Privacy Policy

Privacy Policy

Last Updated: [Insert Date]

Dottable Inc. (“Dottable,” “we,” “our,” or “us”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, disclose, transfer, and protect information when you access or use our website, applications, dashboards, public directories, creator tools, integrations, and related services (collectively, the “Services”).

This Privacy Policy also explains how Dottable handles data obtained through third-party platform integrations, including Meta, Instagram, Facebook, TikTok, YouTube, Google, and other connected services where applicable.

By using the Services, creating an account, connecting a third-party account, or authorizing an integration, you agree to this Privacy Policy. If you do not agree, you should not use the Services or connect third-party accounts to Dottable.


1. Information We Collect

We collect information in the following ways:

a. Information You Provide Directly

We may collect personal information you provide when you create an account, subscribe to a plan, create a directory, contact us, submit a form, connect a social media account, or otherwise use the Services.

This may include:

Name

Email address

Phone number

Business name

Creator/influencer profile information

Username, handle, profile URL, or public social media profile information

Billing and subscription information

Account login credentials or authentication information

Customer support communications

Business listing details you upload or submit

Reviews, ratings, descriptions, photos, videos, categories, links, and other user-generated content

b. Business and Directory Information

If you use Dottable to create or manage directories, listings, campaigns, or featured placements, we may collect:

Business names

Business addresses

Website links

Reservation links

Delivery links

Social media links

Listing images or videos

Listing categories

Featured listing status

Analytics related to listing performance

Campaign information

Audience interaction data, such as saves, clicks, views, shares, and other engagement events

c. Information Collected Automatically

When you use the Services, we may automatically collect certain technical and usage information, including:

IP address

Browser type

Device type

Operating system

Referring URLs

Pages viewed

Clicks and interactions

Approximate location based on IP address

Session information

Cookies, pixels, and similar tracking technologies

Log files and diagnostic data

d. Payment and Subscription Information

We may collect information related to payments, subscriptions, billing status, and transaction history. Payment card information is generally processed by third-party payment processors, such as Stripe, and we do not store full payment card numbers on our own servers.

e. Third-Party Platform and API Data

If you choose to connect a third-party account or authorize Dottable to access data from a third-party platform, we may collect data permitted by your authorization and by the applicable platform’s API terms and permission scopes.

This may include data from platforms such as:

Meta

Facebook

Instagram

TikTok

YouTube

Google

Depending on the integration and the permissions you approve, this data may include:

Account ID or channel ID

Username, handle, profile name, display name, and profile image

Public profile information

Public posts, videos, reels, shorts, captions, thumbnails, media URLs, and metadata

Content performance metrics where permitted

Engagement data where permitted

Authorized media libraries or content selections

Access tokens, refresh tokens, and authorization scopes necessary to provide the integration

Other information made available by the platform API and approved by you

We only request access to platform data that is reasonably necessary to provide the requested Dottable feature, such as helping creators select videos from their social accounts and attach them to Dottable listings.


2. How We Use Your Information

We use the information we collect to provide, operate, maintain, and improve the Services. This includes using information to:

Create and manage user accounts

Provide creator, business, fan, and directory tools

Display public directories and business listings

Allow creators to add, edit, organize, and promote listings

Allow users to save listings or interact with directories

Connect authorized social media accounts

Retrieve authorized content from connected platforms

Allow users to select videos, posts, or media to display in Dottable listings

Process payments and subscriptions

Provide analytics and reporting

Measure listing views, clicks, saves, shares, calls, reservations, delivery clicks, directions clicks, and related engagement

Send service updates, security alerts, account notices, and support messages

Send marketing communications where permitted by law

Detect, prevent, and address fraud, abuse, spam, security incidents, and unauthorized activity

Comply with legal obligations

Enforce our Terms of Service and other agreements

Improve user experience, performance, and product functionality

We do not use third-party platform API data for purposes that are not disclosed in this Privacy Policy or not permitted by the applicable platform terms.


3. Meta, Facebook, and Instagram Data

If you connect a Meta, Facebook, or Instagram account to Dottable, we may access and process only the data you authorize and only as permitted by Meta’s applicable terms, policies, and permission scopes.

This may include:

Facebook Page or Instagram Business/Creator account information

Public profile information

Account username, handle, profile image, and account ID

Authorized media, such as posts, reels, images, videos, captions, thumbnails, and related metadata

Insights or analytics where authorized and permitted

Access tokens necessary to maintain the integration

We use Meta, Facebook, and Instagram data to provide requested Dottable features, such as allowing creators to view, select, and attach social media content to listings or display approved content inside their public directory.

We do not sell Meta Platform Data. We do not use Meta Platform Data for unauthorized advertising, profiling, surveillance, or purposes unrelated to the feature you authorized.

You may disconnect your Meta, Facebook, or Instagram account from Dottable at any time through your Dottable account settings, where available, or by contacting us at [email protected].

You may request deletion of Meta, Facebook, or Instagram data associated with your Dottable account by contacting us at [email protected] or by using any data deletion page or instructions we provide. Meta requires apps to provide users with a clear way to request deletion of their data, and developers must process platform data only as described in their privacy policy.


4. TikTok Data

If you connect your TikTok account to Dottable, we may access and process only the data you authorize and only as permitted by TikTok’s applicable developer terms, guidelines, API documentation, and permission scopes.

This may include:

TikTok account ID

Username, display name, profile image, and public profile information

Authorized videos, captions, thumbnails, metadata, and media information

Engagement or performance metrics where authorized and available

Access tokens necessary to maintain the integration

We use TikTok data to provide requested Dottable features, such as allowing creators to browse or select their TikTok content and attach approved videos to Dottable listings.

We do not sell TikTok user data. We do not share TikTok personally identifiable information with third parties unless you authorize the sharing, it is necessary to provide the Services, or we are legally required to do so.

TikTok developer guidance requires developers to protect user identity and personally identifiable information, follow applicable privacy laws, disclose a privacy policy, and avoid sharing PII without consent.

You may disconnect your TikTok account from Dottable at any time through your Dottable account settings, where available, or by contacting us at [email protected].

You may request deletion of TikTok data associated with your Dottable account by contacting us at [email protected].


5. YouTube and Google API Data

If you connect your YouTube or Google account to Dottable, we may access and process only the data you authorize and only as permitted by the YouTube API Services Terms of Service, YouTube API Services Developer Policies, Google API policies, and applicable permission scopes.

This may include:

YouTube channel ID

Channel name, handle, profile image, and public channel information

Authorized videos, Shorts, captions, thumbnails, metadata, and playlist information

Video statistics or analytics where authorized and permitted

Access tokens and refresh tokens necessary to maintain the integration

We use YouTube API data to provide requested Dottable features, such as allowing creators to select YouTube videos or Shorts and attach them to Dottable listings.

We do not sell YouTube API data. We do not use YouTube API data for unauthorized advertising, unauthorized profiling, surveillance, or any purpose not disclosed in this Privacy Policy.

YouTube API Services require API clients to provide and follow a published privacy policy that clearly and accurately explains what user information is accessed, collected, stored, used, processed, and shared, including use for advertising and sharing with third parties.

YouTube’s developer guidance also states that apps should not violate user privacy, harvest user data, or surveil users, and that users must continue to have control over what happens to their data, including the ability to request deletion.

You may revoke Dottable’s access to your YouTube or Google account through your Dottable account settings, where available, or through your Google account permissions. You may also request deletion of YouTube API data associated with your Dottable account by contacting us at [email protected].


6. Access Tokens and API Credentials

When you connect a third-party account, we may store access tokens, refresh tokens, authorization codes, permissions, and related authentication data needed to operate the integration.

We use this data only to:

Authenticate your connected account

Retrieve data you authorized

Maintain the integration

Refresh access where permitted

Disconnect the integration when requested

Comply with platform requirements

We do not sell access tokens or API credentials. We restrict access to tokens and authentication data to authorized systems and personnel who need access to operate, secure, or support the Services.


7. User-Generated Content and Public Directory Content

Some information you submit to Dottable may be displayed publicly, including:

Public directory pages

Business listings

Listing descriptions

Images

Videos

Social media embeds or linked media

Creator profile information

Public recommendations

Reviews or ratings where applicable

You are responsible for ensuring that you have the necessary rights, permissions, and consents to upload, display, embed, or share any content through Dottable.

If you connect social media content to a Dottable listing, you are responsible for ensuring that your use of that content complies with the applicable platform terms and any third-party rights.


8. How We Share Information

We do not sell your personal information.

We may share information in the following limited circumstances:

a. Service Providers

We may share information with vendors and service providers that help us operate the Services, including hosting providers, analytics providers, payment processors, customer support tools, email providers, SMS providers, database providers, security vendors, and infrastructure providers.

These service providers are authorized to use your information only as necessary to provide services to us or as otherwise permitted by law.

b. Third-Party Integrations Authorized by You

If you connect a third-party account or use an integration, we may share information as necessary to provide the integration you requested.

For example, we may communicate with Meta, TikTok, Google, YouTube, or other platforms to authenticate your account, retrieve authorized data, display content, or maintain integration functionality.

c. Public Display

If you create a public directory or public listing, the information you choose to publish may be visible to visitors of that directory.

d. Legal Compliance and Safety

We may disclose information if required to do so by law or if we believe disclosure is reasonably necessary to:

Comply with legal obligations

Respond to lawful requests

Protect the rights, property, or safety of Dottable, users, or others

Investigate fraud, abuse, or security incidents

Enforce our Terms of Service

e. Business Transfers

We may disclose or transfer information in connection with a merger, acquisition, financing, reorganization, sale of assets, or similar business transaction.

f. With Your Consent

We may share information for other purposes with your consent or at your direction.


9. Advertising, Analytics, and Tracking

We may use cookies, pixels, tags, SDKs, and similar technologies to:

Operate the Services

Remember user preferences

Analyze usage and traffic

Improve performance

Measure marketing campaigns

Detect fraud and abuse

Personalize experiences where permitted

We may use analytics tools to understand how users interact with Dottable. We may also use advertising technologies where permitted by law.

Where required, we will obtain consent before using certain cookies or tracking technologies. You can manage cookies through your browser settings, though disabling cookies may affect Service functionality.

We do not use third-party platform API data from Meta, TikTok, or YouTube for advertising purposes unless such use is clearly disclosed, permitted by the applicable platform, and authorized where required.


10. Data Retention

We retain personal information only as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

Provide the Services

Maintain your account

Operate connected integrations

Comply with legal obligations

Resolve disputes

Enforce agreements

Prevent fraud and abuse

Maintain business records

When information is no longer needed, we will delete, de-identify, or aggregate it, unless retention is required or permitted by law.

For third-party platform data, we retain the data only as long as needed to provide the authorized feature or as otherwise permitted by the applicable platform terms. If you disconnect an integration or request deletion, we will delete or de-identify applicable platform data unless we are legally required or permitted to retain it.


11. Data Deletion and Account Disconnection

You may request deletion of your personal information or connected platform data by contacting us at:

[email protected]

Your request should include:

Your full name

Your Dottable account email

The platform account you want disconnected or deleted, if applicable

The specific data you want deleted, if applicable

You may also be able to disconnect integrations directly through your Dottable account settings.

When we receive a valid deletion request, we will take reasonable steps to delete or de-identify applicable personal information from active systems, unless we are required or permitted to retain it for legal, security, fraud prevention, accounting, dispute resolution, or compliance purposes.

For Meta-related data deletion requests, Dottable will process deletion requests in accordance with Meta’s applicable data deletion requirements. Meta’s developer documentation describes data deletion callbacks and user deletion request requirements for apps that receive Meta platform data.


12. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

These safeguards may include:

Encryption where appropriate

Access controls

Authentication controls

Secure hosting infrastructure

Logging and monitoring

Token access restrictions

Internal access limitations

Security reviews and updates

No method of transmission or storage is completely secure. We cannot guarantee absolute security, but we work to protect your information using commercially reasonable measures.


13. International Data Transfers

Dottable is based in Canada. Your information may be processed in Canada, the United States, the European Union, the United Kingdom, or other jurisdictions where we or our service providers operate.

If we transfer personal information internationally, we take reasonable steps to protect it in accordance with applicable privacy laws, including through contractual, technical, and organizational safeguards where required.


14. Your Privacy Rights

Depending on where you live, you may have certain privacy rights regarding your personal information.

These may include the right to:

Access personal information we hold about you

Correct inaccurate information

Delete personal information

Withdraw consent

Object to or restrict certain processing

Request data portability

Opt out of certain marketing communications

Opt out of certain sales or sharing of personal information, where applicable

Lodge a complaint with a privacy regulator

To exercise your rights, contact us at:

[email protected]

We may need to verify your identity before responding to your request.


15. Canadian Privacy Rights

As a Canadian company, Dottable handles personal information in accordance with applicable Canadian privacy laws, which may include the Personal Information Protection and Electronic Documents Act (“PIPEDA”) and applicable provincial privacy laws.

Canadian users may request access to, correction of, or deletion of their personal information by contacting us at [email protected].


16. GDPR and UK GDPR Rights

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction with similar data protection laws, you may have additional rights under applicable privacy laws.

Our legal bases for processing personal information may include:

Your consent

Performance of a contract

Compliance with legal obligations

Legitimate interests

Protection of rights and security

You may withdraw consent at any time where processing is based on consent. Withdrawal of consent does not affect processing that occurred before withdrawal.

You may also have the right to lodge a complaint with your local data protection authority.


17. California Privacy Rights

If you are a California resident, you may have rights under the California Consumer Privacy Act (“CCPA”) and California Privacy Rights Act (“CPRA”), including the right to:

Know what personal information we collect, use, disclose, or share

Request deletion of personal information

Request correction of inaccurate personal information

Opt out of sale or sharing of personal information

Limit use of sensitive personal information where applicable

Not be discriminated against for exercising your rights

We do not sell personal information. If our practices change, we will update this Privacy Policy and provide required notices and opt-out mechanisms.

To exercise California privacy rights, contact us at:

[email protected]


18. Marketing Communications

We may send you marketing emails, product updates, offers, or promotional communications where permitted by law.

You may opt out of marketing emails by using the unsubscribe link in the email or by contacting us at [email protected].

Even if you opt out of marketing communications, we may still send you transactional or service-related messages, such as account notices, billing notices, security alerts, or support communications.


19. Children’s Privacy

The Services are not directed to children under 13 years old or the minimum age required in your jurisdiction.

We do not knowingly collect personal information from children under the applicable minimum age. If we become aware that we have collected personal information from a child without appropriate consent, we will take steps to delete that information.

If you believe a child has provided personal information to us, contact us at:

[email protected]


20. Third-Party Links and Services

The Services may contain links to third-party websites, apps, platforms, or services, including business websites, reservation platforms, delivery platforms, social media platforms, payment providers, and analytics tools.

We are not responsible for the privacy practices, content, or policies of third-party services. Your use of third-party services is governed by their own privacy policies and terms.


21. Platform Terms and Third-Party API Compliance

When you connect third-party accounts or use integrations involving Meta, Facebook, Instagram, TikTok, YouTube, Google, or other platforms, your use may also be governed by those platforms’ terms, privacy policies, API policies, developer policies, and permission requirements.

Dottable’s access to platform data depends on the permissions you grant and the access approved by each platform. We do not control the privacy practices of those platforms.

We will use third-party API data only as permitted by applicable platform terms and only for the purposes disclosed in this Privacy Policy.


22. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

When we update it, we will revise the “Last Updated” date above. If changes are material, we may provide additional notice, such as through the Services or by email.

Your continued use of the Services after an updated Privacy Policy is posted means you accept the updated policy.


23. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, contact us at:

Dottable Inc.
5100 Yonge Street
Toronto, Ontario, Canada

Email: [email protected]

Explore Site
Miscellaneous

Subscribe To Our Newsletter

Read Our Blog

Events

Influencer Onboarding Form

@ Copyright 2026. All Right are Reserved. Dottable CRM.