Privacy Notice
Our Mission Information We Collect How We Use Your Information How We Share Your Information Data Retention Cookies and Tracking Technologies Your Privacy Rights International Data Transfers Data Security Children’s Privacy Updates to This Notice How to Contact Us
Privacy Policy
Terms of Use
Own Your Data
Security

Privacy Notice for Data Subjects

Last Updated: July 24, 2025

This Privacy Notice explains how Contacts Plus LLC (“we,” “us,” “our”) collects, uses, shares, and protects your Personal Information in our Contacts+ Database, and how you can exercise your privacy rights. It applies to anyone whose Personal Information, as defined in our Privacy Policy and Terms of Use (Section 4), is processed through our website (contactsplus.com), mobile application, APIs, or related contact management services (collectively, the “Services”). For full details, see our Privacy Policy.

Our Mission

Contacts+ helps people and businesses build better relationships by acting as a modern “phone book.” We combine contact information from public sources (e.g., websites, social media) and user contributions to create accurate, up-to-date records in our Contacts+ Database, including End User Contact Data and Completed Contact Data (as defined in our Terms of Use, Section 4). Our Services help users manage contacts, deduplicate records, and find relevant connections while prioritizing your privacy.

Information We Collect

We collect Personal Information, as defined under GDPR Article 4(1) and CCPA Section 1798.140, from the following sources:

  • Public Sources: Data available online (e.g., names, job titles, public social handles), processed under GDPR Article 6(1)(f) (legitimate interests).
  • User Contributions: Contact details (e.g., names, emails, phone numbers) provided by Contacts+ users, such as through contact sharing or uploads (Terms of Use, Section 4.1).
  • You Directly: Information you provide when interacting with our Services or exercising your rights (e.g., via https://www.contactsplus.com/sar).
  • Third Parties: Data from authorized platforms (e.g., Google, per Google API Services User Data Policy) or analytics providers, with your consent or under data processing agreements (GDPR Article 28).

Types of Personal Information:

  • Contact Details: Names, business emails, phone numbers, social handles, addresses, device IDs.
  • Professional Information: Job titles, organizational affiliations, skills.
  • Personal Information: Interests, relationships, demographics (e.g., age, gender, location), profile photos.
  • Sensitive Data: Gender or dates (e.g., birthdays), processed only with your explicit consent (GDPR Article 6(1)(a)).
  • Anonymized Data: Non-identifiable data used for analytics, not considered Personal Information (GDPR Recital 26).

We do not knowingly collect data from minors under 13, per our Terms of Use (Section 1.1) and COPPA (15 U.S.C. § 6502). For EU/EEA users aged 13–16, we require parental consent (GDPR Article 8).

How We Use Your Information

We use your Personal Information to:

  • Provide contact management services, such as storing, syncing, deduplicating, and searching contacts (GDPR: contract performance, Article 6(1)(b)).
  • Enhance features like contact enrichment and deduplication by combining your data with public or user-contributed data to create Completed Contact Data (Terms of Use, Section 4.1; GDPR: consent, Article 6(1)(a), or contract performance).
  • Improve our Services through analytics and research (GDPR: legitimate interests, Article 6(1)(f)).
  • Send marketing communications, with your consent (GDPR Article 6(1)(a); CCPA: opt-out available).
  • Comply with legal obligations, such as fraud prevention or tax reporting (GDPR Article 6(1)(c)).

No automated decision-making or profiling with legal effects occurs (GDPR Article 22). Data from Google APIs is used only to provide Services, per Google API Limited Use requirements (Terms of Use, Section 4.1).

How We Share Your Information

We may share your Personal Information as follows, per our Terms of Use (Sections 3.3, 4):

  • With Your Consent: For example, when you authorize sharing via connected services (e.g., Google) or promotional activities (GDPR Article 6(1)(a)).
  • With Other Users: Limited data (e.g., business emails, public social handles) for deduplication or contact enrichment, unless you opt-out (GDPR: contract performance, Article 6(1)(b); CCPA: opt-out available). Private data (e.g., personal phone numbers, emails) is not shared without explicit consent.
  • With Service Providers: For hosting, analytics, or payment processing (e.g., Stripe), under GDPR-compliant agreements (Article 28).
  • With Corporate Affiliates: To support Services, protected by appropriate safeguards (GDPR Article 46).
  • For Legal Compliance: To meet legal obligations or protect our rights (GDPR Article 6(1)(c)(f)).
  • With Social Media Platforms: Pseudonymized data (e.g., hashed emails) for lead generation, with consent (GDPR Article 6(1)(a); CCPA: opt-out available).
  • For Business Transfers: During mergers or acquisitions (GDPR: legitimate interests, Article 6(1)(f)).

Anonymized Data may be shared for analytics or marketing (GDPR: not applicable; CCPA: not personal information). You can opt-out of data sharing at https://www.contactsplus.com/privacy.

Data Retention

We retain Personal Information only as long as necessary to provide Services, improve our Database, or meet legal obligations (e.g., tax, auditing), per GDPR Article 5(1)(c) and CCPA Section 1798.105. Typically, data is retained for up to 5 years after last update or use, unless you request deletion. Deleted data is removed from our Database, but limited data may be retained for fraud prevention or legal compliance (Terms of Use, Section 4.5). Residual copies in backups are anonymized and retained for up to 12 months.

Cookies and Tracking Technologies

We use cookies and similar technologies for functionality and analytics (e.g., Google Analytics). EU/EEA users are prompted for consent (ePrivacy Directive). California residents can opt-out of non-essential cookies at https://www.contactsplus.com/privacy (CCPA Section 1798.120). Disabling cookies may affect functionality. We do not respond to “Do Not Track” signals due to lack of standardization.

Your Privacy Rights

You have the following rights over your Personal Information, subject to local laws:

  • Access: View your Personal Information (GDPR Article 15; CCPA Section 1798.110).
  • Rectification: Correct inaccurate data (GDPR Article 16; CCPA Section 1798.110).
  • Deletion: Request data removal, subject to exemptions (e.g., legal obligations; GDPR Article 17; CCPA Section 1798.105). Data may be marked as “hidden” to prevent re-entry.
  • Portability: Receive your data in a machine-readable format (e.g., CSV; GDPR Article 20; CCPA Section 1798.100).
  • Restriction: Limit processing in certain cases (GDPR Article 18).
  • Objection: Object to processing for legitimate interests or marketing (GDPR Article 21).
  • Opt-Out of Sale/Sharing: Opt-out of data sharing for analytics or enrichment (CCPA Section 1798.120).
  • Withdraw Consent: Revoke consent for processing (e.g., marketing; GDPR Article 7).

Exercise these rights at https://www.contactsplus.com/sar or contact support@contactsplus.com (mailto:support@contactsplus.com). We verify requests and respond within one month (GDPR Article 12(3)) or 45 days (CCPA Section 1798.130). We do not discriminate against users exercising rights (CCPA Section 1798.125).

California Residents: Request a list of third parties receiving your data for direct marketing, free once annually (Cal. Civ. Code § 1798.83).

EU/EEA Residents: Lodge complaints with your local data protection authority (GDPR Article 77) or seek judicial remedy (Article 79).

International Data Transfers

We may transfer your Personal Information to the United States, Europe, India, or other regions for processing. For EU/EEA data, we use the EU-US Data Privacy Framework (DPF) or Standard Contractual Clauses (SCCs) to ensure compliance (GDPR Article 46). Contact our Data Protection Officer at dpo@contactsplus.com (mailto:dpo@contactsplus.com) for details.

Data Security

We use encryption (e.g., AES-256), firewalls, access controls, and regular audits to protect your data (GDPR Article 32; CCPA Section 1798.81.5). In case of a data breach, we notify affected users and authorities within 72 hours (GDPR Article 33) or promptly (CCPA Section 1798.82).

Children’s Privacy

We do not collect data from children under 13 (COPPA, 15 U.S.C. § 6502). For EU/EEA users aged 13–16, we require parental consent (GDPR Article 8). Contact support@contactsplus.com (mailto:support@contactsplus.com) to delete minors’ data.

Updates to This Notice

We may update this Privacy Notice to reflect changes in our practices or legal requirements (Terms of Use, Section 7.1). For material changes, we’ll notify you 30 days in advance via email or our website. EU/EEA users must consent to material changes affecting data processing (GDPR Article 7). Continued use after non-material changes indicates acknowledgment.

How to Contact Us

For questions, complaints, or to exercise your rights, contact:

Email: support@contactsplus.com (mailto:support@contactsplus.com)

Data Protection Officer: dpo@contactsplus.com (mailto:dpo@contactsplus.com) (GDPR inquiries)

Address: Contacts Plus LLC, 3366 S. Geyer Road, Suite 100, Saint Louis, MO 63127

Toll-Free: 800-430-4095 (California residents)

We respond within one month (GDPR) or 45 days (CCPA). Additional details are at https://www.contactsplus.com/privacy-notice.