Introduction
Welcome to Dana HQ Inc.
Dana HQ Inc. (“us”, “we”, or “our”) operates https://getdex.com, the Dex Personal CRM mobile application and any affiliated software and mobile applications (collectively, the “Site”), and related products and services (collectively, the “Service” or “Services”).
Our Privacy Policy governs your visit to the Site and explains how we collect, safeguard and disclose information that results from your use of our Service.
We use your data to provide and improve Service. By using Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.
Our Terms and Conditions (“Terms”) govern all use of our Service and together with the Privacy Policy constitutes your agreement with us (“agreement”).
Definitions
SERVICE means the https://getdex.com website, Dex Personal CRM mobile application, and any affiliated software and mobile applications operated by Dana HQ Inc.
PERSONAL DATA means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
USAGE DATA is data collected automatically either generated by the use of Service or from Service infrastructure itself (for example, the duration of a page visit).
COOKIES are small files stored on your device (computer or mobile device).
DATA CONTROLLER means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.
DATA PROCESSORS (OR SERVICE PROVIDERS) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.
DATA SUBJECT is any living individual who is the subject of Personal Data.
THE USER is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.
Information Collection and Use
We collect several different types of information for various purposes to provide and improve our Service to you.
Personal Data
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
(a) Email address
(b) First name and last name
(c) Cookies and Usage Data
We may use your Personal Data to contact you with our newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or by emailing at contact@getdex.com.
We will not resell your Personal Data to third parties.
Information You Provide.
We may collect personal information that can be used to contact or identify you, and may include information such as an individual’s name, email address, mailing address, telephone number, and payment or bank account details (“Personal Information”).
When you register an Account, we may collect some Personal Information, such as your name, your phone number, billing information, your email address and postal addresses. Our payment processors may collect payment card or other payment information when needed to process payments. The Site allows you to link your Third Party Accounts. We may use OAuth (as defined below), if available, to access Third Party Accounts in order to limit our collection of your passwords. “OAuth” is an open protocol for authorization, commonly used a way for users to log in to sites using their accounts with third-party services, such as Google or Microsoft, but without exposing their third-party-service passwords to such sites. For a Third Party Account that does not support OAuth, we may ask for your login credentials or other authorization information for such Third Party Account, which may include your email address and password. In all cases, we may collect your name and email address and the names and email addresses of your email contacts, subject to the terms of this Privacy Policy. If you create an Account using your login credentials from one of your Third Party Accounts, we may access and collect your name and email address and other Personal Information that your privacy settings on the Third Party Account permit us to access, subject to the terms of this Privacy Policy.
When you invite others to join Site, you provide us with certain contact information that allows us to send an invitation. We may also receive Personal Information through other users, for example if they have tried to give you access to a Site account or refer Site to you. It is your responsibility to ensure that your Personal Information is up-to-date.
Third-Party Platform Integrations
If you choose to connect a third-party account, product, platform or service, including email, calendar, messaging, social networking, customer relationship management or similar services (“Third-Party Platforms”), we may collect, access, process, store, transmit, import, export or sync information from or to that Third-Party Platform as authorized by you, your account settings, the Third-Party Platform and this Privacy Policy. This may include profile information, contact information, relationship information, message or email metadata, calendar information, notes, activity history, identifiers and other information needed to provide the relevant Service features.
Dex generally communicates with Third-Party Platforms through available authorization methods, APIs, platform-provided tools, browser-based workflows or other connection methods supported by the Service. Syncs may be initiated by you, scheduled automatically, triggered by product workflows or performed to keep connected records current. The scope, frequency and reliability of any sync may depend on your settings, the Third-Party Platform’s rules and limits, and technical conditions outside our control.
Third-Party Platforms may independently monitor, review, rate limit, reject, flag, restrict, suspend or terminate accounts or activity, or make bulk-activity determinations, under their own terms, policies and systems. We do not control those platform decisions or receive complete information about how a Third-Party Platform evaluates account activity. We are not responsible for Third-Party Platform flags, restrictions, suspensions, bulk-activity determinations, data unavailability, failed syncs, API changes, account enforcement decisions or other actions taken by Third-Party Platforms.
If a Third-Party Platform restricts, suspends, terminates or otherwise limits your account, Dex may be unable to continue syncing that account or provide related Service features. We cannot restore or appeal Third-Party Platform account restrictions on your behalf and we do not provide remediation, support commitments, credits, refunds or other remedies for restrictions imposed by Third-Party Platforms. You should direct any account restoration, appeal or enforcement questions to the applicable Third-Party Platform.
We may suspend, limit, disable or disconnect Third-Party Platform integrations if we believe the activity may violate this Privacy Policy, our Terms, applicable law, Third-Party Platform terms or policies, or otherwise create legal, security, platform-enforcement or operational risk. We may retain records related to integration activity, security events, support requests or compliance reviews as needed to operate, secure and improve the Services; comply with law; resolve disputes; and enforce our agreements and policies.
Information imported, exported, synced or generated through integrations may be incomplete, delayed, duplicated, outdated, misattributed or otherwise inaccurate. We may use automated or manual controls to monitor, limit, throttle, troubleshoot or disable integrations, and we may change or discontinue an integration or sync method when appropriate for legal, security, operational or platform-enforcement reasons.
Third-Party Platforms may impose additional requirements on how account data, profile data, content, identifiers, relationship information, messages, posts, analytics or other platform content may be accessed, displayed, used, retained, deleted, transferred, combined, sold, advertised against or otherwise processed. We may limit, delete, de-identify, stop displaying, stop syncing or stop processing Third-Party Platform information when we believe doing so is required or appropriate under a Third-Party Platform’s terms, developer documentation, API requirements, audit requests, data deletion requests, account-standing requirements, platform enforcement decisions, applicable law or our risk controls. We do not guarantee that any Third-Party Platform will permit any particular collection, sync, retention, display, deletion, export, enrichment, automation, messaging or posting workflow.
Dex may also fetch publicly available factual business, profile or contact information from the public web to help enrich contact records. Dex does not use those public-web enrichment features to fetch copyrighted expressive content or information from authenticated, access-controlled, paywalled, private or otherwise non-public sources. Public-web enrichment results may be incomplete, outdated, misattributed or inaccurate, and you are responsible for reviewing them before relying on, storing, exporting, displaying, sharing or otherwise processing them.
Sensitive Information
The Services are not designed for protected health information, payment card data, government identification numbers, financial account numbers, biometric identifiers, children’s data or other highly regulated or sensitive information unless we expressly agree otherwise in writing. If you choose to include sensitive information in notes, custom fields, uploads, connected accounts or other Service features, you are responsible for ensuring that you have the rights, notices, consents and lawful basis required to provide that information to us and to use it with the Services.
Your Privacy Rights
Depending on where you live and subject to applicable law, you may have rights to request access to, correction of, deletion of, portability of or restrictions on certain Personal Data and Personal Information we maintain about you. You may also have rights to object to certain processing or opt out of certain marketing communications. To exercise a privacy right, please contact legal@getdex.com. We may need to verify your identity and authority before responding, and some requests may be limited or denied where permitted by law, including where information is needed for security, fraud prevention, legal compliance, dispute resolution, backups or enforcement of our agreements.
Usage Data
We may also collect information that your browser sends whenever you visit our Service or when you access Service by or through a mobile device (“Usage Data”).
This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When you access Service with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
Tracking Cookies Data
We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
(a) Session Cookies: We use Session Cookies to operate our Service.
(b) Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
(c) Security Cookies: We use Security Cookies for security purposes.
(d) Advertising Cookies: Advertising Cookies are used to serve you with advertisements that may be relevant to you and your interests.
How We Use Personal Information and Data
Dana HQ Inc. uses the collected data for various purposes:
(a) to provide and maintain our Service;
(b) to notify you about changes to our Service;
(c) to allow you to participate in interactive features of our Service when you choose to do so;
(d) to provide customer support;
(e) to gather analysis or valuable information so that we can improve our Service;
(f) to monitor the usage of our Service;
(g) to detect, prevent and address technical issues;
(h) to fulfill any other purpose for which you provide it;
(i) to operate, secure, monitor, limit, troubleshoot, disconnect or improve integrations, sync functionality and connected account features;
(j) to detect, prevent, investigate or respond to abuse, spam, security incidents, unauthorized activity, platform-enforcement risk or violations of our Terms or Third-Party Platform terms;
(k) to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
(l) to provide you with notices about your account and/or subscription, including expiration and renewal notices, email-instructions, etc.;
(m) to provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information;
(n) in any other way we may describe when you provide the information.
Additional Limits on Use of Your Google User Data
Notwithstanding anything else in this Privacy Policy, if you provide the Site access to the following types of your Google data, the App's use of that data will be subject to these additional restrictions:
The Site will only use access to read, write, modify, or control Gmail message metadata to show relevant emails during use of Services and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets. The Site will not use this Gmail data for serving advertisements. The Site will not allow humans to read this Gmail data unless we have your affirmative agreement for metadata of specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the App's internal operations and even then only when the data have been aggregated and anonymized.
The provision of Google and/or Gmail data is not required for use of services.
Additional Limits on Use of Integrated Account Data
We retain integrated account data and credentials, tokens or similar authorization information that you provide to us only as needed to provide, secure, troubleshoot, maintain and improve opt-in syncing and connected account functionality; comply with applicable law; resolve disputes; and enforce our agreements and policies. If you provide the Site access to login credentials, tokens or authorization information for external sources, the Site will use that access only for relevant product-based workflows and related security, support, compliance and operational purposes described in this Privacy Policy.
We do not intentionally allow humans to access integrated account credentials or tokens except with your affirmative consent for support, where necessary for security purposes such as investigating abuse, to comply with applicable law, or for limited internal operations subject to appropriate safeguards. We may be unable to provide certain Service features if you decline, revoke or lose access to an integrated account.
The provision of integrated account data is not required for use of services.
Service Providers and Onward Transfers
We may transfer Personal Information and Personal Data to Service Providers, payment processors, analytics providers, infrastructure providers, support tools, communication tools, security vendors, professional advisers, corporate transaction counterparties and other third parties described in this Privacy Policy. We require Service Providers that process Personal Information and Personal Data on our behalf to use that information only to perform services for us and to protect it using appropriate contractual, technical and organizational safeguards.
Legal and Regulatory Disclosures
We may disclose Personal Information and Personal Data if we believe in good faith that disclosure is reasonably necessary to comply with applicable law, regulation, legal process or governmental request; to enforce our agreements and policies; to protect the security, integrity and availability of the Services; to investigate or prevent fraud, abuse, spam, security incidents or technical issues; or to protect the rights, property or safety of Dana HQ Inc., our users or others.
Retention of Data
We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
International Data Transfers
Your information, including Personal Data, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.
Where required by applicable law, we use lawful transfer mechanisms designed to protect Personal Data when it is transferred internationally, such as adequacy decisions, standard contractual clauses, contractual commitments with Service Providers, certifications maintained by eligible third parties, your consent or other lawful transfer mechanisms. These mechanisms do not make the data protection laws of every country identical, and we cannot guarantee that foreign courts, law enforcement authorities or regulators will not access information where permitted by local law.
Disclosure of Data
We may disclose personal information that we collect, or you provide in these cases:
(a) Disclosure for Law Enforcement.
Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities.
(b) Business Transaction.
If we or our subsidiaries are involved in a merger, acquisition or asset sale, your Personal Data may be transferred.
(c) Non-Private or Non-Personal Information. We may disclose your non-private, aggregated, or otherwise non-personal information, such as usage statistics of our Service.
(d) Advertising. We permit third party advertising networks and providers to collect Web-Behavior Information regarding the use of our Services to help us to deliver targeted online advertisements ("ads") to you. They use cookies and similar technologies, to gather information about your browser's or device's visits and usage patterns on our Services and on other websites over time, which helps to better personalize ads to match your interests, and to measure the effectiveness of ad campaigns.
Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Service Providers
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), provide Service on our behalf, perform Service-related services or assist us in analysing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Analytics
We may use third-party Service Providers to monitor and analyze the use of our Service.
Google Analytics
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en
We also encourage you to review Google's policy for safeguarding your data: https://support.google.com/analytics/answer/6004245.
Firebase
Firebase is an analytics service provided by Google Inc.
You may opt-out of certain Firebase features through your mobile device settings, such as your device advertising settings or by following the instructions provided by Google in their Privacy Policy: https://policies.google.com/privacy?hl=en
For more information on what type of information Firebase collects, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en
Segment.io
Segment.io is a web traffic analysis tool. You can read the Privacy Policy for Segment.io here: https://segment.com/legal/privacy/.
Sentry
Sentry provides real-time error tracking for your web apps, mobile apps and games, which gives developers the insight needed to reproduce and fix crashes. For more information on what Sentry collects, please visit the Sentry Privacy Policy here: https://sentry.io/privacy/
Intercom
Intercom is a Conversational Relationship Platform. You can read the Privacy Policy for Intercom here: https://www.intercom.com/legal/privacy
Amplitude
Amplitude is a cloud-based product-analytics platform that helps customers build better products. You can read the Privacy Policy for Amplitude here: https://amplitude.com/privacy
Customer.io
Customer.io is a marketing platform for sending targeted and automated emails, push notifications, and SMS messages. You can read the Privacy Policy for Customer.io here: https://customer.io/legal/privacy-policy/
Payments
We may provide paid products and/or services within Service. In that case, we use third-party services for payment processing (e.g. payment processors).
We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
The payment processors we work with are:
Stripe:
Their Privacy Policy can be viewed at: https://stripe.com/us/privacy
RevenueCat:
Their Privacy Policy can be viewed at: https://www.revenuecat.com/privacy
Links to Other Sites
Our Service may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Children's Privacy
Our Services are not intended for use by children under the age of 13 (“Children”).
We do not knowingly collect personally identifiable information from Children under 13. If you become aware that a Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.
Your Choices in Changing or Deleting Your Information
You can access and modify the Personal Information associated with your Account by contacting us at contact@getdex.com. Please note that if you signed up using Third Party Account, you may have to access and modify the Personal Information associated with your Third Party Account in order to modify certain of the Personal Information associated with your Account.
To stop the use and disclosure of your Personal Information and Personal Data, individuals may delete their account. If you want us to delete your Personal Information, Personal Data, and your Account, please delete your Account via https://getdex.com/appv3/settings/account or contact us at contact@getdex.com with your request. We will take steps to delete your information as soon as is practicable. Once you initiate your request, this process cannot be cancelled, undone, withdrawn, or reversed. When your account is deleted, we will delete or de-identify Personal Data and Personal Information associated with your Account, subject to the following limitations: a) some information may remain in archived or backup copies for a limited period; b) we may retain information where required or permitted by law, including for security, fraud prevention, abuse prevention, legal compliance, dispute resolution, billing, tax, accounting, audit, backup or enforcement purposes; and c) information that has already been aggregated or de-identified may be retained and used as described in this Privacy Policy.
Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
We will let you know via email and/or a prominent notice on our Service prior to the change becoming effective where required by law, and we will update the “Last updated” date at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
International Privacy Questions
Dana HQ Inc. handles international transfers as described above and does not use this Privacy Policy to claim participation in any particular transfer framework unless expressly stated in a current certification notice. If you have questions about international transfers or other privacy matters, please contact legal@getdex.com.
Privacy Questions and Complaints
If you have questions, inquiries or complaints about this Privacy Policy or our handling of Personal Information or Personal Data, please contact us at legal@getdex.com. Depending on where you live, you may also have the right to contact your local data protection authority or other regulator.
AI Assistant Integration
When you connect your Dex account to a supported AI assistant (such as ChatGPT or Claude) through the Model Context Protocol (MCP), the following categories of your stored CRM data may be shared with the AI assistant at your request:
(a) Contact names, job titles, and company affiliations
(b) Contact email addresses and phone numbers
(c) Social media profile URLs and website URLs
(d) Contact photographs and avatar images
(e) Dates of birth and other biographical details
(f) Notes, interaction history, and meeting records you have logged
(g) Reminders and follow-up tasks
(h) Custom fields and their values
(i) Tags and group memberships
This data is only shared when you explicitly invoke a tool or query through the AI assistant or enable a related workflow. Unless you enable a feature or configuration that permits additional access, the AI assistant does not have passive or background access to your data through Dex. Your use of AI assistant integrations is subject to the respective AI provider's terms of service and privacy policy. We do not control and are not responsible for an AI provider’s processing, retention, training, security practices, outputs or other use of information after you direct the Services to share information with that AI assistant. You are responsible for reviewing any information before sharing it with an AI assistant and for reviewing AI outputs before relying on them.
Contact Us
If you have any question, inquiries, or complaints about this Privacy Policy, please contact us:
By email: contact@getdex.com.