This “Privacy Policy” applies to our various websites, applications and services located or accessed at https://www.getstrada.com/, and any other website that links to this Statement (“Services”), which is owned and operated by Strada API, Inc. (“Strada” “Company” or “we” or “us”). Your privacy is critically important to us. This Privacy Policy explains how we collect, use and disclose personally identifying information (“Personal Information”) gathered through the Services.
While this Privacy Policy may reference aspects of our other terms and agreements, use of the Services is subject to our Terms of Use. All such terms are located at: https://www.getstrada.com/legal/terms-of-service and referred to collectively as “Terms.” Capitalized terms used but not defined in this Privacy Policy have their meaning set forth in the various agreements within the Terms.
We reserve the right to change this Privacy Policy from time to time without notice to you. You should check here periodically to review the current Privacy Policy, which is effective as of the revision date listed below. Your use of the Services and submission of any information, including Personal Information, to us constitutes acceptance and understanding of this Privacy Policy.
Types of Information & Personal Information Collected Through the Services
We may collect or process personal data, including Personal Information, either directly from you or on behalf of our customers through the Services. The categories of personal data processed through our Services may include:
Contact information (such as name, email address, phone number, job title, company name, or billing address);
Account and user information (such as login credentials, access permissions, and account identifiers associated with customer accounts);
Communications data (such as phone numbers, voice recordings, call transcripts, chat messages, email content, attachments, and other communications processed through the Services);
Customer interaction information (such as policy numbers, claim details, customer service inquiries, and other information provided during communications with our customers);
Technical and usage information (such as IP address, browser metadata, device information, cookies, session information, and usage statistics related to interactions with the Services);
Analytics and performance data (such as call metrics, sentiment scores, system usage statistics, and service performance indicators);
Billing and transaction information (such as name, email address, company name, billing address, payment method details, and invoicing information);
Information submitted through forms or communications (such as demo requests, contact forms, feedback, suggestions, job applications, or other information provided to us directly);
Personal data about third parties provided by our customers or users where they have obtained appropriate authorization to share such data.
In many cases, Strada processes personal data on behalf of its customers who use the Services to communicate with their own end users. In such cases, Strada acts as a data processor and processes personal data only in accordance with the instructions of its customers and applicable data processing agreements. Where Strada acts as a processor, the customer using the Services acts as the data controller and determines the purposes and means of processing personal data.
Strada does not intentionally collect or process special categories of personal data as defined under Article 9 of the GDPR (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data used for identification, health data, or data concerning a person’s sex life or sexual orientation).
To the extent that such data may be included in communications processed through the Services, it is processed only incidentally and solely on behalf of our customers.
We may share personal data with trusted service providers and sub-processors that support the operation of our Services, such as cloud infrastructure providers, telecommunications providers, analytics providers, and AI service providers. These providers process personal data only on our behalf and in accordance with contractual safeguards.
Types of Uses of Information & Personal Information
We collect, store and use the information as well as Personal Information you provide to us for the following purposes and on the following lawful bases under Article 6 of the GDPR:
To provide and operate the Services (legal basis: contractual necessity and legitimate interest in operating, maintaining, and improving our services for our customers);
To process product orders received through the Services or other communication channels (e.g., email or phone) (legal basis: contractual necessity);
To evaluate business opportunities and potential commercial relationships (legal basis: legitimate interest in developing and expanding our business relationships);
To effectuate, administer, or enforce transactions or agreements with customers or partners (legal basis: contractual necessity and legal obligation where applicable);
To adjust, maintain, and improve offerings or services provided by us (legal basis: legitimate interest in improving the quality, reliability, and functionality of our services);
To provide information about our products and services that we believe may be of interest, including mailing lists and marketing communications (legal basis: consent or legitimate interest in promoting our services where permitted by applicable law);
To authenticate visitors to the Services and maintain platform security (legal basis: legitimate interest in ensuring the security and integrity of our systems and services);
To process billing, payments, and financial transactions related to the Services (legal basis: contractual necessity and legal obligation);
To respond to requests, inquiries, and other customer service communications (legal basis: legitimate interest in providing customer support and contractual necessity where applicable);
To process job applications submitted through our website or through third-party recruiting platforms (legal basis: legitimate interest in recruiting and evaluating candidates and steps taken prior to entering into an employment contract);
To automatically collect technical and usage information through the Services, such as IP address, browser type, and device information, in order to operate, secure, and improve the Services (legal basis: legitimate interest in monitoring system performance, security, and usage);
To analyze usage and improve the Services, products, and features offered by us and to better understand how users interact with our Services (legal basis: legitimate interest in improving product performance and user experience).
Strada's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including Limited Use requirements.
Our Services enable you to integrate and create workflows between third-party applications “Customer Applications”. When you authenticate a Customer Application, we will store on your and/or your organization’s behalf, any credentials required to integrate the Customer Application. We may collect, store and process, on your and/or your organization’s behalf, information that the Customer Applications share with us that you provided to them.
In order to execute workflows that you have created we may share information between Customer Applications that you authenticated. We may also share (at your direction or the direction of an account owner), information with Customer Applications that may utilize artificial intelligence, machine learning, or similar technologies.
Strada implements appropriate technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access, in accordance with Article 32 of the GDPR. These measures include industry-standard security practices such as encryption, access controls, and secure infrastructure. However, no method of transmission over the Internet or method of electronic storage is completely secure.
Choice and Control
Where required by applicable law, including under the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework, individuals have the right to choose (i.e., opt out) whether their personal data is:
Disclosed to a third party; or
Used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized.
Individuals may exercise this right by contacting us at privacy@getstrada.com. .
Where we rely on consent for processing personal data (such as for marketing communications), individuals may withdraw their consent at any time, as described in this Privacy Policy.
We will provide individuals with the opportunity to exercise these choices at the time their personal data is collected or as soon as practicable thereafter. We will process requests to exercise these choices in accordance with applicable data protection laws.
Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including providing and improving the Services, complying with legal obligations, resolving disputes, and enforcing our agreements.
Retention periods may vary depending on the type of personal data and the purposes for which it is processed. For example, we may retain customer account information for the duration of the business relationship and a reasonable period thereafter, and financial or billing records for the period required by applicable law. When personal data is no longer required for these purposes, we take reasonable steps to securely delete or anonymize it.
We may share or disclose Personal Information to third parties for the following purposes:
To provide you with information relating to products or services that we believe you may find of interest;
In response to a subpoena or other legal process by a governmental entity or third party, or if otherwise required by law;
To protect or enforce our rights including with respect to our assets and properties;
In the event of the sale or dissolution (bankruptcy) of assets, in whole or in part, of our business or any of its affiliates;
To third parties involved in the process of fulfilling orders, providing, or performing functions on our behalf and as aspects necessary to provide our products and the Service (e.g., such as third-party integration partners, service providers, contractors, payment processors, banks, and collection agencies); and
To provide products or services requested.
Cookies and other Technologies
A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. Pixel tags (also called web beacons) are small blocks of code placed on websites and emails. Strada uses cookies and other technologies like pixel tags to help us identify and track visitors, usage, and access preferences for our Services, as well as track and understand email campaign effectiveness and to deliver targeted ads. We may combine this data with the Personal Information we have collected from you.
Cookies
We (including our chosen third-party service providers) use cookies to track visitor activity on the Services. Our cookies assign a random, unique number to each visitor’s computer. They do not contain information that would personally identify the visitor, although we can associate a cookie with any identifying information that is or has been provided to us while visiting the Services. We use cookies that remain on your computer for a specified period of time or until they are deleted (persistent cookies). We may also use cookies that exist only temporarily during an online session (session cookies) – these cookies allow us to identify you temporarily as you move through the Services. Most browsers allow users to refuse cookies but doing so may impede the functionality of some portions of our Services.
Pixel Tags
Pixel tags (also known as Web beacons) are tiny graphics with a unique identifier, similar in function to cookies, that are used to track the online movements of Web users. In contrast to cookies, which are stored on your computer’s hard drive, Web beacons are embedded invisibly on webpages and may not be disabled or controlled through your browser.
Third Parties
We may also engage third parties to track and analyze Services activity on our behalf. To do so, these third parties may place cookies or pixel tags to track user activity on our Services. We use the data collected by such third parties to administer and improve the quality of the Services, analyze usage of the Services, and provide a more enhanced user experience on the Services, such as personalizing and delivering relevant offers and content based on user activity on the Services. We do not provide these third parties with your Personal Information.
We may use third party analytics services (such as Google Analytics and other similar services) to collect and process certain analytics data. These services may also collect information about your use of other websites, apps, and online resources.
Third-Party Links
The Services contain links to other, third-party websites. Any access to and use of such linked websites is not governed by this Privacy Policy, but, instead, is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites.
Email Policy
We may use your email address to communicate with you about orders you have placed, inquiries you have made about our products and services, or information you have shared with us through the Services or email.
Where required by applicable law, including the GDPR, we will send you promotional emails, newsletters, or marketing communications only where you have provided your prior consent to receive such communications. You may provide this consent, for example, by subscribing to a newsletter, requesting information about our products or services, or otherwise opting in to receive marketing communications.
You may withdraw your consent and stop receiving promotional emails at any time by following the unsubscribe instructions contained in any marketing email we send or by contacting us directly. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Please note that even if you opt out of marketing communications, we may still send you non-promotional emails related to your account, transactions, customer support inquiries, or other service-related communications.
International Users
If you access the Services from outside the United States, please note that your personal data may be transferred to and processed in the United States or other jurisdictions where we or our service providers operate.
Where personal data is transferred outside the European Economic Area (EEA), the United Kingdom, or Switzerland, we implement appropriate safeguards in accordance with applicable data protection laws to ensure that personal data remains protected. These safeguards may include the use of Standard Contractual Clauses approved by the European Commission or other lawful transfer mechanisms.
Personal data collected from individuals located in the European Union, the United Kingdom, or Switzerland may therefore be transferred to and processed by us or our service providers in the United States or other countries that may not have the same data protection laws as the country in which you initially provided the information. In such cases, we take steps designed to ensure that appropriate contractual, technical, and organizational protections are in place to safeguard your personal data.
You may request additional information about the safeguards we use for international transfers by contacting us using the contact details provided in this Privacy Policy.
Your Data Protection Rights Under General Data Protection Regulation (GDPR)
If you are a resident of the European Union (EU) or the European Economic Area (EEA), you have certain data protection rights under the GDPR. See more at https://eur-lex.europa.eu/eli/reg/2016/679/oj
We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal data.
If you wish to be informed about what personal data we hold about you, or if you want it to be removed from our systems, please contact us at privacy@getstrada.com.
Under certain circumstances, you have the following data protection rights:
the right to access, update, or delete the information we hold about you;
the right to rectification if your personal data is inaccurate or incomplete;
the right to object to the processing of your personal data;
the right to request restriction of processing of your personal data;
the right to data portability, meaning you may request a copy of your personal data in a structured, commonly used, and machine-readable format;
the right to withdraw consent at any time where we rely on consent to process your personal data;
the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects on you, and the right to request human intervention in such cases.
Please note that we may ask you to verify your identity before responding to such requests. In some cases, we may not be able to provide certain Services without necessary personal data.
You also have the right to lodge a complaint with a data protection authority regarding our collection and use of your personal data. For more information, please contact your local data protection authority in the European Economic Area (EEA) and/or the ICO.
Your Data Protection Rights (California Residents)
If you are a resident of California and interact with us as a consumer, you have certain rights under the California Consumer Privacy Act or “CCPA” (Cal. Civ. Code § 1798.100 et seq.), including to request access to, correction of, and deletion of your Personal Information (as defined in the CCPA). You may exercise these rights by contacting us at privacy@getstrada.com.
We do not sell your Personal Information, but we may allow our advertising partners to collect certain device identifiers and electronic network activity that allows them to show ads within their systems that are targeted to your interests. To opt out of having your Personal Information used for targeted advertising purposes, please visit www.aboutads.info/choices.
Children’s Privacy
We do not knowingly collect, maintain, or use personal information from children under 13 years of age in the UK and 16 years of age in the EU, and no parts of our Services are directed to children. If you learn that a child has provided us with personal information in violation of this Privacy Policy, then you may alert us at privacy@getstrada.com.
EU-U.S. & UK Extension – Data Privacy Framework Notice
Strada API, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, as set forth by the U.S. Department of Commerce. Strada API, Inc. has certified that it adheres to the EU-U.S. Data Privacy Framework Principles with regard to personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and its UK Extension. If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the Principles shall govern. To learn more about the DPF Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF and its UK Extension, Strada API, Inc. commits to resolve DPF-Principles-related complaints about our collection and use of your personal information.
EU and UK individuals with inquiries or complaints should first contact us at privacy@getstrada.com.
Co-operation with DPAs/ICO
Strada API, Inc. commits to cooperate and comply with the advice of the panel established by the EU Data Protection Authorities (DPAs) and the UK Information Commissioner's Office (ICO) with regard to unresolved DPF complaints.
Investigatory & enforcement powers
Strada API, Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Binding arbitration
Under certain conditions, you may invoke binding arbitration to resolve complaints not resolved by other mechanisms, as described in Annex I of the DPF Principles.
Onward-transfer liability
Strada API, Inc.'s compliance with the DPF is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. In accordance with the DPF, Strada API, Inc. is also liable for onward transfers to third parties that process personal information in a way that does not follow the DPF unless Strada API, Inc. was not responsible for the event giving rise to any alleged damage.
How to Contact Us
While we strive for error free performance, we cannot always catch an unintended privacy issue. As a result, we encourage your questions and comments about any privacy concerns. Please direct them to us by an email to the following: privacy@getstrada.com.
EU Representative (Article 27 GDPR):
Instant EU GDPR Representative Ltd.
Office 2, 12A Lower Main Street, Lucan Co. Dublin, K78 X5P8, Ireland
Email: info@gdprlocal.com
UK Representative (UK GDPR Article 27):
GDPR Local Ltd.
1st Floor Front Suite, 27-29 North Street, Brighton, England, BN1 1EB
Email: info@gdprlocal.com
Last Updated: March 23, 2026
