Table of Contents
Summary of Key Points
- We primarily send service-related emails (appointment reminders, confirmations, and follow-ups). Marketing emails are sent only with your opt-in and you can unsubscribe anytime.
- We do not sell your personal information and we do not share it for cross-context behavioral advertising as defined by certain US laws.
- We use trusted service providers (for example, Postmark for email delivery) under contract, with appropriate data protection terms.
- You may have rights to access, delete, correct, or restrict your data and to withdraw consent at any time. How to exercise these rights is explained below.
Scope
This Privacy Policy explains how Direct Sales Network (“DSN,” “we,” “us,” or “our”) collects, uses, shares, and safeguards personal information when you:
- visit our websites, microsites, landing pages, or web forms,
- submit lead or contact forms,
- schedule, modify, or receive appointment reminders,
- interact with our emails and other communications, and
- use any other online properties that link to this Policy (collectively, the “Services”).
Note: Some pages may present additional “just-in-time” notices or consent prompts for specific processing (e.g., cookie banners).
We primarily send transactional/service emails (appointment workflows). Marketing communications are sent only with your explicit opt-in. You may unsubscribe at any time via the link in such emails.
Definitions
-
Personal information / personal data
: information that identifies, relates to, describes, or could reasonably be linked to an individual.
-
Processing
: any operation performed on personal information (e.g., collection, storage, use, disclosure, deletion).
-
Sensitive personal information
: categories designated as sensitive under applicable law (e.g., precise geolocation, government ID numbers).
-
Controller / Business
: the party that determines the purposes and means of processing personal data.
-
Processor / Service Provider
: the party that processes personal data on behalf of a controller/business.
Roles (Controller / Processor)
- For our direct-to-consumer website, form submissions, appointment management, and email communications, DSN acts as a Controller/Business.
- If we provide services to business clients who supply personal data to DSN so that we can perform processing on their behalf, DSN acts as a Processor/Service Provider under a separate Data Processing Addendum (DPA). In that case, we process data strictly per our client’s instructions.
Data We Collect
Information You Provide
- Contact details (name, email address, phone number).
- Inquiry/booking details (requested service, preferred time, location context, notes).
- Marketing preferences & consent choices (checkbox selections, timestamps, source).
- Communications (your replies to our emails, any content you send us, satisfaction feedback).
Information Collected Automatically
- Device/usage: IP address, browser type/version, OS, language, pages viewed, referring/exit pages, timestamps, approximate geolocation inferred from IP.
- Email delivery/event metrics: delivery, opens, clicks, bounces, unsubscribes, complaints—only when permitted by your email client and settings.
- Cookies & similar technologies: see Section 9 and Annex C.
Information from Third Parties
- Service providers (e.g., email delivery, scheduling, analytics, hosting, security).
- Publicly available sources or social media (where lawful and consistent with your settings).
- Affiliates/partners (if they refer you to us and you consent to that referral flow).
We do not intentionally collect sensitive personal information. If you voluntarily provide it in free-text fields, we process it only as necessary to respond to your inquiry and then minimize or delete it.
Sources of Personal Information
- Directly from you (web forms, email replies, phone if you call us).
- Automatically through your interactions with the Services.
- From service providers operating at our direction.
- From referring partners or public sources, as permitted by law.
How We Use Personal Information
- Service & operations: Process inquiries, schedule/manage appointments, send reminders, confirmations, and follow-ups.
- Customer support: Respond to questions and provide assistance.
- Communications: Send transactional emails; send marketing emails only with opt-in.
- Improvement & analytics: Monitor performance, troubleshoot, and improve user experience and deliverability.
- Security & fraud prevention: Detect, investigate, and prevent abuse or violations of our terms.
- Compliance: Meet legal, regulatory, tax, accounting, and audit obligations.
We do not use personal information for cross-context behavioral advertising or targeted ads across non-affiliated sites.
Legal Bases (EU/UK)
If you are in the EU/EEA or UK, our processing relies on:
- Contract: To provide requested Services (e.g., appointments and related emails).
- Consent: For marketing emails and non-essential cookies/trackers. You may withdraw at any time.
- Legitimate interests: Service security, analytics consistent with your rights/expectations, product improvement.
- Legal obligation: Where processing is required by law.
How We Share Personal Information
We do not sell personal information. We may share personal information with:
- Service providers / processors: Vendors performing services for us (email delivery, scheduling, analytics, hosting, security). For email, we use Postmark, which may process delivery events and related metadata to send and monitor our emails.
- Professional advisors & authorities: As required by law, to protect rights, or for corporate transactions (e.g., merger, acquisition, financing).
- Affiliates: Where they support the Services under equivalent protections.
Where required, we execute data protection agreements (including Standard Contractual Clauses and, if applicable, the UK IDTA/Addendum) for international transfers.
Cookies, SDKs & Similar Technologies
We use cookies and similar technologies to operate and improve the Services. Where required, we obtain your consent before setting non-essential cookies. You may manage preferences via our banner (if present) and/or through your browser/device settings.
Types we may use:
- Strictly Necessary (essential site operations, security, load balancing).
- Functional (remembering choices like language).
- Analytics/Performance (understand usage and email engagement).
- Advertising: Not used for cross-context behavioral advertising.
See Annex C for an example reference list.
Retention
We keep personal information only as long as necessary for the purposes described here, unless a longer period is required or permitted by law. Illustrative guidelines:
- Appointment / inquiry records: typically up to [12 months] after last interaction.
- Marketing preferences & consent logs: retained while you are subscribed and for a reasonable period afterward to demonstrate compliance.
- Technical logs & analytics: [13 months] unless required longer for security, diagnostics, or legal reasons.
- Email delivery metadata (via providers like Postmark): retained per provider’s standard retention to ensure deliverability, diagnostics, and compliance.
See Annex B for a purpose-based matrix and typical retention ranges.
Security
We maintain administrative, technical, and physical safeguards designed to protect personal information, including but not limited to:
- encryption in transit,
- access controls and least-privilege practices,
- inventory and configuration hardening,
- logging/monitoring and vulnerability remediation, and
- vendor risk management for service providers.
No method of transmission or storage is completely secure; we cannot guarantee absolute security.
International Transfers
We may process and store information in countries other than where you reside (including the United States). Where required, we use appropriate safeguards such as:
- Standard Contractual Clauses (SCCs) for EU/EEA/Swiss data,
- the UK IDTA/Addendum for UK data, and
- supplementary measures consistent with regulatory guidance.
Automated Decision-Making & Profiling
We do not engage in automated decision-making that produces legal or similarly significant effects about you. We may perform basic scoring/segmentation (e.g., “interested/not interested,” “needs follow-up”) to prioritize responses and improve service responsiveness.
Your Privacy Rights
Depending on your location, you may have some or all of the following rights (subject to limits and verification):
- Access: Know whether we process your data and obtain a copy.
- Correction: Rectify inaccurate or incomplete data.
- Deletion: Request deletion, subject to legal exceptions.
- Restriction/Objection: Limit or object to certain processing.
- Portability: Receive your data in a structured, commonly used, machine-readable format.
- Withdraw consent: At any time for processing based on consent (e.g., marketing).
- Appeal: In certain US states, appeal our decision regarding your request.
California (CCPA/CPRA): Right to know/access, delete, correct, and limit use of sensitive personal information; right to opt out of sale/share (we do not sell or share as defined).
How to exercise rights: Email contact@directsales.network. We may request information to verify your identity. You may designate an authorized agent pursuant to applicable law. We will respond within the statutory timeframes.
State/Regional Notices (US, Canada, Brazil, APAC)
- US States (e.g., CA, CO, CT, VA, UT, OR): We honor applicable state privacy rights and opt-out signals where required by law. We do not process personal information for cross-context behavioral advertising or sell data.
- Canada (PIPEDA/Provincial laws): You have rights to access, correct, and challenge compliance.
- Brazil (LGPD): You have rights to confirm processing, access, correct, anonymize/block/delete unnecessary data, portability, and revoke consent.
- Australia/New Zealand/Other APAC: We apply reasonable protections and honor applicable local rights and notice requirements.
Your Choices & Consent Management
- Transactional emails: If you submit a form or book an appointment, you may receive service-related messages (reminders, confirmations, follow-ups).
- Marketing emails: Sent only with opt-in. Unsubscribe any time via the email link or by contacting us.
- Cookies: Manage via our banner (if present) and/or your browser settings. Some features may not function if certain cookies are disabled.
Do Not Track / Global Privacy Control
Some browsers and extensions support Do Not Track (DNT) or Global Privacy Control (GPC) signals. We honor legally required signals where applicable.
Third-Party Links & Services
The Services may link to third-party websites, apps, or services. Their privacy practices are governed by their own policies. We encourage you to review those policies before interacting with them.
Changes to This Policy
We may update this Policy from time to time. The “Last updated” date reflects the most recent changes. If changes materially affect your rights, we will provide additional notice (e.g., prominent banner, email) where required by law.
How to Contact Us
If you have questions, concerns, or wish to exercise your privacy rights, contact us:
- Email: contact@directsales.network
- Postal: [Direct Sales Network, Street, City, State/Province, Postal Code, Country]
- Phone (optional): [Insert number]
© 2025 Direct Sales Network. All rights reserved.
Annex A — Notice at Collection (California)
We collect the following categories of personal information for the business purposes described below. We do not sell personal information and we do not share it for cross-context behavioral advertising.
| Category (CCPA/CPRA) | Examples | Purpose(s) | Retention (typical) |
|---|---|---|---|
| Identifiers | Name, email, phone, IP | Service/operations; customer support; security; compliance | Inquiry/appointment data: ~[up to 12 months] after last interaction; logs per Section 10 |
| Commercial info | Bookings, interactions with communications | Provide and improve Services; analytics; compliance | See Annex B |
| Internet/electronic activity | Pages viewed, timestamps, email open/click events (when permitted) | Performance, deliverability, security | [Up to 13 months] for analytics/logs |
| Geolocation (approx.) | IP-based region | Localization, fraud prevention | [Up to 13 months] (logs) |
| Inferences (basic) | Service interest level | Prioritization of support/follow-up | Tied to appointment lifecycle |
Sensitive personal information: Not intentionally collected. If inadvertently received, used only as necessary to provide Services and then minimized.
Consumers may exercise the rights described in Section 14.
Annex B — Categories ↔ Purposes ↔ Retention Matrix (Illustrative)
| Data Element | Lawful Basis (EU/UK) | Core Purpose(s) | Typical Retention |
|---|---|---|---|
| Contact details | Contract; Legitimate interests | Scheduling, confirmations, reminders, follow-ups | Through appointment lifecycle + [up to 12 months] |
| Consent records | Consent; Legal obligation | Demonstrate opt-in/opt-out | Subscription duration + reasonable compliance period |
| Email delivery metadata | Legitimate interests | Deliverability, diagnostics, abuse prevention | Provider standard windows; typically ≤ 13 months |
| Analytics (site/app) | Consent (where required); Legitimate interests | Improve UX, reliability | ≤ 13 months |
| Security logs | Legitimate interests; Legal obligation | Threat detection, incident response | [6–24 months] depending on risk and law |
Note: Actual retention may vary by legal, operational, or contractual requirements.
Annex C — Cookies & Tracking Technology Reference (Illustrative)
| Name / Provider | Type | What it does | Typical Lifetime | Opt-Out/Control |
|---|---|---|---|---|
__cf_bm / Host |
Strictly necessary | Bot management / traffic integrity | Minutes–hours | Browser settings (not removable via consent banner) |
| DSN-prefs | Functional | Stores cookie preferences (consent choices) | 6–12 months | Consent banner; browser settings |
| Analytics ID | Analytics | Pageviews, session metrics, referrers | Up to 13 months | Consent banner; browser settings |
| Postmark webhook events (server-side) | Analytics/Deliverability | Email events (open/click/bounce) when permitted | Up to 13 months | Unsubscribe; email client settings; request deletion |