All Features on Every Plan. No Lock-In.
Jellyreach

Privacy Policy

Last Updated: October 12, 2025
This Privacy Policy describes how Jellymetrics d.o.o. Tuzla, doing business as Jellyreach ("Jellyreach", "we", "us", or "our"), collects, uses, stores, and protects your personal information when you visit or use https://jellyreach.com (the "Site") and our related services, applications, and platform (collectively, the "Services").
We are committed to protecting your privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), UK Data Protection Act, and other relevant privacy legislation.
PERSONAL INFORMATION WE COLLECT
When you visit the Site or use our Services, we collect different types of information depending on how you interact with us:
1. Information You Provide Directly
When you register for an account, make a purchase, or use our Services, we collect information including:
  • Name, email address, phone number
  • Billing address, payment information (processed securely by our payment processor)
  • Company name and business information
  • Account credentials (username and encrypted password)
  • Communication preferences and marketing consent
  • Customer support communications and feedback
2. Information Collected Automatically (Device Information)
When you visit our Site, we automatically collect certain information about your device and browsing activity, including:
  • IP address, browser type and version, device type
  • Operating system, time zone setting
  • Pages visited, time spent on pages, links clicked
  • Referring website, search terms used to find our Site
  • Date and time stamps of your visits
We collect this Device Information using the following technologies:
  • "Cookies" are data files placed on your device that help us remember your preferences and understand how you use our Site. For more information about cookies and how to manage them, visit http://www.allaboutcookies.org.
  • "Google Analytics 4 (GA4)" - We use Google Analytics to understand how visitors interact with our Site, including page views, user demographics, traffic sources, and behavior patterns. Google Analytics uses cookies and similar technologies to collect this information. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on available at https://tools.google.com/dlpage/gaoptout. Learn more about how Google uses data at https://policies.google.com/technologies/partner-sites.
  • "Log Files" track actions occurring on the Site and collect data including your IP address, browser type, internet service provider, referring/exit pages, and timestamps.
  • "Web Beacons," "Tags," and "Pixels" are electronic files that record information about your browsing behavior, including which emails you open and which links you click.
3. Customer Data You Upload to Our Platform
When you use our email and SMS marketing Services, you upload and manage contact data including:
  • Contact names, email addresses, phone numbers
  • Custom fields and segmentation data
  • Email campaign content, SMS messages, and templates
  • Engagement metrics (open rates, click rates, conversions)
  • Campaign performance data and analytics
For this Customer Data, you act as the Data Controller and we act as the Data Processor under GDPR. You are responsible for obtaining all necessary consents from your contacts and complying with applicable privacy laws.
HOW WE USE YOUR PERSONAL INFORMATION
We use the information we collect for the following purposes:
To Provide and Improve Our Services:
  • Create and manage your account
  • Process payments and fulfill orders
  • Send email and SMS campaigns on your behalf
  • Provide customer support and respond to inquiries
  • Send service-related notifications (account updates, security alerts, billing information)
  • Monitor and improve Service performance, reliability, and deliverability
  • Develop new features and functionality
For Analytics and Optimization:
  • Analyze how users interact with our Site and Services
  • Understand user demographics and behavior patterns
  • Measure the effectiveness of our marketing campaigns
  • Optimize user experience and website performance
  • Generate aggregated, anonymized analytics and insights
For Artificial Intelligence and Machine Learning:
We use data from your campaigns, engagement metrics (such as open rates, click rates, and conversion data), and usage patterns to train and improve artificial intelligence and machine learning models. These models power features such as:
  • Recommendation systems and lead scoring
  • Predictive analytics and forecasting
  • Content optimization and personalization
  • Send-time optimization
  • Intelligent automation and workflow improvements
Personal identifying information in your contact lists (such as names, email addresses, and phone numbers) is anonymized or aggregated before being used for model training.
For Security and Fraud Prevention:
  • Detect and prevent fraud, spam, and abuse
  • Monitor for security threats and unauthorized access
  • Enforce our Terms of Service and Acceptable Use Policy
  • Protect the rights, property, and safety of Jellyreach, our users, and the public
For Marketing and Communication (with your consent):
  • Send promotional emails about new features, updates, and special offers
  • Display targeted advertisements based on your interests
  • Conduct surveys and request feedback
You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us at [email protected].
For Legal Compliance:
  • Comply with applicable laws, regulations, and legal processes
  • Respond to lawful requests from public authorities
  • Enforce our legal rights and contracts
LEGAL BASIS FOR PROCESSING (GDPR)
For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal information based on the following legal grounds:
  • Contractual Necessity: Processing necessary to provide the Services you requested and fulfill our contract with you
  • Legitimate Interests: Processing necessary for our legitimate business interests (such as improving our Services, fraud prevention, and security) that do not override your rights
  • Legal Obligation: Processing necessary to comply with applicable laws and regulations
  • Consent: Processing based on your explicit consent, which you can withdraw at any time
SHARING YOUR PERSONAL INFORMATION
We share your personal information with third-party service providers and partners who help us operate our Services. We do not sell your personal information to third parties.
Third-Party Service Providers:
  • Payment Processors: 2Checkout (Verifone) processes payments and billing information. Their privacy policy is available at https://www.2checkout.com/policies/privacy-policy.
  • Analytics Providers: Google Analytics 4 (GA4) helps us understand how users interact with our Site. Google's privacy policy is available at https://policies.google.com/privacy.
  • Email Service Providers: Third-party email infrastructure providers that help us send email campaigns on your behalf.
  • SMS Service Providers: Third-party SMS infrastructure providers that help us send SMS messages on your behalf.
  • Hosting and Infrastructure: Cloud hosting providers in Ireland and other locations that store and process data on our behalf.
  • Customer Support Tools: Help desk and support software providers that assist us in providing customer service.
  • Marketing and Advertising Platforms: Services that help us deliver targeted advertisements (Google Ads, Facebook Ads, etc.).
All third-party service providers are contractually obligated to protect your data and use it only for the purposes we specify.
Legal and Safety Disclosures:
We may disclose your personal information when required by law or necessary to:
  • Comply with a subpoena, court order, or other legal process
  • Respond to lawful requests from public authorities
  • Enforce our Terms of Service and other agreements
  • Protect the rights, property, and safety of Jellyreach, our users, or the public
  • Prevent fraud, security threats, or illegal activity
Business Transfers:
If Jellyreach is involved in a merger, acquisition, sale of assets, or bankruptcy, your personal information may be transferred to the acquiring entity. We will notify you of any such change and the choices you may have.
INTERNATIONAL DATA TRANSFERS
Jellyreach is registered in Bosnia and Herzegovina, and our Services are hosted primarily in Ireland. If you access our Services from outside these regions (including the EEA, UK, or other countries), your personal information will be transferred to and processed in Ireland and potentially other countries where our service providers operate.
We ensure that international data transfers comply with applicable data protection laws by implementing appropriate safeguards, including:
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for countries with equivalent data protection standards
  • Data Processing Agreements with all service providers
COOKIES AND TRACKING TECHNOLOGIES
We use cookies and similar tracking technologies to enhance your experience, analyze usage patterns, and deliver personalized content. You can control cookies through your browser settings.
Types of Cookies We Use:
  • Essential Cookies: Required for the Site to function properly (session management, authentication)
  • Performance Cookies: Collect anonymous data about how you use our Site (Google Analytics)
  • Functional Cookies: Remember your preferences and settings
  • Advertising Cookies: Used to deliver relevant advertisements and measure campaign effectiveness
To manage or disable cookies, adjust your browser settings or visit http://www.allaboutcookies.org for instructions.
BEHAVIOURAL ADVERTISING & OPT-OUT
We use your personal information to provide targeted advertisements and marketing communications that may be of interest to you. These advertisements may appear on our Site, third-party websites, and social media platforms.
You can opt out of targeted advertising through the following links:
  • Google Ads: https://adssettings.google.com
  • Facebook: https://www.facebook.com/settings/?tab=ads
  • Microsoft Advertising: https://about.ads.microsoft.com/en-us/resources/policies/personalized-ads
  • Industry Opt-Out Tools: http://optout.aboutads.info/ (Digital Advertising Alliance) or http://www.youronlinechoices.com/ (European Interactive Digital Advertising Alliance)
Please note that opting out of targeted advertising does not mean you will stop seeing advertisements—you will still see generic, non-targeted ads.
DO NOT TRACK SIGNALS
Some browsers include a "Do Not Track" (DNT) feature that signals to websites you visit that you do not want to have your online activity tracked. We currently do not respond to DNT signals or similar mechanisms because there is no industry-wide standard for how to interpret and respond to these signals.
YOUR RIGHTS & CHOICES
Depending on your location and applicable laws, you may have the following rights regarding your personal information:
Rights for EEA, UK, and Swiss Residents (GDPR):
  • Right to Access: Request a copy of the personal information we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete information
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal information, subject to legal obligations
  • Right to Restrict Processing: Request that we limit how we use your information
  • Right to Data Portability: Request a copy of your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: File a complaint with your local data protection authority
Rights for California Residents (CCPA/CPRA):
  • Right to know what personal information we collect, use, and disclose
  • Right to delete personal information, subject to exceptions
  • Right to opt out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights
How to Exercise Your Rights:
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days. We may ask you to verify your identity before processing your request to protect your privacy and security.
DATA RETENTION
We retain your personal information for as long as necessary to provide our Services, comply with legal obligations, resolve disputes, and enforce our agreements.
  • Account Information: Retained while your account is active and for a reasonable period after account closure to comply with legal and contractual obligations
  • Customer Data (contacts, campaigns): Retained until you delete it or request deletion, unless legally required to retain it longer
  • Analytics Data: Typically retained for 26 months (Google Analytics default) or as configured
  • Financial Records: Retained for at least 7 years to comply with tax and accounting regulations
  • Support Communications: Retained for 3-5 years for quality assurance and legal purposes
When we no longer need your personal information, we securely delete or anonymize it in accordance with our data retention policies.
DATA SECURITY
We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:
  • Encryption of data in transit (HTTPS/TLS) and at rest
  • Secure authentication and access controls
  • Regular security assessments and vulnerability testing
  • Employee training on data protection and security
  • Logging and monitoring of system access
  • Incident response and data breach notification procedures
However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.
DATA BREACH NOTIFICATION
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users and relevant supervisory authorities within 72 hours of becoming aware of the breach, as required by GDPR and other applicable laws.
CHILDREN'S PRIVACY
Our Services are not intended for individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you are a minor in your jurisdiction (generally under 18), you must have parental or guardian permission to use our Services.
If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information as quickly as possible. If you believe we have collected information from a child under 13, please contact us immediately at [email protected].
DATA PROCESSING AGREEMENT (DPA)
For customers who act as Data Controllers when using our Services (uploading contact lists and sending campaigns), we offer a Data Processing Agreement (DPA) that complies with GDPR Article 28 requirements. The DPA governs how we process personal data on your behalf and includes:
  • Subject matter and duration of processing
  • Nature and purpose of processing
  • Types of personal data and categories of data subjects
  • Your rights and obligations as Data Controller
  • Our obligations as Data Processor
  • Security measures and sub-processor arrangements
  • Data subject rights assistance
  • Data breach notification procedures
To request a copy of our DPA, please contact us at [email protected].
THIRD-PARTY LINKS
Our Site may contain links to third-party websites, applications, and services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.
CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this policy and may notify you by email or through a prominent notice on our Site.
We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your personal information. Your continued use of our Services after changes are posted constitutes your acceptance of the updated Privacy Policy.
CONTACT US & DATA PROTECTION OFFICER
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: [email protected]
Address: Jellymetrics d.o.o. Tuzla, RME Azabagića 33, Tuzla, TK 75000, Bosnia & Herzegovina
SUPERVISORY AUTHORITY
If you are located in the EEA, UK, or Switzerland and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.
  • EU Data Protection Authorities: https://edpb.europa.eu/about-edpb/board/members_en
  • UK Information Commissioner's Office (ICO): https://ico.org.uk/make-a-complaint/
  • Swiss Federal Data Protection and Information Commissioner (FDPIC): https://www.edoeb.admin.ch/