Privacy Policy

Effective date: March 17, 2026 · Last updated: March 27, 2026

This Privacy Policy explains how ShrimpSandwich ("the Service"), operated by Exec Functions, collects, uses, stores, and protects personal data. We are committed to handling personal data responsibly and in compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR) where applicable.

1. Who We Are

The data controller for personal data processed through the Service is:

Exec Functions
Contact: carl@execfunctions.co

2. What Personal Data We Process

We process two distinct categories of personal data:

A. Account data (about you, our user)

Data	Purpose	Legal basis (GDPR)
Email address, name	Account creation, login, notifications	Contract performance
Login timestamps, IP address	Security, fraud prevention	Legitimate interest
Usage logs	Service improvement, debugging	Legitimate interest
Feature event log (event type, count, timestamp)	Admin usage analytics — aggregate counts of searches, uploads, enrichments, exports, and logins. No contact names, message content, or search query text is stored.	Legitimate interest
Enrichment diagnostic log (LinkedIn URL, enrichment outcome, stages fired, credits used, confidence tier, timestamp)	Admin diagnostic panel — helps identify enrichment quality issues. No message content, invitation text, or contact email addresses are stored in this log.	Legitimate interest
Team membership data (team name, member email addresses, roles: owner / admin / member / viewer, invite timestamp)	Multi-user access control — determines which members can view, enrich, or manage your contact workspace. Accessible only to team members and service administrators.	Contract performance
Consent records (email, team, action taken, policy version, timestamp)	Legal compliance — records when you gave or withdrew consent to share contacts with your team. Retained for 3 years after account deletion regardless of account status.	Legal obligation / Legitimate interest
Data decision records (email, team, choice, timestamp) for removed members	Documents the outcome of your 30-day data decision following team removal. Retained for 3 years.	Legal obligation / Legitimate interest

B. Contact data (about your LinkedIn connections)

When you upload a LinkedIn connection CSV export, we store and process the following data about your connections:

Data	Source	Purpose
Name, company, position, email, LinkedIn URL	Your LinkedIn export	Core service functionality — search and filtering
Connection date, notes	Your LinkedIn export	Displayed in your contact list
Location (city/country)	AI enrichment via web search	Enhanced search and filtering
Industry, company description	AI enrichment via web search	Enhanced search and filtering
Title bucket (seniority tier derived from job title — e.g. "founder", "c_suite", "vp")	Automatically inferred from the position field at upload time for filtering and segmentation	Contract performance

Contact data belongs to you. We process it solely to provide the Service to you and your authorised team members. We do not use your contact data to build our own databases, train AI models, or for any purpose beyond operating the Service.

3. How We Collect Data

Directly from you — when you register, log in, upload a CSV file, or manually edit contact data.
From public web sources — when you request enrichment, we use the Tavily search API to retrieve publicly available information (LinkedIn profile snippets, company websites, Google search results) and AI processing (Anthropic Claude) to extract structured data such as location and industry.
Automatically — standard server logs (IP address, request timestamps) for security and operational purposes.

4. How We Use Data

To provide, operate, and maintain the Service.
To authenticate you and protect your account.
To enrich your contact data on your request using AI-powered web research.
To enable search, filtering, and export of your contacts.
To share contact data with authorised members of your team who use the same account workspace.
To record and honour your consent choices for team data sharing, and to notify you when you need to make a data decision following team removal.
To send transactional notifications (e.g. account invitations).
To diagnose and fix technical issues.

We do not use your data for advertising, profiling for third-party purposes, or automated decision-making that produces legal or similarly significant effects.

5. Third-Party Services

We share data with the following third-party processors only as necessary to provide the Service:

Processor	Purpose	Data shared	Location
Render	Cloud hosting and database	All Service data (stored encrypted at rest)	United States
Tavily	Web search for enrichment	Person name, LinkedIn URL (for search queries)	United States
Anthropic	AI processing for enrichment and search	Anonymised snippets and queries (no full contact lists)	United States

Each processor is bound by data processing agreements and applicable privacy regulations. We do not sell personal data to any third party.

6. International Data Transfers

The Service is hosted in the United States. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, your data is transferred to the US under appropriate safeguards (Standard Contractual Clauses or equivalent mechanisms) as required by GDPR Article 46.

7. Data Retention

Contact data — retained for as long as your account is active. Deleted within 30 days of account termination or upon request.
Account data — retained for the duration of your account plus 90 days to allow for account recovery, then deleted.
Feature event log — retained for up to 12 months for usage analytics, then deleted. Accessible only to service administrators.
Enrichment diagnostic log — retained for up to 12 months for quality diagnostics, then deleted. Accessible only to service administrators.
Team membership data — retained for as long as the team exists. Removed when a member leaves or is removed from the team. Deleted within 30 days of account termination.
Consent records — retained for 3 years after account deletion. These records are not cascade-deleted to ensure legal compliance and audit capability.
Data decision records — retained for 3 years. Records the outcome of 30-day grace periods following team removal.
Server logs — retained for up to 90 days for security purposes, then automatically purged.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access — request a copy of the personal data we hold about you.
Rectification — request correction of inaccurate data.
Erasure ("right to be forgotten") — request deletion of your data. Self-service account deletion is available under Settings → Account → "Delete my account and all data."
Portability — receive your contact data in a machine-readable format (CSV export is available directly in the Service).
Restriction — request that we restrict processing while a dispute is resolved.
Objection — object to processing based on legitimate interest.
Withdraw consent — where processing is based on consent, withdraw it at any time.

To exercise any of these rights, email us at carl@execfunctions.co. We will respond within 30 days. If you are in the EEA, you also have the right to lodge a complaint with your local data protection authority.

9. California Residents — CCPA / CPRA Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) give you specific rights regarding your personal information.

Categories of personal information we collect

We collect the following CCPA categories of personal information: identifiers (name, email address, LinkedIn profile URL); professional or employment-related information (company, position, industry); internet or network activity information (session tokens, IP address, usage events); and inferences drawn from the above (title seniority bucket derived from job title, enrichment outcomes).

Your California rights

Right to Know — You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, business purposes, and categories of third parties with whom we share it.
Right to Delete — You may request deletion of your personal information. Self-service account deletion is available directly in the Service under Settings → Account → "Delete my account and all data." We will fulfil deletion requests within 45 days.
Right to Correct — You may request correction of inaccurate personal information we hold about you.
Right to Opt-Out of Sale or Sharing — We do not sell personal information and do not share personal information for cross-context behavioural advertising. No opt-out action is required.
Right to Limit Use of Sensitive Personal Information — We do not collect or process sensitive personal information as defined under the CPRA (e.g. government IDs, financial account numbers, precise geolocation, health data).
Right to Non-Discrimination — We will not discriminate against you for exercising any of your CCPA/CPRA rights. You will receive the same quality of service regardless of whether you submit a privacy request.

To exercise your California rights, email carl@execfunctions.co with "California Privacy Request" in the subject line. We will respond within 45 days. If we require additional time (up to 90 days total), we will notify you of the extension within the initial 45-day period.

You may also designate an authorised agent to submit requests on your behalf by providing written permission from you.

10. Security

We implement industry-standard security measures including encrypted connections (HTTPS/TLS), encrypted database storage, session-based authentication, and access controls. Contact data is isolated at the team level — members can only access data within their authorised team workspace. Role-based access control (owner, admin, member, viewer) determines what actions each member may perform. We regularly review our security practices and promptly address vulnerabilities. No system is perfectly secure; in the event of a data breach affecting your rights, we will notify you as required by applicable law.

11. Team Data Sharing & Consent

When you join a team workspace via an invitation, you are shown a clear notice explaining that any contacts you upload will be visible to all team members. You must explicitly confirm your understanding before proceeding. This confirmation is recorded in our consent log.

Withdrawing consent

You may withdraw your consent at any time via Settings → Account → "Withdraw consent & leave team." Withdrawal removes all contacts you uploaded from the shared team pool immediately and removes you from the team. Your account is not deleted.

When you are removed from a team

If a team owner removes you from a team, your access is revoked immediately. You will receive an email with a link giving you 30 days to choose what happens to the contacts you uploaded:

Delete — your uploaded contacts are permanently removed from the team pool.
Transfer — your uploaded contacts stay in the team pool under the team's ownership.

If you take no action within 30 days, your contacts are deleted by default. The team owner cannot decide this on your behalf.

Removing your own uploaded contacts

At any time while you are a team member, you can remove only the contacts you uploaded (without leaving the team) via Settings → Account → "Remove my uploaded contacts."

Account deletion

When deleting your account, you will be given the option to also delete the contacts you uploaded to a team pool. Team owners must transfer ownership or remove all other members before deleting their account.

Note on lawful basis: the consent mechanism described above is a transparency and control feature. The underlying lawful basis for team contact sharing is contract performance — it is a core feature of the multi-user service you signed up for. You always retain the rights described in this section regardless of the lawful basis used.

12. Children's Privacy

The Service is not directed at or intended for use by individuals under the age of 18. We do not knowingly collect personal data from minors.

13. Contact Data Belonging to Third Parties

The contacts you store in the Service are individuals whose data you have collected via LinkedIn's authorised connection export feature. You are the data controller for this data and are responsible for ensuring you have a lawful basis to process it. If any of your contacts wishes to access or delete their data, please contact us and we will assist you in fulfilling that request.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or an in-app notice at least 14 days before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.

15. Contact Us

For any privacy-related questions, requests, or concerns:

Exec Functions
Email: carl@execfunctions.co
Website: shrimpsandwich.me