, legitimate interests, compliance with law, and consent, depending on context and processing purpose.

Your rights may include access, correction, deletion, portability, restriction, objection, and withdrawal of consent. To exercise these rights, contact david@getcofy.com.

If you are not satisfied with our response, you may lodge a complaint with your local supervisory authority, including via EDPB member regulators or the UK ICO complaints page.

For transfers outside Europe, we rely on adequacy decisions, approved safeguards (such as standard contractual clauses), or legal derogations where applicable.