PRIVACY POLICY

Last updated: 16th March 2026

1. Introduction

This Privacy Policy explains how PitstopHealth Limited ("Pitstop", "we", "us", "our") collects, uses, stores, and protects personal data when you access or use the Pitstop platform and related services (collectively, the "Services").

Pitstop is a B2B AI-powered revenue coaching system. Our platform analyzes recorded sales conversations, identifies execution breakdowns, delivers corrective coaching, and tracks improvement over time. The data we process relates primarily to professional sales activity and organizational performance.

PitstopHealth Limited is registered in Ireland (company address: 77 Sydney Parade Avenue, Dublin 4, D04 K0N0, Ireland) and acts as the data controller for personal data processed through the Services. As an Irish-registered entity, Pitstop operates in compliance with the EU General Data Protection Regulation ("GDPR") and the Irish Data Protection Acts.

If you have any questions about this Policy, please contact us at support@takeapitstop.com.

2. Personal Data We Collect

We collect and process the following categories of personal data in connection with the Services:

Account and Contact Data

  • Name, job title, and work email address
  • Organization name and billing details
  • Account credentials

Call and Coaching Data

  • Sales call recordings and transcripts uploaded or integrated through the Services
  • AI-generated coaching outputs, execution scores, skill assessments, and improvement metrics
  • Pre-call preparation notes and session inputs
  • Metadata associated with call submissions (date, duration, participant count)

Usage and Platform Data

  • Log data, device and browser information, and IP addresses
  • Feature usage, session activity, and interaction data within the platform

Third-Party Integration Data

Where you connect CRM, calendar, or communication tools to the Services, we may receive data from those integrations as necessary to provide the Services.

3. Lawful Basis for Processing

We process personal data on the following lawful bases under the GDPR:

  • Contract: Processing necessary to provide the Services under your subscription agreement, including delivering coaching outputs, managing your account, and processing payments.
  • Legitimate Interests: Processing for platform security, fraud prevention, service improvement, and the provision of aggregated performance analytics to organizational account holders, where these interests are not overridden by your rights.
  • Legal Obligation: Processing required to comply with applicable law, including tax, financial reporting, and law enforcement obligations.
  • Consent: Where we rely on consent (for example, for optional communications or certain AI model improvement activities), you may withdraw consent at any time without affecting the lawfulness of prior processing.

4. How We Use Personal Data

We use personal data to:

  • Provide, operate, and maintain the Services
  • Deliver AI-generated coaching outputs, execution scores, and performance insights
  • Enable team dashboards, leaderboards, and organizational analytics for account administrators
  • Process payments and manage subscription accounts
  • Respond to support requests and communicate service updates
  • Monitor platform security and prevent fraudulent or unauthorized activity
  • Improve the reliability and performance of our AI systems, using anonymized and aggregated data only (see Section 7)
  • Comply with legal and regulatory obligations

5. Disclosure of Personal Data

We do not sell personal data. We may share personal data in the following circumstances:

  • Service Providers: With third-party technology providers who process data on our behalf to deliver the Services, including AI infrastructure providers, hosting services, and payment processors. All providers are bound by data processing agreements and may only process data for the purposes we specify.
  • Organizational Administrators: Where your employer or organization holds the account, administrators may access your performance data, coaching outputs, and call recordings in accordance with Section 9 of our Terms and Conditions.
  • Legal Compliance: Where required by law, regulation, court order, or to protect the rights, safety, or property of Pitstop or others.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, personal data may be transferred to the relevant third party subject to equivalent privacy protections.

6. International Data Transfers

Pitstop primarily stores and processes data within the European Economic Area (EEA). Where data is transferred outside the EEA, we ensure that appropriate safeguards are in place in accordance with GDPR requirements, including the use of Standard Contractual Clauses or adequacy decisions issued by the European Commission.

7. AI Model Improvement

Pitstop may use anonymized and aggregated data derived from Customer Content and coaching outputs to improve the performance and reliability of its AI systems. Such data is processed in a form that does not reasonably identify you, your organization, or individual call participants.

Paid customers may opt out of AI model improvement processing at any time by submitting a written request to support@takeapitstop.com. Valid opt-out requests will be actioned within 30 days. Opt-out applies to data processed after the request takes effect and does not require deletion of data that has already been anonymized and aggregated.

8. Data Retention

We retain personal data for as long as necessary to provide the Services and fulfill the purposes described in this Policy, unless a longer retention period is required by law.

Specifically:

  • Account and contact data is retained for the duration of your subscription and for a period of up to 12 months following account closure, after which it is deleted or anonymized.
  • Call recordings, transcripts, and coaching data are retained in accordance with your account configuration and organizational policies. Customers may request deletion of specific content at any time.
  • Usage and platform data is retained for up to 24 months for security and service improvement purposes.
  • Financial and billing records are retained for the period required under applicable tax and accounting law.

9. Your Rights

Under the GDPR, you have the following rights in relation to your personal data:

  • Right of Access: To request a copy of the personal data we hold about you.
  • Right to Rectification: To request correction of inaccurate or incomplete data.
  • Right to Erasure: To request deletion of your personal data, subject to our legal obligations and legitimate interests.
  • Right to Restriction: To request that we restrict processing of your data in certain circumstances.
  • Right to Data Portability: To receive your data in a structured, commonly used, machine-readable format.
  • Right to Object: To object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on consent, to withdraw that consent at any time.

To exercise any of these rights, please contact us at support@takeapitstop.com. We will respond within one month of receipt. Where requests are complex or numerous, we may extend this period by a further two months with notice.

You also have the right to lodge a complaint with the Irish Data Protection Commission (www.dataprotection.ie) or any other competent supervisory authority.

10. Organizational Accounts and Employee Data

Where your employer or organization is the account holder, they may access individual performance data, coaching outputs, execution scores, and call recordings through the platform, subject to account configuration. If you have questions about how your employer processes your data through the Services, you should refer to your employer's own privacy policies and internal data handling practices.

Pitstop processes data on behalf of organizational customers in a data processor capacity for certain activities. Enterprise and Custom tier customers may request a Data Processing Agreement (DPA) by contacting support@takeapitstop.com.

11. Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, disclosure, or destruction. These include encryption of data in transit and at rest, access controls, and regular security assessments.

No system is entirely secure. If you become aware of any security vulnerability or incident involving the Services, please notify us immediately at support@takeapitstop.com.

12. Cookies and Tracking

We use cookies and similar tracking technologies on our website and platform to support authentication, remember preferences, and understand how the Services are used. You can manage cookie preferences through your browser settings. Certain cookies are necessary for the Services to function and cannot be disabled.

13. Changes to This Policy

We may update this Policy from time to time to reflect changes to our practices or applicable law. We will notify you of material changes by posting an updated Policy with a revised date and, where appropriate, by direct notification. Continued use of the Services after changes take effect constitutes acceptance of the updated Policy.

14. Contact

For questions, requests, or concerns regarding this Policy or our data practices, please contact:

PitstopHealth Limited

77 Sydney Parade Avenue, Dublin 4, D04 K0N0, Ireland

Email: support@takeapitstop.com