Privacy Policy

Last updated: April 1, 2026

1. Introduction

DimeData LLC ("Company," "we," "us," or "our") operates the DimeData platform at dimedata.ai ("the Service"). DimeData LLC is a limited liability company organized and existing under the laws of the Commonwealth of Virginia.

This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the Service.

By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of information as described herein.

2. Information We Collect

2.1 Information You Provide

  • Account information: Name, email address, and authentication credentials when you create an account
  • Payment information: Billing details processed through Stripe (we do not directly store your credit card number)
  • Search queries: Company domains and search parameters you submit when looking up contacts
  • Company Finder conversations: Prompts and messages you provide when using the Company Finder AI chat feature to discover target companies
  • Campaign data: Email templates, recipient lists, campaign settings, and message content you create through the campaign tools
  • Communications: Information you provide when contacting us for support

2.2 Information Generated Through the Service

  • Contact data: Business contact information (names, titles, email addresses) discovered through our AI-powered search process when you look up a company domain
  • Verification results: SMTP email verification status for discovered email addresses
  • Company Finder results: Lists of companies generated by the AI based on your search criteria

2.3 Information Collected Automatically

  • Usage data: Pages visited, features used, searches performed, credits consumed, and interaction patterns
  • Device information: Browser type, operating system, and device type
  • Log data: IP address, access times, and referring URLs
  • Campaign analytics: Email open events (via tracking pixels), link click events, bounce notifications, and unsubscribe events for campaigns sent through the Service
  • Cookies and similar technologies: We use essential cookies for authentication and session management. See Section 8 for details.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the Service: Processing your domain searches, generating contact data through AI and web search, verifying email addresses via SMTP, delivering Company Finder results, and sending campaign emails on your behalf
  • Account management: Creating and maintaining your account, authenticating your identity, managing your subscription, and tracking credit usage
  • Communication: Sending you transactional emails (account verification, subscription confirmations, billing alerts, usage notifications) and responding to support requests
  • Contact database maintenance: Building and maintaining our global contact database to improve lookup speed and data quality for all users (see Section 5)
  • Service improvement:Analyzing aggregated, de-identified usage patterns to improve the Service's performance, accuracy, and features
  • Security: Detecting and preventing fraud, abuse, and unauthorized access
  • Legal compliance: Complying with applicable laws, regulations, and legal processes

4. AI Processing and Data Flow

When you perform a contact search, the following processing occurs:

  • Web search: Your domain query is sent to Serper.dev (a Google Search API provider) to gather publicly available information about the company and its employees
  • AI analysis:Search results and publicly available data are processed by Anthropic's Claude API to extract and organize contact information. Under Anthropic's commercial API terms, your data is not used to train Anthropic's AI models
  • Email verification:Discovered email addresses are verified via our self-hosted Reacher SMTP verification service. This process checks whether an email address is deliverable by communicating with the recipient's mail server. No actual email is sent during verification.

For the Company Finder feature, your chat prompts describing your ideal customer profile are processed by Anthropic's Claude API and Serper.dev to identify and return matching companies.

We transmit only the data necessary for each processing step. We do not send your account information, payment details, or other personal data to AI or search providers.

5. Contact Database and Data Sharing

Business contact data discovered through the Service (names, titles, and business email addresses) is stored in our global contact database. This cached data is used to serve future lookup requests from all users, improving response speed and reducing redundant processing. The global database contains only business contact information and is not linked to the specific user who initiated the original search.

Your account-specific data (search history, saved contacts, CSV exports, campaign data, and Company Finder conversations) is stored separately and is accessible only to you and your team members (if applicable).

We do not sell your personal information. We share data only in the following limited circumstances:

  • Service providers: We share data with third-party services that help us operate the Service:
    • Anthropic— AI processing of search queries and Company Finder conversations
    • Serper.dev— Web search for company and contact information
    • Stripe— Payment processing and subscription management
    • Clerk— Authentication and user management
    • AWS SES— Sending campaign emails on your behalf
    • Resend— Transactional emails (account verification, billing notifications)
    • Railway— Backend hosting and data storage
    • Vercel— Frontend hosting
    • Cloudflare— DNS, CDN, and DDoS protection
  • Legal requirements: We may disclose your information if required by law, regulation, subpoena, court order, or other legal process
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity
  • With your consent: We may share your information for any other purpose with your explicit consent

The above service providers are contractually required to use data solely for purposes of providing the Services and are not authorized to use the data for independent purposes.

6. Campaign Tracking

When you use the email campaign tools, we collect campaign analytics to help you measure the effectiveness of your outreach:

  • Open tracking: Emails sent through the campaign tools may include a small transparent tracking pixel that notifies us when a recipient opens the email
  • Click tracking: Links in campaign emails may be routed through our tracking system to record when a recipient clicks a link
  • Bounce and delivery data: We record delivery status, bounces, and spam complaints for emails sent through the Service

This tracking data is available to you through your campaign dashboard. We use aggregate campaign metrics (open rates, bounce rates) for service improvement purposes. We do not sell campaign analytics data to third parties.

7. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your information, including:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Access controls limiting who can access your data within our organization
  • Secure authentication through Clerk
  • Self-hosted SMTP verification (email addresses are verified on our own infrastructure rather than sent to third-party verification services)
  • Regular security assessments of our infrastructure

However, no method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Cookies and Tracking Technologies

We use the following types of cookies:

  • Essential cookies: Required for authentication, session management, and core Service functionality. These cannot be disabled.
  • Analytics cookies: Used to understand how visitors interact with the Service. We use privacy-respecting analytics that do not track individual users across websites.

We do not use advertising cookies or share cookie data with advertising networks.

9. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Specifically:

  • Account information: Retained while your account is active and for up to 30 days after account deletion
  • Search history and saved contacts: Retained while your account is active. Deleted within 30 days of account termination or upon your written request.
  • Company Finder conversations: Retained while your account is active. Deleted upon account termination or upon request.
  • Campaign data: Campaign content, recipient lists, and analytics are retained while your account is active. Deleted within 30 days of account termination.
  • Global contact database: Business contact data (names, titles, email addresses) contributed to our global database is retained independently of individual user accounts to serve future lookups. This data consists of publicly available business information.
  • Usage and log data: Retained for up to 12 months for security and service improvement purposes
  • Payment records: Retained as required by applicable tax and financial regulations

10. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request that we correct inaccurate or incomplete information
  • Deletion: Request that we delete your personal information, subject to legal retention requirements
  • Export: Request your data in a portable format (CSV export of your contacts is available directly through the Service)
  • Opt-out: Unsubscribe from marketing communications at any time

To exercise any of these rights, please contact us at legal@dimedata.ai. We will respond to your request within 30 days.

11. Virginia Consumer Data Protection Act (VCDPA)

If you are a Virginia resident, you have rights under the Virginia Consumer Data Protection Act, including the right to access, correct, delete, and obtain a copy of your personal data, as well as the right to opt out of the processing of your personal data for targeted advertising, sale, or profiling in furtherance of decisions that produce legal or similarly significant effects.

We do not sell personal data or use it for targeted advertising. To exercise your VCDPA rights, contact us at legal@dimedata.ai. If you are not satisfied with our response, you may appeal by contacting us again, and you have the right to file a complaint with the Virginia Attorney General.

12. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to delete, the right to opt out of the sale or sharing of personal information, and the right to non-discrimination for exercising your rights.

We do not sell or share personal information as defined by the CCPA/CPRA. To exercise your California privacy rights, contact us at legal@dimedata.ai.

13. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

14. International Data Transfers

The Service is operated from the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. By using the Service, you consent to such transfers.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date. For significant changes, we may also notify you by email. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.

16. Limitation of Liability

To the maximum extent permitted by applicable law, we shall not be liable for indirect, incidental, consequential, special, or punitive damages arising from the use of the Service, from reliance on contact data generated by the Service, or from the delivery or non-delivery of campaign emails.

17. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

DimeData LLC
Legal: legal@dimedata.ai
Support: support@dimedata.ai