Privacy Policy

1. Introduction

Welcome to TOPLINER. This Privacy Policy explains how Appollo BV ("we", "us", or "our") collects, uses, discloses, and protects information when you use our AI-powered executive search research platform (the "Service").

We are committed to protecting privacy and ensuring the security of personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Important: You (the user) act as the Data Controller for any candidate or third-party data processed through the Service. We provide tools and infrastructure but do not control how you collect, use, or process such data. You are solely responsible for ensuring your use of the Service complies with all applicable laws and regulations.

2. Information We Collect

2.1 Your Account Information

• Registration Data: Name, email address, password, company name, and profile information
• Project Configuration: Search criteria, project descriptions, notes, and parameters you define
• Communication Data: Messages, feedback, and support requests you send to us

2.2 Automatically Collected Service Data

• Usage Data: Pages visited, features used, time spent on the platform, and interaction patterns
• Technical Data: Browser type, operating system, IP address, and device identifiers
• Log Data: Server logs, error reports, and system activity

2.3 Third-Party Professional Data

The Service may collect, aggregate, and process publicly available professional information from various sources, including but not limited to professional networking platforms, public databases, and company websites. This data is collected using automated tools and may include professional profiles, employment history, and other business-related information that is publicly accessible.

Important Disclaimer: You acknowledge that you are the Data Controller for any third-party data processed through the Service. You are solely responsible for:

• Ensuring you have legal basis to collect and process such data
• Obtaining necessary consents or relying on legitimate interests as required by law
• Complying with all applicable data protection laws (GDPR, CCPA, etc.)
• Ensuring your use complies with terms of service of any third-party platforms
• Responding to data subject requests regarding such data

3. How We Use Information

We use information solely to provide and maintain the Service:

• Service Operation: To provide, maintain, and improve the research platform functionality
• Data Processing: To process queries and requests using AI and automated tools as instructed by you
• Technical Support: To respond to support requests and technical issues
• Security: To detect and prevent fraud, security issues, and unauthorized access
• Legal Compliance: To comply with applicable legal obligations

We do not use candidate or third-party professional data for our own marketing, profiling, or purposes beyond providing the Service to you. We act solely as a Data Processor for such data.

4. Data Sharing and Disclosure

We do not sell or rent data to third parties. We may share information only in the following limited circumstances:

• Infrastructure Providers: Third-party hosting and cloud infrastructure providers (e.g., Microsoft Azure) necessary for Service operation
• Within Your Organization: Data is accessible to team members within your workspace as determined by your access controls
• Legal Obligations: When required by law, court order, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with advance notice)
• With Your Consent: When you explicitly authorize us to share specific information

We do not share, sell, or otherwise disclose candidate or third-party professional data to other Service users or external parties, except as required by law or as necessary to provide the Service to you.

5. Data Security

We implement commercially reasonable technical and organizational measures to protect data, including:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Hosting on enterprise-grade cloud infrastructure

SECURITY DISCLAIMER: While we employ industry-standard security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data. You acknowledge and accept the inherent security risks of using Internet-based services. You are responsible for maintaining the security of your account credentials and for any activities under your account.

6. Your Rights

6.1 Your Rights Regarding Your Account Data

For your personal account information, you have the following rights under GDPR:

• Right to Access: Request a copy of your personal account data
• Right to Rectification: Request correction of inaccurate account information
• Right to Erasure: Request deletion of your account and associated data
• Right to Restriction: Request restriction of processing of your account data
• Right to Data Portability: Receive your account data in a machine-readable format
• Right to Object: Object to processing of your account data

6.2 Rights Regarding Third-Party Professional Data

For candidate or third-party professional data processed through the Service: As you are the Data Controller for such data, you are responsible for responding to data subject requests (access, deletion, rectification, etc.) from candidates or other individuals whose data appears in the Service.

We will provide reasonable assistance to help you respond to such requests, but you remain solely responsible for determining how to respond and for ensuring compliance with applicable laws.

To exercise rights regarding your account, contact: privacy@topliner.app

7. Data Retention

We retain data only for as long as necessary to provide the Service, comply with legal obligations, and resolve disputes:

• Account Data: Retained while your account is active and for up to 30 days after deletion
• Project Data: Retained as long as you maintain the project in your account
• Log Data: Typically retained for 90 days for security and troubleshooting purposes
• Legal Hold: Data may be retained longer if required by law or legal proceedings

You are responsible for managing and deleting third-party professional data processed through the Service in accordance with your data retention policies and applicable laws. We provide tools for data export and deletion upon request.

8. Cookie Policy

8.1 What Are Cookies

Cookies are small text files stored on your device when you visit our website. They help us provide and improve our Service, remember your preferences, and understand how you use the platform.

8.2 Types of Cookies We Use

• Essential Cookies: Required for the Service to function (authentication, security)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand usage patterns (Amplitude Analytics)
• Performance Cookies: Monitor and improve Service performance

8.3 Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may affect the functionality of the Service. Most browsers allow you to refuse cookies or delete existing ones.

9. Automated Data Collection and Third-Party Platforms

9.1 Data Collection Methods

The Service uses automated tools and technologies to collect publicly available professional information from various online sources. This may include web scraping, API integrations, and other automated data collection methods that access publicly accessible information.

9.2 Third-Party Platform Compliance

IMPORTANT: By using the Service, you acknowledge and agree that:

• You are solely responsible for ensuring your use of the Service complies with the terms of service, privacy policies, and acceptable use policies of any third-party platforms from which data is sourced
• We do not warrant or guarantee that data collection methods comply with any specific third-party platform's terms of service
• You use the Service at your own risk and are responsible for any consequences arising from your use of data obtained through the Service
• You will not use the Service in any way that violates applicable laws, regulations, or third-party rights
• We are not responsible for any claims, disputes, or legal actions arising from your use of data collected through the Service

9.3 Limitation of Liability

We explicitly disclaim any liability for how you use data obtained through the Service. You agree to indemnify and hold us harmless from any claims related to your use of such data.

10. International Data Transfers

Data may be transferred to and processed in countries other than your country of residence, including but not limited to the European Union, United States, and other jurisdictions where our service providers operate. Where required by law, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission for transfers outside the EEA.

11. Children's Privacy

The Service is intended for business use only and is not directed to individuals under 18 years of age. We do not knowingly collect personal data from minors. If you become aware that a minor has provided information through your account, please contact us immediately.

12. Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. We will notify users of material changes by email or through the Service at least 30 days before the changes take effect. Your continued use of the Service after changes become effective constitutes acceptance of the modified Privacy Policy.

If you do not agree to the modified Privacy Policy, you must stop using the Service and may request deletion of your account.

13. Contact Us

For questions about this Privacy Policy, data requests, or privacy concerns, contact:

For data subject requests related to third-party professional data in the Service, please contact the organization that uses TOPLINER to process your information, as they are the Data Controller for such data.