Last updated: December 1, 2025
🛡️ Privacy Policy
This Privacy Policy explains how Emarketmed collects,
uses, stores, protects, and processes Personal Data in
accordance with applicable Data Protection Laws, including the retained
EU law version of GDPR, the UK GDPR, and relevant privacy legislation of
Israel and other jurisdictions.
1. Data We Collect
We collect and process the following categories of Personal Data:
-
Identification data: full name, email address,
phone number.
-
Lead data: information submitted via forms,
integrations, or CRM sources.
-
Technical data: IP address, device type, browser
version, cookies (as detailed in our Cookie Policy).
-
Operational data: campaign IDs, tracking data,
performance metrics.
We do not collect special categories of data (sensitive personal
information) unless expressly required and consented to by the data
subject.
2. Purpose of Processing
We process Personal Data for the following legitimate business
purposes:
-
Providing CRM and lead delivery services to our
clients.
-
Managing and improving the functionality and performance of our
platform.
-
Ensuring accurate routing, delivery, and secure storage of leads.
-
Security monitoring and fraud detection to protect
our services and users.
- Fulfilling legal and regulatory obligations.
-
Communication with clients, affiliates, and partners regarding our
services.
3. Legal Basis for Processing
Our processing activities are based on the following legal grounds, as
applicable under GDPR and similar laws:
-
Performance of a contract (Article 6(1)(b) GDPR):
Processing necessary to provide the services you or our client have
contracted us for.
-
Legitimate interests (Article 6(1)(f)): Processing
necessary for our legitimate business interests, provided they do
not override your fundamental rights (e.g., security, platform
improvement).
-
Compliance with legal obligations (Article
6(1)(c)): Processing necessary to comply with laws, regulations, and
court orders.
-
Consent (Article 6(1)(a)): Where applicable, we
rely on your specific consent (e.g., for certain marketing
communications).
4. Where Data Is Stored
Your data is securely stored on:
-
AWS EU-West (Paris) data centers: Primary location
for database and application servers.
-
Cloudflare: Used for DNS resolution, security, and
SSL termination.
No data is knowingly transferred outside the EU unless appropriate
safeguards (such as Standard Contractual Clauses - SCCs) are in place
to ensure a high level of protection.
5. Security Measures
We implement strong administrative, technical, and physical safeguards
designed to protect your Personal Data from unauthorized access,
disclosure, alteration, and destruction:
-
Encrypted HTTPS communication (TLS) across all
platform endpoints.
-
Firewall and access rules enforced via AWS Security
Groups.
-
Database accessible **only via localhost** or restricted internal
networks.
- **No public DB endpoints** are exposed.
-
IAM policies (Identity and Access Management) for
least-privilege access.
-
Encryption at rest (e.g., EBS volumes, RDS
storage).
- Regular **audit logs and monitoring** for security events.
6. Data Retention
Personal Data is retained only as long as necessary to:
- Provide the requested services.
-
Comply with specific legal or regulatory requirements (e.g., tax,
audit).
- Maintain accurate business records for legitimate purposes.
Specific retention periods are defined in our internal Data Retention
& Deletion Policy.
7. Data Subject Rights
Depending on your jurisdiction, users may have the following rights
regarding their Personal Data:
-
Access: The right to obtain a copy of your data.
-
Rectification: The right to correct inaccurate or
incomplete data.
-
Erasure ('Right to be Forgotten'): The right to
request deletion of your data.
-
Restriction: The right to limit the way we use your
data.
-
Portability: The right to receive your data in a
structured, commonly used format.
-
Objection: The right to object to processing based
on legitimate interests.
Requests to exercise these rights can be submitted to:
[email protected]
8. Sharing of Personal Data
We share data only with trusted third parties who require it to
perform services on our behalf and are bound by strict contractual
obligations:
-
Hosting providers (AWS): For infrastructure and
storage.
-
Security services (Cloudflare): For network
security and content delivery.
-
Contracted processors: Third-party services
supporting essential CRM functions (e.g., data validation).
We do not sell Personal Data to third parties.
9. Contact Information
For any inquiries or concerns regarding this Privacy Policy, your data
protection rights, or our processing activities, please contact us: