Privacy Policy
Last updated: July 6, 2026
This Privacy Policy explains how Den Hartogh Solutions ("we", "us", "SalesLobe") collects, uses, and protects personal data when you visit our website (www.saleslobe.com), use the SalesLobe application (app.saleslobe.com), or contact us. We are based in the Netherlands and process personal data in accordance with the EU General Data Protection Regulation (GDPR).
1. Who we are
SalesLobe is operated by Den Hartogh Solutions, registered with the Dutch Chamber of Commerce (KVK 93891237) and based in Velp, the Netherlands. For all privacy questions and requests, contact us at info@saleslobe.com.
2. Our two roles under the GDPR
We act in two different roles, depending on whose data is involved:
- As a controller for data about our own website visitors and customers: account details, billing information, contact form submissions, and server logs. For this data, this Privacy Policy is the primary document.
- As a processor for the email content and prospect data that our customers process through SalesLobe. When a reply from one of your prospects flows through SalesLobe, your organization is the controller of that data and we process it on your behalf and on your instructions. A Data Processing Agreement (GDPR Art. 28) is available on request at info@saleslobe.com.
If you received an email that was managed through SalesLobe and want to exercise your privacy rights, please contact the company that emailed you (the controller). If you contact us instead, we will forward your request to them.
3. Data we collect
- Account data: name, email address, company name, and a hashed password (authentication is handled by Supabase Auth).
- Configuration content: tone guides, campaign settings, and workspace preferences you enter into SalesLobe.
- Reply content: emails and replies processed through the channels you connect (for example the Smartlead API or the BCC inbox loop).
- Billing data: processed by Stripe. We never see or store full card numbers.
- Contact form: name, email address, and your message.
- Server logs: IP address, browser type, and timestamps, kept for security and abuse prevention.
We do not run analytics or tracking cookies on this website.
4. Purposes and legal bases
- To provide, operate, and support the service, including billing (performance of a contract, Art. 6(1)(b) GDPR).
- To secure our systems, prevent abuse, and keep server logs (legitimate interest, Art. 6(1)(f) GDPR).
- To respond to messages you send us (legitimate interest or pre-contractual steps).
- To comply with legal obligations such as Dutch tax and bookkeeping requirements (Art. 6(1)(c) GDPR).
- Where we ask for your consent for anything else, you can withdraw it at any time (Art. 6(1)(a) GDPR).
We do not sell personal data. We do not use your data for advertising.
5. AI processing
Reply content is processed through the Anthropic API to classify replies and generate draft responses. Anthropic does not train its models on this data, and retention is limited under Anthropic's API data policies. On Pro and Agency plans you can bring your own Anthropic API key (BYOK): your key is encrypted at rest and AI processing then runs under your own agreement with Anthropic, including zero-data-retention options if your agreement provides them.
Everything Corty learns from your edits stays inside your own workspace. Your data is never used to train shared or third-party models.
6. Sub-processors
We use a small number of service providers to run SalesLobe. Each receives only the data needed for its role:
| Provider | Purpose | Data touched | Region |
|---|---|---|---|
| Supabase | Database, authentication & compute | All workspace data | EU (Stockholm) |
| Anthropic | AI classification & drafting | Reply content | US |
| Vercel | Marketing site & contact form hosting | Contact form submissions | US |
| AhaSend | BCC email routing & transactional email | Email content in transit | EU |
| Make.com | Gmail/Outlook workflow routing | Email content in transit | Global infrastructure |
| Stripe | Billing & payments | Payment data, no email content | US / EU |
We update this list as our stack changes. It is also published on our Security page.
7. International transfers
Your workspace data is stored in the EU (AWS eu-north-1, Stockholm, via Supabase). Some sub-processors process limited data in the United States (Anthropic, Vercel, Stripe). Where personal data leaves the EEA, we rely on the European Commission's Standard Contractual Clauses and, where the provider is certified, the EU-US Data Privacy Framework.
8. Data retention
- Account data is kept for as long as your account is active.
- Reply data retention is configurable per organization, with rolling auto-deletion.
- When you delete your account, all workspace data is permanently removed from our systems. You can export your data first.
- Billing records are kept for as long as Dutch tax law requires (currently seven years).
9. Security
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Every workspace is isolated at the database level with row-level security, so data cannot cross tenant boundaries. We do not currently hold SOC 2 or ISO 27001 certifications ourselves and will not claim badges we have not earned; our infrastructure partners maintain SOC 2 Type II compliance. Full details are on our Security page.
Found a vulnerability? Report it to security@saleslobe.com.
10. Your rights
Where we process your personal data as a controller, you have the right to access your data, correct it, have it deleted, restrict or object to its processing, receive it in a portable format, and withdraw any consent you have given.
To exercise any of these rights, email info@saleslobe.com. We respond within one month at the latest, usually much faster. You also have the right to lodge a complaint with the Dutch supervisory authority, the Autoriteit Persoonsgegevens.
11. Cookies and local storage
This website does not use advertising or analytics cookies, which is why you do not see a cookie banner. We only use what is strictly necessary: the application (app.saleslobe.com) sets authentication cookies and tokens to keep you signed in, and the website stores small functional preferences (such as a dismissed banner) in your browser's local storage.
12. Children
SalesLobe is a business tool and is not directed at anyone under 16. We do not knowingly collect personal data from children.
13. Changes to this policy
We may update this policy as the product or the law changes. For material changes we will notify you by email or a notice on the site before they take effect. The date at the top always reflects the latest version.
14. Contact
Den Hartogh Solutions · KVK 93891237 · Velp, the Netherlands.
Privacy questions and requests: info@saleslobe.com
SalesLobe is a product of Den Hartogh Solutions · KVK 93891237 · Velp, the Netherlands · Terms of Service · Security