Privacy Policy

Last Updated: November 19, 2025

This Privacy Policy explains how Conjour collects, uses, and protects data for both our platform customers and their website visitors.

1. Conjour's Use of Customer Data

1.1 What Data We Collect

When you use Conjour as a customer, we collect:

Account Information: Email address, name, company name
Content & Messaging: Marketing content, messaging guides, personas, and topics you create
Usage Data: How you interact with our platform (pages visited, features used)
Technical Data: IP address, browser type, device information

1.2 How We Use Your Data

We use your data to:

Provide and improve the Conjour platform
Generate AI-powered content recommendations
Send account notifications and product updates
Provide customer support
Ensure platform security and prevent fraud

1.3 Data Retention

We retain your data:

Active accounts: Indefinitely while your account is active
Deleted accounts: 30 days after account deletion (for recovery purposes)
Backups: Up to 90 days in encrypted backups

1.4 Data Ownership

You own your content. All messaging content, marketing materials, and data you create in Conjour belongs to you. We never sell or share your data with third parties.

1.5 Data Security

We protect your data with:

Industry-standard encryption (TLS 1.3) for data in transit
AES-256 encryption for data at rest
Regular security audits and penetration testing
Role-based access controls
SOC 2 Type II compliance (in progress)

2. End-User Analytics Tracking

When you install Conjour's tracking script on your website, it collects anonymous data about your website visitors to help you understand content engagement and buyer journeys.

2.1 What Data Is Collected

The tracking script collects:

Page URLs: Which pages visitors view on your website
Session ID: Anonymous identifier (UUID) to track visitor journeys
Referrer: Where visitors came from (e.g., search engines, social media)
User Agent: Browser and device type (for analytics purposes)
Timestamps: When content was viewed

Privacy-First Design: NO personally identifiable information (PII) is collected. We do not collect names, email addresses, IP addresses, or any data that can identify individual visitors.

2.2 What Is NOT Collected

The tracking script deliberately does NOT collect:

Names or email addresses
IP addresses (not stored)
Precise geolocation data
Form inputs or sensitive data
Cross-site tracking or third-party data sharing

2.3 Session Tracking & Cookies

How we track visitor sessions:

Session Cookie: A first-party cookie (_cj_session) stores an anonymous UUID
Duration: 365 days, automatically refreshed on each visit
Purpose: Track buyer journey progression over time (e.g., user visited 3 times over 6 months)
Fallback: localStorage is used if cookies are blocked

2.4 Data Retention for End-User Analytics

Analytics data retention periods:

Raw page views: 90 days, then deleted after aggregation
Session data: 365 days of inactivity, then archived
Journey progressions: 1 year
Aggregated analytics: 2 years

2.5 Do Not Track (DNT)

The Conjour tracking script respects Do Not Track (DNT) browser settings. If a visitor has DNT enabled, no tracking occurs.

2.6 GDPR & CCPA Compliance

Compliance Features:

Anonymous by design: No PII means no personal data processing
Right to be forgotten: Sessions expire automatically after 365 days of inactivity
Data minimization: Only essential data for analytics is collected
Transparency: Clear documentation of what is tracked
Opt-out available: DNT respect + easy disabling via token deactivation

2.7 Your Responsibilities as a Conjour Customer

Important: When you install Conjour tracking on your website, you must:

Update your website's privacy policy to disclose the tracking
Inform visitors about analytics data collection
Comply with applicable privacy laws in your jurisdiction
Obtain any required consents from your website visitors

2.8 Disabling Tracking

You can disable tracking at any time:

Go to Account Settings → Website Integration
Deactivate your tracking token
Remove the tracking script from your website

Once disabled, no new tracking data will be collected. Existing data will be retained according to our retention schedule.

3. Data Sharing & Third Parties

3.1 When We Share Data

We share data only in limited circumstances:

Service providers: Hosting (AWS), email (SendGrid), payment processing (Stripe)
Legal requirements: When required by law or to protect our rights
Business transfers: In case of merger, acquisition, or sale (with notice)

3.2 What We Never Do

Never:

Sell your data to third parties
Share your messaging content with competitors
Use your data to train public AI models
Display ads based on your data

4. Your Rights

You have the right to:

Access: Request a copy of your data
Correction: Update inaccurate data
Deletion: Request deletion of your account and data
Export: Download your data in a portable format
Object: Opt out of certain data processing

To exercise these rights, contact us at: privacy@conjour.app

5. Children's Privacy

Conjour is not intended for use by anyone under the age of 18. We do not knowingly collect data from children. If you believe we have collected data from a child, please contact us immediately.

6. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

Email notification to your account email
In-app notification when you log in
Updating the "Last Updated" date at the top of this page

Continued use of Conjour after changes constitutes acceptance of the updated policy.

7. Contact Us

Questions about this Privacy Policy? Contact us:

Email: privacy@conjour.app
Support: support@conjour.app
Address: 3801 N Capital of Texas Hwy - Ste E240-3108 - Austin, TX 78746