01Overview & Scope
This Privacy Policy explains how SmartSage Web Services ("we", "us", or "our") collects, uses, and protects personal information in connection with:
- our marketing website where you learn about and purchase ClickIntent Pro;
- our customer account portal used to manage your subscription and license keys;
- our support channels (email, help desk).
This policy does not govern what happens to the personal data of your website's visitors that is collected by the ClickIntent Pro plugin after installation. That data lives entirely on your server. See Section 3 for a full explanation of this distinction.
02Who We Are
SmartSage Web Services is a software business based in Pune, Maharashtra, India. We develop and distribute the ClickIntent and ClickIntent Pro WordPress plugins.
For the purposes of applicable data protection law, we are the data controller for personal information collected through our website and account portal.
03How the Plugin Handles Data
ClickIntent Pro is designed so that End User data remains stored locally on the Customer's own WordPress installation and hosting environment during normal operation of the plugin.
SmartSage Web Services does not intentionally receive or centrally store End User lead records, visitor analytics records, or behavioural tracking data as part of the normal operation of the plugin.
However, limited End User data may occasionally be voluntarily disclosed to us by customers in the context of support requests, debugging sessions, exported logs, screenshots, database samples, or troubleshooting communications.
Certain analytics-related features that may involve additional visitor data processing, including geolocation enrichment, are disabled by default and require explicit activation by the Customer.
| Data Type | Stored Where | Who Controls It |
|---|---|---|
| Lead names, emails, phone numbers | Your WordPress database (clc_leads table) |
You (the site operator) |
| Click and conversion events | Your WordPress database (clc_events table) |
You |
| Approximate geolocation data (country/region/city) | Your WordPress database | You (the site operator) — optional feature, disabled by default |
| Webhook delivery logs | Your WordPress database (clc_webhook_logs table) |
You |
Geolocation lookups
ClickIntent Pro includes optional geolocation enrichment functionality that is disabled by default.
If a Customer explicitly enables this feature, the plugin may temporarily send a visitor IP address from the Customer's server to a third-party geolocation provider in order to derive approximate geographic information such as country, region, or city for analytics purposes.
These requests originate from the Customer's hosting environment and not from SmartSage Web Services infrastructure.
The visitor IP address is processed transiently for lookup purposes and is not retained by the plugin after the lookup completes.
Only derived approximate geolocation information is stored locally within the Customer's WordPress database.
SmartSage Web Services does not intentionally receive, retain, or centrally store visitor IP addresses as part of the normal operation of the plugin.
Customers are responsible for determining whether enabling this functionality requires visitor notice, consent, or additional disclosures under applicable law.
Webhook outbound requests
If you configure a webhook URL in ClickIntent Pro, your server will send lead and event data to the endpoint you specify. We have no visibility into, and no control over, those transmissions.
Your responsibilities as the data controller
Because End User data is collected and stored entirely on your infrastructure, you are the data controller for that data. You are responsible for complying with all applicable privacy laws (including India's DPDPA, the GDPR, CCPA, and others), maintaining appropriate security measures, and providing your End Users with a lawful basis for data collection and a compliant privacy notice.
SmartSage Web Services does not determine the purposes or means of processing End User data collected through the plugin on Customer websites.
Customers independently determine:
- what data is collected;
- how long it is retained;
- whether tracking features are enabled;
- whether webhooks are configured;
- and whether visitor consent is obtained.
Accordingly, customers — not SmartSage Web Services — act as the data controllers or data fiduciaries for such End User data.
Consent and Visitor Notices
Depending on applicable law and how the plugin is configured, customers may be legally required to:
- obtain visitor consent before enabling certain analytics or tracking functionality;
- disclose geolocation enrichment or behavioural analytics practices;
- implement cookie or consent banners;
- maintain records of consent;
- or disable tracking functionality until consent is obtained.
SmartSage Web Services does not provide legal advice regarding whether a particular implementation requires consent under the GDPR, ePrivacy Directive, UK GDPR, DPDPA, CCPA, or other applicable laws.
04What We Collect About You (as a Customer)
Information you provide
- Account registration: name, email address, billing address, and payment information (processed by our payment processor — we do not store card numbers).
- Support requests: any information you include in emails or support tickets.
- License activation: your license key, WordPress site URL, and IP address at activation time.
Information collected automatically
- Website usage: pages viewed, referrer URL, browser type, device type, and approximate location (country/city) derived from IP address via standard web server logs or analytics.
- License check requests: your site URL and license key are sent to our licensing server when the plugin verifies your subscription status.
Plugin Telemetry and License Verification
To provide software updates, validate active subscriptions, prevent license abuse, and maintain product security, the plugin may periodically transmit limited technical and licensing information to SmartSage Web Services infrastructure.
This information may include:
- license key;
- domain or site URL;
- plugin version;
- WordPress version;
- PHP version;
- activation status;
- and server IP address.
The plugin is not designed to transmit End User lead records, visitor analytics records, behavioural event logs, or webhook payloads to SmartSage Web Services during license verification.
05How We Use Your Data
- Providing the service: processing your purchase, issuing and validating license keys, delivering software updates, and maintaining your account.
- Customer support: responding to questions, bug reports, and feature requests.
- Communications: sending transactional emails (receipts, renewal reminders, security notices) and, with your consent, product update announcements.
- Fraud prevention and security: detecting abuse of license keys or unusual access patterns.
- Legal compliance: maintaining records as required by Indian tax and accounting law.
- Product improvement: understanding which features are most used to prioritise development (aggregated, never tied to individual End Users).
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
We will send marketing or product update communications only where permitted by applicable law or where you have provided the necessary consent. You may unsubscribe from non-essential communications at any time using the unsubscribe link provided in such emails.
06Legal Basis for Processing
Where the GDPR or similar frameworks apply, we rely on the following legal bases:
| Processing Activity | Legal Basis |
|---|---|
| Fulfilling your subscription and license | Contract performance |
| Transactional emails and support | Contract performance / legitimate interests |
| Marketing communications | Consent (opt-in at checkout) |
| Fraud prevention and security | Legitimate interests |
| Tax and accounting records | Legal obligation |
08International Data Transfers
SmartSage Web Services operates from India. Depending on the location of our infrastructure providers, payment processors, email providers, or support systems, your personal data may be transferred to and processed in countries outside your own jurisdiction.
Where required by applicable law, we implement appropriate safeguards for such transfers, including contractual protections with service providers.
09Data Retention
We retain your account and billing information for as long as your account is active and for a minimum of seven (7) years thereafter to comply with Indian tax and financial record-keeping obligations.
Support correspondence is retained for three (3) years from the date of the last interaction.
If you request deletion of your account, we will delete or anonymise your personal data within 30 days, except where retention is required by law.
Deletion of the plugin from a Customer's WordPress installation does not automatically delete plugin-generated data from the Customer's database unless separately removed by the Customer.
Customers are solely responsible for managing retention, deletion, export, and portability of End User data stored within their own WordPress environment.
10Your Rights
Depending on your location, you may have the following rights regarding your personal data held by us:
- Access: obtain a copy of the personal data we hold about you.
- Correction: request correction of inaccurate or incomplete data.
- Deletion: request deletion of your personal data, subject to legal retention requirements.
- Portability: receive your data in a structured, machine-readable format.
- Objection / Restriction: object to or restrict certain processing activities.
- Withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, contact us at the address in Section 13. We will respond within 30 days. We may need to verify your identity before fulfilling the request.
If you are in the European Economic Area or UK and believe we have not addressed your concern adequately, you have the right to lodge a complaint with your local supervisory authority. Customers in India may exercise rights under the Digital Personal Data Protection Act 2023 (DPDPA) by contacting us directly.
11Security
We implement reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure, including TLS encryption in transit and access controls on our licensing and account infrastructure.
However, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, and you use the service at your own risk. You are responsible for maintaining the security of your own account credentials.
While we implement reasonable safeguards for our own systems, we are not responsible for the security of:
- Customer WordPress installations;
- third-party plugins or themes;
- hosting environments;
- webhook destinations;
- or other infrastructure outside our direct control.
Customers are solely responsible for securing the environments in which the plugin is deployed.
12Children's Privacy
Our website, account portal, and Software are intended for use by businesses and individuals aged 18 and over. We do not knowingly collect personal data from children under 18. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.
13Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect the most recent revision. For material changes, we will notify active subscribers via email. Your continued use of our website or services after the effective date constitutes acceptance of the updated policy.
14Contact Us
For privacy-related questions, data subject requests, or to report a concern, please contact us:
SmartSage Web Services
Pune, Maharashtra, India
Email: hello@getclickintent.com
We aim to acknowledge all privacy requests within 72 hours and resolve them within 30 days.