Privacy Policy
How we handle personal data when you use SendRad as a customer and when you process your leads through the product.
Last updated: 2026-05-27
1. Introduction
SendRad (https://sendrad.com) is the name of this software service. SendRad is operated by its founder as an independent software project based in Egypt. SendRad is not yet registered as a separate legal entity.
These documents are provided in plain language for transparency. They are not a substitute for advice from a qualified lawyer in your country. If you need a signed Data Processing Agreement (DPA) for your organization, contact us at hi@sendrad.com.
This Privacy Policy explains how SendRad collects, uses, shares, and protects personal data when you visit our website, create an account, or use our application.
SendRad acts as a data controller for account, billing, and website data about you as a customer. For personal data about your leads and customers that you process through SendRad, you are typically the controller and SendRad acts as a processor on your instructions, subject to a DPA when we offer one.
2. Data we collect
Account data: name, email, password hash (via our auth provider), profile photo URL, workspace membership, and settings.
Product usage data: connected channel metadata, conversations, message bodies, lead/contact fields, AI agent configuration, knowledge base content, lead notes, calendar event details, credit usage, and operational logs (without logging full message bodies in application logs).
Billing data: plan, subscription status, and payment identifiers processed by Polar; we do not store full card numbers.
Website and support: contact form submissions, optional analytics (see Cookies), and technical data such as IP address and browser type in server logs for security.
3. How we use data
- Provide, secure, and improve the Service.
- Authenticate users and enforce workspace access controls.
- Route messages and run AI agents you configure.
- Process payments and manage subscriptions.
- Send transactional emails (for example, human-takeover alerts).
- Respond to support requests and legal obligations.
4. Legal bases (EEA/UK visitors)
Where GDPR or similar laws apply, we rely on: performance of a contract (providing the Service); legitimate interests (security, fraud prevention, product improvement with appropriate safeguards); consent where required (for example, optional marketing if we add it); and legal obligations. You are responsible for choosing the correct legal basis for messaging your own leads.
6. AI processing
When AI replies are enabled, message content and context you provide (including knowledge base excerpts and recent conversation history) are sent to OpenRouter, which routes requests to third-party model providers. We configure routing to avoid providers that collect data for training where possible and prefer zero-data-retention endpoints when available; downstream providers may still process requests according to their own policies.
Do not submit special-category or highly sensitive personal data unless you have a lawful basis and appropriate safeguards.
7. International transfers
SendRad is operated from Egypt. Our providers may process data in the United States, European Union, or other countries. Where required, we rely on appropriate safeguards such as standard contractual clauses offered by providers. Contact us for transfer-related questions.
8. Retention
We retain data while your account is active and as needed to provide the Service, resolve disputes, enforce agreements, and comply with law. You may request deletion of your account data subject to legal and operational limits (for example, billing records). Customer lead data in your workspace is controlled by you; delete it in-product or contact us for assistance.
9. Your rights
Depending on your location, you may have rights to access, correct, delete, restrict, or port personal data, and to object to certain processing. To exercise rights about your SendRad account, email hi@sendrad.com. We may need to verify your identity.
EU/UK residents may lodge a complaint with their local supervisory authority. We will respond within reasonable timeframes required by applicable law.
11. Security
We use technical and organizational measures described on our Security page, including encryption in transit, row-level security in our database, signed webhooks, and encrypted storage for sensitive OAuth tokens where configured. No method of transmission or storage is 100% secure.
12. Children
The Service is for businesses and is not directed to children under 16. We do not knowingly collect personal data from children.
13. Changes
We may update this Privacy Policy. The “Last updated” date at the top will change when we do. Material changes may also be communicated in-product or by email where appropriate.
14. Contact
Email: hi@sendrad.com
Contact form: sendrad.com/contact