Privacy policy

Personal data: is information that relates to an identified or identifiable individual.

We may collect, use, store and disclose different kinds of personal data about you which we have listed below:

• Identity Data including first name and last name.
• Contact Data including billing address, email address, telephone number, Skype ID, and other social media usernames or profile links.
• Financial Data including credit card information or bank account information collected by our third-party payment processors on our behalf.
• Transaction Data including details about payments from you to us and other details of products and services you have purchased from us.
• Technical and Usage Data including internet protocol (IP) address, your login data, your browser session and geolocation data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour, information about your access and use of our website, including through the use of cookies, your communications with our website, the type of browser and operating system you are using.
• We store certain referral and campaign parameters locally in your browser to understand how users discover our services. This information is used solely for internal analytics and attribution and is not shared for advertising purposes.
• Profile Data including your username and password for the App, support requests you have made, content you post, send, receive and share through our platform, feedback and survey responses.
• Interaction Data including information you provide to us when you participate in any interactive features of our Services, including surveys, contests, promotions, activities or events.
• Marketing and Communications Data including your preferences in receiving marketing from us and our third parties and your communication preferences.
• Professional data including where you are a worker of ours or applying for a role with us, your professional history such as your previous positions and professional experience.
• Special Categories of Personal Data is a special category of personal data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not actively request special categories of data about you, nor do we collect any information about criminal convictions and offences. If at any time we need to collect special categories of data about you, we will only collect it and use it as required or authorised by law.

We collect personal data in a variety of ways, including:

• Directly: We collect personal data which you directly provide to us, including when you register for an account, through the ‘contact us’ form on our website or when you request our assistance via email, or over the telephone.
• Indirectly: We may collect personal data which you indirectly provide to us while interacting with us, such as when you use our website, in emails, over the telephone and in your online enquiries.
• From third parties: We collect personal data from third parties, such as from your employer where they invite you to access our Services, from 2Checkout or other approved ApprovalMax resellers, and details of your use of our website from our analytics and cookie providers and marketing providers. See the “Cookies” section below for more detail on the use of cookies.
• From publicly available sources: We collect personal data from publicly available resources such as Companies House and professional networking sites such as LinkedIn.
• We also collect personal data when individuals visit or interact with our content hub at tothemax.online, which operates under the ApprovalMax brand and uses the same analytics and marketing tools as our main website.

Indirectly Obtained Business Contact Data

We may collect and process business contact information that is not provided to us directly by the individual.

• Source Categories: Source categories: This data may be obtained from (1) third-party B2B data and CRM enrichment providers (such as Cognism), (2) publicly available sources (such as Companies House and LinkedIn), and (3) company-level intent tools (such as Unify), which identify organisational interest based on website interactions where the use of cookies and similar technologies is permitted by your cookie choices.

• Purposes of Processing: We use this data for:
  • Targeted marketing and sales outreach
  • Maintaining suppression lists to ensure we respect opt-out requests and do not contact inappropriate audiences (for example existing customers or open opportunities)
  • Measuring and improving the effectiveness of our B2B engagement
• Lawful basis: We rely on legitimate interests for this processing. Our interest is to identify and communicate with relevant professional stakeholders who may benefit from our Services, in a proportionate way, and with suppression and opt-out controls in place.
• How selection for outreach works: Our selection for outreach may use:
  • Organisational intent signals from website activity
  • Matching against our ideal customer profile (for example industry and role)
  • Suppression rules (for example excluding opted-out contacts and other do not contact flags)

This may involve automated filtering to decide who should receive B2B communications. It does not produce legal or similarly significant effects for individuals.

International transfers: Business contact data may be transferred from the UK to the US for processing by our service providers. Where required, we use appropriate safeguards such as Standard Contractual Clauses with the UK Addendum (or other recognised transfer mechanisms).

Right to object and opt-out: You have the right to object to this processing at any time. To opt out of marketing emails, click the unsubscribe link in any email or contact us at privacy@approvalmax.com.

We collect and process personal data about you only where we have legal bases for doing so under applicable laws. We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please reach out to us if you need further details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

If you have consented to our use of data about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your data because we or a third party have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using our services. Further information about your rights is available below.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law, and have DPAs in place with our third-party service providers to ensure they do so. We use the following third parties for the following purposes to carry out our Services, and they have access to the data we share with their platforms:

• marketing providers including HubSpot and Zoho Campaigns (to automate and manage our marketing emails and campaigns), Intercom (to deliver in-app messaging, product tours and live chat), Refiner (to gather information about customer satisfaction, such as our Net Promoter Score and other product feedback), Mailchimp and Mandrill (for systems notifications as part of our Service delivery), UserVoice (to gather customer feedback), Klenty (to support outbound sales engagement and cadence automation), Cognism (to enrich and validate business contact data for sales and marketing purposes). We also use Tilda as content management system;
• storage and security providers including Microsoft Azure (cloud storage) and Sentry and Stackify (to track user interface logs and errors);
• business process providers including Zoho Creator (for business process automation), Zoho CRM (for customer relationship management), Zoho Desk (for customer and sales lead support) and Zoom (for scheduling and running meetings and webinars) and Kickscale (for supporting and optimising sales development and performance processes);
• user experience software tools, such as where we track some user activity with a tool provided by Hotjar. This monitors all clicks made by trial users during the setup process in the product. Only the clicks on user interface controls are being tracked, we do not capture any financial data.

We may also disclose personal data to:

• our employees, contractors and/or related entities;
• other service providers who assist us to deliver our services;
• professional advisors, bankers, auditors, our insurers and insurance brokers;
• payment systems operators such as 2Checkout, Stripe;
• our existing or potential agents or business partners;
• sponsors or promoters of any promotions or competition we run;
• anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;
• courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
• courts, tribunals, regulatory authorities and law enforcement officers, as required or authorised by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;
• third parties to collect and process data for analytics and measurement purposes, such as Google Analytics (to find out how Google uses data when you use third-party websites or applications, please see www.google.com/policies/privacy/partners/), Facebook Pixel, Microsoft Advertising (Bing Ads),  G2 (which provides aggregated analytics based on browser-level identifiers when users who have consented to marketing or analytics cookies visit our website after viewing our G2 profile), or other relevant analytics providers. No personally identifiable information such as names or contact details is shared with us through these services, and you may withdraw your consent at any time through your cookie settings; and
• any other third parties as required or permitted by law, such as where we receive a summons.

We have enabled various Google Analytics Advertising Features to enhance our understanding of user interactions and improve our services. These features include, but are not limited to:

• Remarketing Features
• Advertising Reporting Features
• Demographics and Interest Reports
• Store Visits
• Google Display Network Impression Reporting

We, along with third-party vendors, utilise both first-party cookies (such as the Google Analytics cookie) and other first-party identifiers, as well as third-party cookies (such as Google advertising cookies) and other third-party identifiers. This combination allows us to gather comprehensive data to optimise our marketing efforts and user experience.

We respect your privacy preferences and provide several options for you to control your data:

Google Analytics Opt-Out: You can opt-out of Google Analytics Advertising Features by installing the Google Analytics Opt-out Browser Add-on, which is available here.

Personalised Ads on Google Content Network: To opt-out of personalised ad delivery on the Google Content Network, please visit the Google Ads Preferences Manager here.

Android Devices: Open the Google Settings app on your device, select “Ads”, and adjust your preferences.

iOS Devices (iOS 6 and above): Use Apple’s advertising identifier. To learn more about limiting ad tracking with this identifier, visit the settings menu on your device.

Other Analytics and Advertising Services

In addition to Google Analytics, we utilise various other tools to analyse data and manage advertising. These include:

• Google Analytics GA4
• Google Ads
• Microsoft Advertising (Bing Ads)
• Microsoft Clarity
• G2 Pixel
• HubSpot
• ZOHO CRM
• Meta Ads (Facebook Ads)
• LinkedIn Ads
• HotJar
• Power BI
• Cognism
• Mailchimp
• Intercom
• Unify

These services help us understand user behaviour, track advertising effectiveness, and improve our marketing strategies. Each service adheres to its privacy policies and provides mechanisms for users to manage their privacy preferences.

Where we disclose personal data to the third parties listed above, these third parties may store, transfer or access personal data outside of the United Kingdom (or for Australian and New Zealand individuals outside Australia and New Zealand respectively). The level of data protection in countries outside of your home jurisdiction may be less comprehensive than what is offered in your home jurisdiction. When we transfer your personal data outside of your home jurisdictions, we will perform those transfers using appropriate safeguards in accordance with the requirements of applicable data protection laws and we will protect the transferred personal data in accordance with this Privacy Policy. This includes:

• only transferring your personal data to countries that have been deemed by applicable data protection laws to provide an adequate level of protection for personal data; or
• including standard contractual clauses in our agreements with third parties that are overseas.

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Your choice: Please read this Privacy Policy carefully. If you provide personal data to us, you understand we will collect, hold, use and disclose your personal data in accordance with this Privacy Policy. You do not have to provide personal data to us, however, if you do not it may affect our ability to provide our Services to you and your use of our Services.

Information from third parties: If we receive personal data about you from a third party, we will protect it as set out in this Privacy Policy. If you are a third party providing personal data about somebody else, you represent and warrant that you have such person’s consent to provide the personal data to us.

Access, correction, processing and portability: You may request details of the personal data that we hold about you and how we process it (commonly known as a “data subject request”). You may also have a right in accordance with applicable data protection law to have your personal data rectified or deleted, to restrict our processing of that information, to object to decisions being made based on automated processing where the decision will produce a legal effect or a similarly significant effect on you, to stop unauthorised transfers of your personal data to a third party and, in some circumstances, to have personal data relating to you transferred to you or another organisation.

Unsubscribe: To unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details below or opt-out using the opt-out facilities provided in the communication.

You can also object to our use of your data for direct marketing (including where we use profiling/segmentation to select recipients) by emailing privacy@approvalmax.com.

Withdraw consent: Where we are relying on consent to process your personal data, you have the right to withdraw your consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

Complaints: If you wish to make a complaint, please contact us using the details below and provide us with full details of the complaint. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

If you are in the UK, you have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). If you are in Australia, you have a right to contact the Office of the Australian Information Commissioner (Phone: 1300 363 992, Website: www.oaic.gov.au). If you are in New Zealand, you may contact the Office of the New Zealand Privacy Commissioner. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

We are committed to ensuring that the personal data we collect is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures, to safeguard and secure personal data and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

While we are committed to security, we cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk.

We use cookies and similar technologies on our website. For full details of what technologies we use, why we use them, which third parties are involved, and how long cookies last, please see our cookie notice at approvalmax.com/cookie. You can update your cookie preferences at any time via the cookie settings.

Our website may contain links to other party’s websites. We do not have any control over those websites and we are not responsible for the protection and privacy of any personal data which you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.

If you connect your account with us to a social network account, such as Google or Microsoft, we will collect your personal data from the social network. We will do this in accordance with the privacy settings you have chosen on that social network.

The personal data that we may receive includes your name, ID, user name, handle, profile picture, gender, age, language, and any other personal data you choose to share.

We use the personal data we receive from the social network to create a profile for you on our platform.

If you agree, we may also use your personal data to give you updates on the social network which might interest you. We will not post to your social network without your permission.

We may change this Privacy Policy from time to time. We will notify you if we make a significant change to this Privacy Policy, by contacting you through the contact details you have provided to us and by publishing an updated version on our website.

For any questions or notices, please contact us:

ApprovalMax Limited, a company registered in England and Wales, with company number 11326265.
Contact: support@approvalmax.com
Last update: 29 January 2026

To review the previous Privacy Policy, click here.