We collect basic account information, usage data, and payment records to run the Broadable platform. We do not sell your data. We share it only with trusted service providers who help us operate. You can access, correct, export, or delete your data at any time by emailing [email protected]. The full details are in the sections below.
Who we are
This Privacy Policy is issued by CodEye Technologies Pvt Ltd, trading as Broadable ("Broadable," "we," "us," or "our"), a company incorporated under the laws of India. We operate the Broadable ecosystem of software products, including Broadable CRM, Broadable Tasks, Broadable Proof, and Broadable Feeds (collectively, the "Services"), accessible at broadable.com and related subdomains.
For the purposes of applicable data protection law, CodEye Technologies Pvt Ltd is the data controller for personal data collected directly from users. Where you collect personal data from your own customers through Broadable tools (such as funnel forms, testimonial collection forms, or email lists), you are the data controller for that customer data and Broadable acts as the data processor on your behalf.
Data we collect
We collect different categories of personal data depending on how you interact with Broadable. Here is a complete breakdown:
| Category | Specific data points | Why we collect it |
|---|---|---|
| Account data | Full name, email address, password (hashed), profile photo (optional), business name | To create and manage your account and verify your identity |
| Billing data | Billing name, billing address, transaction ID, subscription plan, purchase history | To process payments, issue receipts, and manage your subscription |
| Usage data | Pages visited, features used, clicks, session duration, actions taken within the platform, error logs | To improve the platform, diagnose bugs, and personalise your experience |
| Device and technical data | IP address, browser type and version, operating system, device type, time zone, referral URL | To maintain security, prevent fraud, and ensure compatibility |
| Communications data | Emails, support tickets, live chat messages sent to us | To respond to your enquiries and improve our support |
| Content data | Funnels, email sequences, landing pages, testimonials, media files, forms, and automations you create | To store and deliver your content as part of the Services |
| Customer data (yours) | Leads, contacts, subscribers, testimonial submitters collected via your Broadable tools | Processed on your behalf. You control and own this data entirely. |
How we collect your data
We collect personal data through the following methods:
How we use your data
We use the personal data we collect for the following purposes only:
Legal basis for processing
We process your personal data on the following lawful bases under applicable data protection law, including the Information Technology Act 2000 and IT (Amendment) Act 2008 of India, and the General Data Protection Regulation (GDPR) where applicable to users in the European Economic Area:
| Purpose | Legal basis |
|---|---|
| Creating and managing your account, delivering the Services | Contract performance — necessary to fulfil the agreement between you and Broadable |
| Processing payments and managing subscriptions | Contract performance and legal obligation (tax and financial record-keeping) |
| Sending product updates, support communications, and billing notices | Contract performance and legitimate interests |
| Sending marketing and promotional emails | Consent — you may withdraw consent at any time by unsubscribing |
| Platform security, fraud prevention, and abuse detection | Legitimate interests — protecting the platform and its users |
| Analytics and platform improvement | Legitimate interests — understanding and improving our Services |
| Responding to legal requests or court orders | Legal obligation |
Sharing your data
We do not sell personal data. We share your data only in the following limited circumstances and only with parties who are contractually required to protect it:
In the event of a merger, acquisition, or sale of all or substantially all of our assets, your personal data may be transferred to the acquiring entity. We will notify you by email at least 30 days before any such transfer takes effect and provide you with the opportunity to delete your account if you do not wish your data to be transferred.
Payment data and processor security
All payment processing is handled by our authorised payment partners. Broadable never stores, processes, or has access to your full credit card number, CVV, or bank account details.
The only billing data we retain is what is necessary for your account records: your plan name, purchase date, transaction reference ID, and billing country. We do not retain card numbers, expiry dates, or security codes.
Cookies and tracking technologies
We use cookies and similar technologies to operate the Services, remember your preferences, and understand how the platform is used. A cookie is a small text file placed on your device when you visit a website or use a web application.
Types of cookies we use
| Type | Purpose | Can you opt out? |
|---|---|---|
| Strictly necessary | Keep you logged in, maintain session state, and enable core platform functionality. The Services cannot function without these. | No. These are essential. |
| Functional | Remember your preferences such as language, timezone, and display settings to personalise your experience. | Yes, via browser settings. |
| Analytics | Collect aggregated data about how the platform is used to help us improve features and fix issues. Data is anonymised. | Yes, via cookie preferences. |
| Security | Detect and prevent fraud, suspicious activity, and automated abuse on the platform. | No. These protect your account. |
We do not use advertising or targeting cookies. We do not serve third-party ads or allow ad networks to place cookies on Broadable pages.
You can manage or delete cookies at any time through your browser settings. Note that disabling strictly necessary cookies will prevent you from accessing the platform. For full details on our cookie practices, see our Cookie Policy.
Data retention
We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, or as required by applicable law. Here is how long we keep different categories of data:
| Data category | Retention period | Reason |
|---|---|---|
| Account data (name, email) | Duration of your account, plus 30 days after closure | To allow for account reactivation or data export |
| Content data (funnels, emails, testimonials) | Duration of your account, plus 30 days after closure | To allow final export before permanent deletion |
| Billing and transaction records | 7 years from the date of transaction | Required by Indian tax and financial regulations |
| Usage and analytics data | Up to 24 months in identifiable form, then anonymised indefinitely | Platform improvement and security analysis |
| Support communications | 3 years from the date of the last interaction | To resolve recurring issues and maintain support quality |
| Legal correspondence and dispute records | 7 years from resolution | To defend legal claims if they arise |
After the applicable retention period, your personal data is either securely deleted or anonymised such that it can no longer be linked to you. You may request earlier deletion of your data at any time as described in Section 11.
How we protect your data
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These measures include:
- Encryption in transit: all data transmitted between your browser and Broadable servers is encrypted using TLS (Transport Layer Security).
- Encryption at rest: sensitive account data and content stored on our servers is encrypted at rest.
- Access controls: internal access to your data is restricted to authorised personnel on a need-to-know basis. All staff with access to personal data are bound by confidentiality obligations.
- Password hashing: your account password is never stored in plain text. We use industry-standard hashing algorithms to protect credentials.
- Infrastructure security: our platform is hosted on enterprise-grade cloud infrastructure protected by Cloudflare and backed by Amazon Web Services, including DDoS protection, web application firewalls, and regular security audits.
- Regular security reviews: we conduct periodic reviews of our security practices and update them as threats evolve.
Your rights over your data
You have meaningful rights over your personal data. We make it straightforward to exercise them. Contact us at [email protected] for any request and we will respond within 2 business days.
To exercise any of these rights, email [email protected] with the subject line "Data Rights Request" and describe what you would like us to do. We may need to verify your identity before acting on your request.
Children and age restrictions
The Broadable Services are intended for use by adults aged 18 and over. We do not knowingly collect personal data from anyone under the age of 18.
If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us immediately at [email protected]. We will promptly investigate and, where confirmed, delete the data in question.
If we discover that personal data from a minor has been collected, we will delete it as quickly as possible and terminate any associated account.
International data transfers
Broadable is operated from India. If you access the Services from outside India, your personal data will be transferred to and processed in India. By using the Services, you acknowledge and consent to this transfer.
We also use cloud infrastructure providers and service partners whose servers may be located in other countries, including the United States, European Union, and Singapore. Where personal data is transferred outside of India to countries that may not have equivalent data protection standards, we ensure appropriate safeguards are in place, including:
- Contractual data processing agreements with all service providers that require them to protect your data to standards at least equivalent to Indian law.
- Use of service providers who are certified under recognised data protection frameworks (such as SOC 2, ISO 27001, or equivalent).
- Minimising the scope of data shared with international processors to only what is necessary for the specific service they provide.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the Services, or applicable law. When we make material changes, we will:
- Update the "Last updated" date at the top of this page.
- Notify all registered users by email at least 30 days before material changes take effect.
- Post a notice within the Broadable dashboard for active users.
We encourage you to review this page periodically. For minor, non-material updates such as clarifications or corrections, we may update the policy without prior notice. Continued use of the Services after any update constitutes your acceptance of the revised policy.
If we change how we use your personal data in a way that requires your consent under applicable law, we will seek that consent explicitly before making the change.
Contact us about your privacy
If you have any questions, concerns, or requests relating to this Privacy Policy or how we handle your personal data, please reach out. We are committed to responding promptly and resolving any concerns fairly.
Privacy and Data Requests: [email protected]
Subject line: Privacy Request or Data Rights Request
Response time: within 2 business days.
This Privacy Policy, together with our Terms of Service, Cookie Policy, and any product-specific addenda, constitutes the complete privacy framework for your use of the Broadable ecosystem. If any provision of this policy conflicts with applicable law, the lawful requirement takes precedence.