Comet LLC d/b/a Cometly (“Cometly,” “we,” “us,” or “our”) is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and otherwise process personal information when you use or interact with our websites, services, and applications that link to or reference this Privacy Policy (collectively, the “Services”). By accessing or using our Services, you acknowledge that you have read and understood the practices described below. If you disagree with any aspect of this Privacy Policy, please do not use our Services.

Quick Summary

• Data We Collect: Names, email addresses, phone numbers, device information, IP addresses, and form submissions through our JavaScript pixel.
• How We Use Data: To provide and enhance our services, ensure security, track marketing analytics, and communicate with users.
• Your Rights: Access, rectify, delete, restrict, and object to the processing of your personal data.
• Data Sharing: We share data with trusted service providers and for legal reasons, but do not sell your information.
• Security Measures: We use encryption and other security protocols to protect your data.
• Contact Us: Reach out via privacy@cometly.com for any privacy-related inquiries.

1. WHO WE ARE

Cometly provides a marketing analytics and attribution platform that helps businesses track website visitor activities, capture form data, attribute events to their original marketing sources, and send event data back to ad platforms for optimization. We primarily operate in and host data in the United States, using sub-processors (such as Amazon Web Services, Stripe, etc.) for infrastructure and service delivery. We may process and store your data in the U.S., where privacy laws may differ from those in your jurisdiction. Cometly is dedicated to respecting the privacy of individuals and ensuring compliance with global privacy laws. This commitment is reflected in our practices outlined below.

1.1 Controller vs. Processor

• Cometly as Data Controller: When we collect personal data from individuals directly (for example, site visitors signing up for a Cometly account or newsletter), we act as the data controller under applicable data protection laws.
• Cometly as Data Processor (or “Service Provider”): When our customers (as controllers) use our platform to process personal data relating to their own end-users (e.g., website visitors, leads, or customers), Cometly acts as a processor. In such scenarios, customers must ensure they have the appropriate legal bases, consents, or notices in place for such data processing.

2. DEFINITIONS

The following terms have specific meanings in this Privacy Policy:

• “Personal Data” or “Personal Information”: Any information that identifies or relates to an identifiable individual, such as name, email address, IP address, or device identifiers.
• “Processing”: Any operation or set of operations performed on personal data, such as collection, storage, use, sharing, or deletion.
• “Data Controller”: The entity that determines the purposes and means of processing personal data. For example, Cometly acts as the data controller for data collected directly from users.
• “Data Processor”: The entity that processes personal data on behalf of the data controller. For example, Cometly acts as the data processor for customers using our platform to process their own users' data.
• “Service Providers”: Third-party vendors contracted to perform specific functions (e.g., hosting, analytics, payment processing) on behalf of Cometly.
• “Cookies”: Small text files stored on a user’s device to collect information about their activity on our Services.
• “Aggregated Data”: Data that is combined with other data and does not directly or indirectly reveal an individual’s identity.
• “Anonymized Data”: Data that has been processed to remove personal identifiers, rendering it no longer identifiable.
• “Standard Contractual Clauses (SCCs)”: Legal mechanisms approved by the European Commission for transferring personal data outside the European Economic Area (EEA).
• “Sensitive Data”: Data that is subject to heightened protections under applicable laws, such as health information, biometric data, or data revealing racial or ethnic origin.
• “DSAR” (Data Subject Access Request): Requests made by individuals to access their personal data held by an organization.
• “DPO” (Data Protection Officer): An individual appointed to oversee data protection strategy and implementation to ensure compliance with GDPR requirements.

3. SCOPE OF THIS PRIVACY POLICY

This Privacy Policy explains how Cometly collects, uses, and protects personal data in the following contexts:

• Website Visitors (Controller Role):
  • Personal data collected when you visit www.cometly.com and subdomains (e.g., help.cometly.com), including cookies, analytics, and contact forms.
  • Marketing interactions, such as subscribing to newsletters or downloading resources.
• Service Users (Processor Role):
  • Data collected through our SaaS platform, such as event tracking and form submissions configured by customers.
  • When customers use Cometly to process their end-user data, they remain the data controllers, and we act as a data processor. Customers are responsible for ensuring their use of our platform complies with applicable privacy laws (e.g., obtaining consent from their end users).
• Exclusions:
  • This policy does not cover third-party websites or services not owned or controlled by Cometly, even if they link to or integrate with our Services.
  • Cometly is not responsible for the data practices of these third parties.

By interacting with our website or using our Services, you acknowledge and agree to the scope of this Privacy Policy.

4. INFORMATION WE COLLECT

4.1 Information You Provide Directly

• Account & Subscription Data:
  • When you sign up for a Cometly account or subscribe to our paid plans, we collect:
    • First name, last name, full name, email address, phone number, company name, and billing information (e.g., billing address).
• Payment Data:
  • Payment details (e.g., credit card numbers) are processed securely by Stripe or other payment processors. Cometly does not store full card numbers or bank account details on its servers.
• User Communications & Support:
  • If you contact us through email, chat, or support tickets, we collect:
    • The content of your message and any attachments.
    • Contact details you provide for response purposes (e.g., email address).
• Community & Testimonials:
  • If you voluntarily provide testimonials or engage in discussions in Cometly-managed forums (e.g., Facebook, Skool), your contributions may be publicly visible.
  • To request removal, email privacy@cometly.com.

4.2 Information Collected Automatically

• Device & Usage Data:
  • We (or our service providers) collect data such as IP addresses, browser type, device identifiers, screen resolution, pages visited, timestamps, and referring URLs.
• Cookies & Tracking Technologies:
  • Our Services use first-party cookies, pixels, and related technologies to remember user sessions, perform analytics, and personalize experiences. Refer to our Cookies Policy for details.
• Fingerprinting and Unique Identifiers:
  • We use fingerprinting techniques to collect technical attributes (e.g., browser type, device identifiers, screen resolution, installed fonts, and plugins) to create unique identifiers. This helps in tracking user interactions, preventing fraud, and ensuring the security of our platform. This process does not involve direct personal identifiers, such as your name or email address, but may still qualify as personal data under applicable privacy laws.
• Consent-Based Pixel Loading:
  • Customer Responsibility: Cometly’s JavaScript pixel is designed to integrate seamlessly with your website. It is the sole responsibility of our customers to implement and manage user consent mechanisms in compliance with applicable laws. This includes obtaining, recording, and managing user consents before enabling tracking and data collection via the pixel. To learn how to gate Cometly behind user consent, please see our user consent help center article.
  • Integration Guidance: Customers should ensure that the pixel is configured to activate only after obtaining explicit user consent where required. This aligns with our commitment to supporting compliance, but the execution of consent management lies entirely with the customer.
  • Reference to Terms of Service: For detailed responsibilities regarding consent management, please refer to our Terms of Service.
• Form Field & Event Data:
  • If you integrate our JavaScript pixel on your website, we automatically capture form field changes for fields such as first name, last name, email, phone number, and full name. This information is updated on the Contact within our system.
  • We prohibit sending any sensitive data (e.g., health, biometric) and may suspend accounts that violate this rule.

4.3 Third-Party Sources

• CRM & Workflow Integrations:
  • We may receive lead or customer data from customer-configured CRMs (e.g., HubSpot, Salesforce) or workflow tools (e.g., Zapier) via webhooks.
• Ad Platforms:
  • We may receive campaign or performance data (like click IDs, hashed identifiers) from Google Ads, Meta (Facebook), TikTok, LinkedIn, etc., to help measure and optimize advertising.

4.4 Sensitive or Special Categories of Data

• We do not intentionally collect or process special categories of personal data (e.g., health, biometric, precise geolocation) and instruct customers not to send such information to us.

5. HOW WE USE YOUR INFORMATION

We use personal data to:

• Provide & Improve Services:
  • Enable you to access and use our SaaS platform, track marketing analytics, and measure attribution.
  • Handle billing and subscription matters (via Stripe).
  • Develop new features and enhance user experience.
• Personalization:
  • Tailor the Services, including relevant insights, suggestions, or advertising based on usage and profiling data.
• Security and Fraud Prevention:
  • Detect and prevent fraudulent activities by analyzing user behavior and technical data.
• Communications:
  • Respond to inquiries, send service updates, or provide customer support.
  • With consent where required, send newsletters, offers, or product announcements.
• Compliance & Protection:
  • Detect and prevent fraud, ensure security, and enforce our Terms of Service.
  • Comply with legal obligations or respond to lawful requests from authorities.
• Machine Learning & AI:
  • Use aggregated or anonymized data to develop AI or predictive features in a manner that does not re-identify individuals. We do not use personal data to train generalized AI models without further notice or consent.
• Beta or Pre-Release Features:
  • If you opt into Beta features, you acknowledge these features may be less mature or stable and usage is at your own risk. Beta Services are provided "as is" and may contain bugs or errors. Cometly is not liable for issues arising from Beta Service usage.

5.1 Data Breach Notification

In the event of a data breach that compromises personal data, we will notify affected users within 72 hours of becoming aware of the breach, in compliance with GDPR and other applicable laws. Notifications will include the nature of the breach, the data affected, and the measures we are taking to address it.

6. LEGAL BASES FOR PROCESSING (EEA/UK/CH)

For individuals in the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on the following legal bases for processing personal data:

• Consent: For certain marketing communications or non-essential cookies.
• Contractual Necessity: For providing the SaaS features you subscribe to.
• Legitimate Interests: For fraud prevention, analytics, business improvement, balanced against your rights and freedoms.
• Legal Obligations: For recordkeeping, responding to lawful data access requests.

7. WHEN WE SHARE PERSONAL INFORMATION

We do not sell personal information for monetary consideration. However, we may share data as follows:

• Service Providers/Sub-Processors:
  • We use third-party vendors (e.g., AWS, Stripe, Intercom, HubSpot) to support our operations. They only process personal data under written agreements that require data protection. Our Sub-Processor List details current providers. We will notify customers of any new sub-processors at least 30 days prior to their engagement, allowing time for objections.
  • Vetting Process: We thoroughly vet all third-party service providers to ensure they comply with relevant data protection laws and maintain robust security measures.
• Advertising & Analytics Partners:
  • We may share hashed or matched data with platforms like Meta, Google, TikTok, or LinkedIn to measure or improve ad campaigns, subject to compliance with privacy laws and your consent where required.
• Business Transfers:
  • If Cometly undergoes a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction.
• Legal & Regulatory:
  • We may disclose personal data to comply with applicable laws, respond to lawful requests, or protect Cometly’s rights or the safety of others.
• Affiliates & Referral Partners:
  • If you join our affiliate program, affiliates see limited summary data (e.g., number of referrals, commissions) but do not access individual users’ personal data.
• Consent:
  • If you give explicit consent or direct us to share your data with a third party.

8. INTERNATIONAL DATA TRANSFERS

8.1 Data Hosting in the U.S.

We may process and store your data in the United States, where privacy laws may differ from those in your jurisdiction. By using our Services, you consent to such transfers, storage, and processing of your data in the U.S. and other jurisdictions.

8.2 Transfers from EEA/UK/Switzerland

We rely on Standard Contractual Clauses (SCCs) approved by the European Commission for data transfers from the European Economic Area (EEA) to ensure compliance with the GDPR. In addition to SCCs, we implement supplementary measures such as encryption, pseudonymization, and data minimization to enhance data security and privacy. For more details, see our Data Processing Addendum (DPA) or contact privacy@cometly.com.

8.3 GDPR/UK Representative via Prighter

We have appointed Prighter Group with local partners as our privacy representative for the EU and UK. You can submit GDPR/UK GDPR-related requests via Prighter Portal.

8.4 Data Breach Notification

In the event of a data breach that compromises personal data, we will notify affected users within 72 hours of becoming aware of the breach, in compliance with GDPR and other applicable laws. Notifications will include the nature of the breach, the data affected, and the measures we are taking to address it.

9. COOKIES & SIMILAR TECHNOLOGIES

We use first-party cookies, pixels, and other tracking technologies for authentication, analytics, marketing, and personalization. Some cookies are strictly necessary (for service functionality), while others are optional (e.g., for analytics or advertising) and may require consent in certain jurisdictions.

Consent Mechanism:

• How We Obtain Consent: Upon your first visit to our website in certain jurisdictions, a consent banner appears, informing you about our use of cookies and tracking technologies. You can choose to accept or decline non-essential cookies.
• Managing Consent Preferences: You can modify your consent preferences at any time through our Consent Management Center.
• Recording Consent: We keep records of your consent preferences, including the date and time of consent, to comply with GDPR requirements.

For more information, including a full list of cookies and how to manage them, please review our Cookies Policy.

In addition to cookies and pixels, we may use device fingerprinting to enhance tracking accuracy and improve attribution reporting. Unlike cookies, fingerprinting is not stored on your device but instead relies on analyzing your device’s unique configuration. Refer to Section 4.2 Information Collected Automatically for more information.

Do Not Track / Global Privacy Control: Our Services currently do not respond to Do Not Track (DNT) or Global Privacy Control (GPC) signals due to the lack of a consensus standard. If that changes, we will update this Privacy Policy accordingly.

10. DATA RETENTION & DELETION POLICY

10.1 Retention Periods

We retain personal information only as long as necessary to fulfill the purposes for which it was collected or to comply with legal, contractual, or regulatory obligations. For example:

• Account Information: Retained while your subscription/account is active, plus a reasonable period (e.g., up to 90 days) after cancellation for auditing, billing disputes, or compliance.
• Billing Records: May be retained for 7 years (or as required by tax, accounting, or other laws).
• Anonymized/Aggregated Data: We may keep usage statistics or aggregated metrics indefinitely to improve our Services.
• Customer Data Upon Termination: Upon termination of your account, we will handle your Customer Data in accordance with this Data Retention & Deletion Policy to comply with legal obligations or for legitimate business purposes.

Retention Exceptions:

• Legal Obligations: We may retain certain information to comply with legal requirements such as tax laws, anti-money laundering regulations, or other governmental requests.
• Dispute Resolution: Data may be retained to resolve disputes or enforce our agreements.

10.2 Requesting Deletion

• Deletion Requests: If you want to delete your account or personal data, contact us at privacy@cometly.com or use our DSAR form.
• Response Time: We will respond to verified data deletion requests within 30 days, unless a longer period is permitted by law. Some data may be retained to satisfy legal, security, or contractual requirements.
• Inactive Accounts: We may delete or anonymize data for accounts that have been inactive for an extended period (subject to legal or contractual obligations).
• Exceptions: We may retain certain information to comply with legal requirements, resolve disputes, or enforce our agreements. Once retention is no longer necessary, we securely delete or anonymize the data.

Detailed Instructions for Data Portability:

• How to Request: Submit a data portability request via our DSAR form or email privacy@cometly.com.
• Format of Data: We will provide your personal data in a structured, machine-readable format such as JSON or CSV.
• Verification: We will verify your identity before processing your request to ensure data security.

11. SECURITY MEASURES

We use industry-standard technical and organizational measures to safeguard personal data from unauthorized access, alteration, or disclosure. This includes:

• Encryption:
  • In Transit: TLS 1.2+ encryption for data transmitted between your device and our servers.
  • At Rest: AES-256 encryption for data stored on our servers.
• Access Controls:
  • Role-based permissions to restrict access to personal data based on job responsibilities.
  • Multi-Factor Authentication (MFA) for administrative accounts and sensitive access points.
• Regular Security Audits:
  • Conduct periodic security assessments, vulnerability scans, and penetration testing to identify and mitigate potential threats.
• Data Loss Prevention (DLP):
  • Implement systems and protocols to prevent unauthorized data exfiltration or loss.
• Staff Training & Policies:
  • Regular training programs for employees on data protection, security best practices, and incident response procedures.
• Incident Response Plan: We maintain a robust incident response plan to promptly address any data breaches or security incidents. In the event of a breach, we will follow our Data Breach Notification procedures outlined in Section 8.4 Data Breach Notification.
• No Method is 100% Secure: No method of transmission or storage is completely secure. If you suspect an account breach, email support@cometly.com.

12. PUBLIC COMMUNITY FORUMS

We operate or participate in communities hosted on third-party platforms (e.g., Facebook, Skool). Any content posted there (questions, testimonials) may be visible to other members. To request removal, please email privacy@cometly.com. We will remove posts consistent with our legal and contractual obligations.

13. US STATE PRIVACY RIGHTS

Various U.S. states (e.g., California, Colorado, Connecticut, Utah, Virginia, Delaware, Iowa, Nebraska, New Hampshire, New Jersey, and others) have enacted or are enacting privacy laws that grant specific rights to residents regarding their personal data. Cometly strives to comply with these laws and offers the rights described below. If you reside in a state with privacy legislation not explicitly listed here, we will apply substantially similar principles to the extent required by applicable law.

13.1 California Privacy Notice

If you are a California resident, you may have certain rights under the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”):

• Right to Know: You can request what personal information we collect, use, disclose, or “sell/share.”
• Right to Access: Request a copy of your personal information in a portable format.
• Right to Delete: Ask us to delete personal data we have about you, subject to exceptions.
• Right to Correct: Request correction of inaccurate personal data.
• Right to Opt Out of “Sale” or “Sharing”: If we “sell” or “share” personal information for cross-context behavioral advertising, you can opt out at https://www.cometly.com/dsar-opt-out.
• Right to Non-Discrimination: We will not discriminate if you exercise these rights.

We may use browser or device fingerprinting for cross-context behavioral advertising. If you wish to opt out, visit our 'Do Not Sell/Share' link at https://www.cometly.com/dsar-opt-out.

How to Exercise Your California Rights:

• Submit a Request: Visit https://www.cometly.com/dsar-opt-out or email privacy@cometly.com.
• Verification Process: We will verify your identity to a reasonable degree before acting on your request.

13.2 Other State Privacy Laws

Residents of Colorado, Connecticut, Utah, Virginia, and other states (e.g., Delaware, Iowa, Nebraska, New Hampshire, New Jersey) with established or upcoming privacy statutes may have rights similar to those set forth in Section 13.1 (e.g., rights to know, access, delete, or correct personal data, and opt out of certain targeted advertising).

• How We Comply:
  • We maintain a DSAR (Data Subject Access Request) process allowing residents of these states to exercise similar rights.
  • You can submit requests via our DSAR form or by emailing privacy@cometly.com.
  • We will verify your identity to a reasonable degree before acting on your request.
  • We will respond within applicable legal timeframes (generally 45 days, with the option to extend by 45 more days if reasonably necessary).
• Right to Opt Out of Targeted Advertising:
  • If the law in your state requires us to allow you to opt out of targeted ads, you can do so by emailing us at privacy@cometly.com or visiting our DSAR opt-out page.
  • Where relevant, we will also honor Do Not Sell/Share signals or comparable technology if recognized by law or if feasible within our platform’s capabilities.
• Non-Discrimination: We do not discriminate against individuals who exercise their rights under these state privacy laws. However, certain data or functionalities may be needed to provide a specific service.

‍

13.3 Future State Laws (Effective 2025)

Several states (e.g., Delaware, Iowa, Nebraska, New Hampshire, New Jersey) have enacted or are in the process of implementing new privacy regulations effective on or after January 1, 2025. Cometly will update this Privacy Policy as necessary to reflect compliance with any additional requirements when they come into force. We encourage you to review this section periodically for any new information.

14. YOUR CHOICES & RIGHTS

14.1 Global Rights (EEA/UK/CH)

If you are located in the EEA, UK, or Switzerland, you may have rights to:

• Access: Receive a copy of personal data we hold about you.
• Rectify: Correct inaccurate personal data.
• Erase: Request deletion of personal data in certain circumstances (“right to be forgotten”).
• Restrict or Object: Limit or oppose certain data processing activities.
• Portability: Obtain data in a structured, machine-readable format.
• Withdraw Consent: If processing is based on consent.

How to Exercise These Rights:

• Submit a Request: Email privacy@cometly.com or contact our EU/UK representative via Prighter Portal.
• Verification: We will verify your identity before processing your request.
• Data Portability Details: We provide your data in formats such as JSON or CSV upon request.

14.2 Marketing Communications

• Email: Unsubscribe via the link in marketing emails or contact us at support@cometly.com.
• SMS: Text “STOP” (or follow the instructions provided) to opt out of SMS campaigns. You may still receive transactional or administrative messages.

14.3 Do Not Track

We do not currently respond to Do Not Track (DNT) or Global Privacy Control (GPC) signals. See Section 9 Cookies & Similar Technologies for details.

15. DATA PROCESSING ADDENDUM (DPA)

For business customers subject to GDPR, UK GDPR, or similar laws, we offer a Data Processing Addendum (DPA) that outlines our obligations as a processor (e.g., sub-processor disclosures, data breach notifications, etc.). If you need a DPA, please contact us at privacy@cometly.com. Where conflicts exist between this Privacy Policy and the DPA regarding data processed on your behalf, the DPA will prevail.

We maintain an up-to-date list of sub-processors used to process personal data, available at: Cometly Third-Party Sub-Processors. We will notify customers of material changes to our sub-processors list at least 30 days prior to the effective date of the change, either via email or through your account dashboard. Customers who object to the use of a new sub-processor may terminate their subscription as per Section 19.3 Suspension and Termination.

16. CHILDREN’S PRIVACY

Our Services are not directed to individuals under 18. We do not knowingly collect data from children under 18. If you believe we have inadvertently collected data about a minor, please email privacy@cometly.com, and we will take appropriate steps to delete it.

17. THIRD-PARTY LINKS & AFFILIATE PROGRAMS

• Third-Party Links: The Services may link to third-party websites (e.g., social media, partner offers). We are not responsible for their practices. Before sharing personal data, review the third party’s privacy policy.
• Affiliate/Referral Programs: We have an affiliate/referral program. Affiliates see limited summary data (e.g., number of referrals, commissions) but do not access individual users’ personal data.

18. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy to reflect changes in our practices or legal requirements. If we make material changes, we will notify you (e.g., via email or by posting a prominent notice). The “Last Updated” date at the top indicates when this Privacy Policy was last revised. Your continued use of our Services after any changes means you agree to the updated policy.

19. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Comet LLC d/b/a Cometly
41 University Drive, Suite 400
Newtown, PA 18940
United States
Email: privacy@cometly.com

EU/UK Representative:
Handled by Prighter Group. Submit GDPR/UK GDPR-related requests at: Prighter Portal.

20. DATA PROTECTION OFFICER (DPO)

We have appointed a Data Protection Officer (DPO) to oversee our data protection strategy and ensure compliance with GDPR and other applicable laws. If you have any questions or concerns about our data practices, please contact our DPO:

Matthew Pattoli, Co-founder
Email: privacy@cometly.com
Address:
Comet LLC d/b/a Cometly
41 University Drive, Suite 400
Newtown, Pennsylvania 18940
United States

21. AUTOMATED DECISION MAKING AND PROFILING

21.1 Overview

At Cometly, we utilize automated data processing and profiling techniques to enhance our Services, improve security, and optimize user experience. These practices include fingerprinting and the collection of device information and IP addresses. Unlike some services, our profiling is not used to predict behaviors or make significant decisions that directly affect you.

21.2 Profiling Activities

• Fingerprinting: We collect various technical attributes (e.g., browser type, device identifiers, screen resolution, installed fonts, and plugins) to create unique identifiers for users. This helps in tracking user interactions, preventing fraud, and ensuring the security of our platform.
• Device and IP Logging: We record device information and IP addresses to monitor service usage, detect suspicious activities, and maintain the integrity of our Services.

21.3 Purpose and Logic

• Security and Fraud Prevention: To identify and prevent unauthorized access, fraudulent activities, and ensure the security of our platform.
• Service Optimization: To analyze how users interact with our Services, allowing us to improve functionality, performance, and user experience.
• Compliance: To comply with legal obligations and enforce our Terms of Service.

21.4 User Rights

• Right to Object: You have the right to object to profiling activities that significantly affect you. To exercise this right, please contact us at privacy@cometly.com.
• Right to Access: You can request access to the personal data we hold about you and obtain information about the profiling logic and purposes.
• Right to Human Intervention: While our profiling activities are not used to make significant decisions that affect you directly, you may request human intervention if you believe your data is being processed in a way that impacts you.

21.5 Data Protection Measures

• Technical and Organizational Measures: We implement appropriate measures (e.g., encryption, access controls) to ensure that profiling is conducted in a manner that protects your privacy and complies with data protection laws.
• Regular Reviews: All profiling activities are subject to regular reviews to ensure compliance and effectiveness.

21.6 AI-Assisted Source Detection

From time to time, Cometly may engage OpenAI as a sub-processor to assist with certain aspects of source detection and analytics. In these cases, we share only the minimal technical data necessary to facilitate this process. We do not intentionally provide OpenAI with direct personal identifiers (e.g., names, emails, phone numbers).

This AI-assisted analysis is used primarily to enhance attribution insights and does not independently make significant decisions affecting individuals’ rights or interests. If you have concerns about how AI may influence your data, you may contact us at privacy@cometly.com.

Nothing herein modifies or overrides the other provisions in this Privacy Policy regarding data protection and user rights.

‍

Disclaimer

This Privacy Policy is provided for informational purposes and does not constitute legal advice. If you have questions about your specific rights or obligations under state or federal privacy laws, please consult a qualified attorney.

Effective Date: December 24, 2024

By continuing to use our Services, you acknowledge that you have read and understood this updated Privacy Policy. If you have any questions or concerns, please contact us at privacy@cometly.com.