The short version: We found your business contact details through public sources or licensed business-data providers, and we think Chad could be useful to your company. This notice explains what information we hold, where we got it, and how to make us stop emailing you — which you can do at any time, no questions asked.
1. Who we are
Chad Enterprises Inc. (“Chad”, “we”, “us”) is a US company that builds AI agents that handle customer support and sales for e-commerce businesses. You can reach us at hello@trychad.com.
This notice is provided under Article 14 of the EU General Data Protection Regulation (“GDPR”) and its UK equivalent. It applies to people whose business contact details we collected without dealing with them directly — typically decision-makers at businesses we believe could benefit from Chad. It supplements our Privacy Policy and GDPR Policy with the information specific to our outreach to prospective customers.
2. Why you’re receiving this
You received an email from us because we believe you are a decision-maker at a business that could benefit from our services. We use your business contact details to introduce Chad to your company (business-to-business direct marketing). To decide whom to contact, we combine the details described in section 4 and assess — including with automated tools — how relevant Chad is likely to be to your role and company.
Our lawful basis is our legitimate interest in promoting our services to businesses that may benefit from them (GDPR Article 6(1)(f)). We contact you only in your professional capacity, as a representative of your company.
3. How to make us stop (your right to object)
You have an absolute right to object to direct marketing, including any related profiling (GDPR Article 21(2)–(3)). If you object, we stop — permanently. Either of these works:
- reply to the email we sent you and tell us to stop — “Stop contacting me” is enough, and so is any other clear no; or
- email hello@trychad.com.
No reason needed, no cost. We will record your objection on our do-not-contact list so you are not contacted again, and we will stop using the rest of your prospect record for outreach.
4. What information we hold
Business contact data only: your name, your business email address and business phone number, your job title or role, and information about your company (name, website, business address and phone number, and public registry details). If you reply to us, we will also hold that correspondence.
We do not collect any special categories of personal data (such as health information or political opinions) for outreach, and we intend to contact people only at work. If we have reached you at a personal address, or you are not a business representative, tell us and we will delete your details.
5. Where your data came from
We collect prospect contact details from:
- publicly available sources — your company’s own website, public business listings and map services (for example, Google Maps and Google Business Profile), and official company registries (for example, Companies House in the United Kingdom); and
- licensed business-data providers — specialist providers of professional contact information (for example, FullEnrich).
Some of your personal data therefore originates from publicly accessible sources. If you ask us, we will give you the available information about the specific source of your details.
6. Who we share it with
We share prospect data with service providers that process it on our behalf and on our instructions: outreach and email-delivery platforms, our CRM, and our cloud infrastructure. We may also disclose information to professional advisers, to authorities where the law requires it, and in connection with a corporate transaction, as described in our Privacy Policy.
7. Where your data is processed, and international transfers
We are based in the United States, and your information is stored and processed there. Where personal data is transferred from the EU/EEA, the United Kingdom, or Switzerland, we rely on our certification under the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework and, where applicable, on the European Commission’s Standard Contractual Clauses. See the Data Privacy Framework section of our Privacy Policy for details, including how to raise a DPF complaint; a copy of the applicable safeguards is available on request at hello@trychad.com.
8. How long we keep it
We keep prospect data only for as long as it remains necessary for the outreach purpose described above.
If you object or opt out, we stop using your details for outreach and no longer process your prospect record for marketing — except that we keep the minimum needed to honor your opt-out (such as your email address and a record of your objection) on our do-not-contact list indefinitely. We keep that record on the basis of our legitimate interest in honoring your objection: deleting it would defeat the purpose of your opt-out.
If your company becomes a Chad customer, information about you is from then on handled as described in our Privacy Policy and our agreement with your company.
9. Your other rights
If the GDPR or UK GDPR applies to you, you also have the right to request access to your personal data, to have it corrected or erased, to restrict or object to our processing of it, and to data portability where applicable. We do not make decisions about you based solely on automated processing that produces legal or similarly significant effects.
If you are in the EU/EEA or the United Kingdom, exercise any of these rights through our GDPR representatives (Article 27) — Euverify Ltd, Unit 3D North Point House, North Point Business Park, New Mallow Road, Cork, T23 AT2P, Ireland (EU representative), or Euverify Ltd (UK), 3rd Floor, 86-90 Paul Street, London, EC2A 4NE, United Kingdom (UK representative) — by emailing gdpr@euverify.com or by submitting a request through our secure portal, where requests are logged and tracked. If you are located anywhere else, email us at hello@trychad.com.
You also have the right to lodge a complaint with the data protection authority in your country — though we would appreciate the chance to resolve your concern first through the routes above.
10. Changes to this notice
We may update this notice from time to time; the current version will always be available at this address, with the “Last revised” date shown at the top.