Privacy & Data Protection

Privacy Policy

Testimly ("we," "us," or "our") provides testimonial collection and management services. This Privacy Policy explains how we handle personal data for site visitors, users, and customers.

Last updated: December 21, 2024

Information We Collect

We only collect the data needed to provide testimonial collection services, operate our platform, and meet legal obligations. This includes:

  • Account information: name, email address, company name, and optional profile details when you create an account or contact us.
  • Testimonial content: video recordings, text testimonials, images, and metadata submitted through our collection forms by you or your customers.
  • Payment information: billing details processed securely through Stripe. We do not store full credit card numbers on our servers.
  • Technical data: IP address, device type, browser information, and analytics events captured via our privacy-focused analytics to understand site performance. We do not use invasive fingerprinting or sell this data.

How We Use Information

  • Provide testimonial collection, storage, and display services.
  • Process and host video, text, and image testimonials submitted through our platform.
  • Send service notifications, updates, and respond to support requests.
  • Process payments and maintain billing records.
  • Maintain security, detect abuse, and comply with legal obligations.
  • Improve our services through analytics and user feedback.

Legal Bases

For visitors and customers located in the EU, UK, or similar jurisdictions, we rely on the following legal bases under GDPR:

  • Contract: to deliver testimonial collection and management services.
  • Legitimate Interests: to protect our platform, run analytics, and improve our services.
  • Consent: for optional communications and marketing that require opt-in.
  • Legal obligation: for invoicing, bookkeeping, and regulatory compliance.

Sharing & International Transfers

We do not sell or rent personal information. We may share limited data with:

  • Cloud hosting providers (Vercel, AWS) who store testimonial content and act as processors under written agreements.
  • Payment processors (Stripe) who handle billing securely. We do not store full credit card numbers on our servers.
  • Analytics providers (privacy-focused) who help us understand platform usage without invasive tracking.
  • Professional advisors (legal, accounting) where necessary.
  • Authorities if required by applicable law or to safeguard our rights.

When data leaves your home jurisdiction, we use standard contractual clauses or equivalent safeguards to protect it.

Data Retention

Testimonial content is retained for as long as your account is active or as needed to provide services. Billing records are retained for up to seven (7) years to satisfy contractual and tax requirements. Analytics logs are aggregated and deleted on a rolling 12-month basis. You can request deletion of your data at any time, subject to legal retention requirements.

Your Rights

Depending on where you live, you may have the right to access, correct, delete, port, or restrict processing of your personal data. California residents can opt out of certain disclosures under CCPA. To exercise these rights, contact us at hello@testimly.com and we will respond within 30 days.

Cookies & Analytics

We use lightweight, first-party cookies only when necessary for site functionality and user authentication. Usage analytics is handled via privacy-focused tools that aggregate traffic without sharing personally identifiable information with third parties for advertising. You can block or delete cookies through your browser settings without losing access to our site.

Testimonial Permissions

When collecting testimonials, you are responsible for obtaining proper consent from your customers to collect, store, and display their testimonials. Testimly provides built-in permission tracking features, but you must ensure compliance with applicable laws in your jurisdiction.

Contact

For privacy questions, data requests, or security notifications, email hello@testimly.com. Please include "Privacy" in the subject line so we can route your request quickly.