What is data enrichment service?

Our data enrichment service provides professional email lookup for business emails and LinkedIn data extraction. Through data enrichment, you get detailed information from email addresses and comprehensive profile information. Our service specializes in data enrichment, email lookup, and LinkedIn profile data extraction.

What are the benefits of data enrichment service?

Data enrichment helps sales teams, recruiters, and marketers get comprehensive information through email lookup and LinkedIn data extraction. Benefits include: enhanced lead qualification, improved personalization for outreach, better prospect research, increased conversion rates, streamlined customer verification, and more effective networking. Perfect for B2B data enrichment and professional relationship building.

Can I try the data enrichment service for free?

Absolutely! Our free trial includes 20 data enrichment searches with full access to all features including email lookup, LinkedIn URL data extraction, and comprehensive data enrichment. No credit card required to start enriching your data.

Is Linkepy GDPR and CCPA compliant?

Linkepy is 100% GDPR and CCPA compliant. Unlike most solutions on the market, we do not use databases (neither purchased nor built up from our clients). We have developed our own search algorithms. This allows us to be systematically up to date in the information we deliver in real-time.

Linkepy Privacy Policy

Last updated: 21.09.2025

This Privacy Policy explains how Linkepy ("Linkepy", "we", "us", or "our") collects, uses, shares, and protects personal data in connection with our website https://www.linkepy.com/ (the "Site") and our data‑operations and enrichment services (the "Services"). This policy is designed for B2B use cases and reflects GDPR (EU/EEA) and KVKK (Türkiye) requirements.

1. Who we are (Controller details)

The Site and Services are published by Linkepy (entity under incorporation).

Jurisdiction: Republic of Türkiye (Istanbul)
Company status: Entity under incorporation (details to be announced upon registration)
Correspondence address (postal): To be announced (use a correspondence/virtual office address capable of receiving legal notices)
Contact (general/legal): [email protected]
Security & privacy contact: [email protected] / [email protected]

Merchant of Record (payments): For some transactions, Paddle (or another authorized reseller) may act as Merchant of Record (MoR). When Paddle is MoR, Paddle is the controller for payment data used to process your purchase and will issue the tax invoice/receipt; Linkepy remains the controller for account and Services data.

EU/UK Representatives (if applicable): If Article 27 GDPR representation is required, we will publish our EU/UK representative details here.

2. Scope

This Policy applies to:

Visitors to our Site (e.g., browsing, forms, chat, newsletter sign‑ups)
Business users who register for and use our Services (dashboard, API, integrations)
Prospective customers and partners we contact in a B2B context

This Policy does not apply to third‑party websites or services that may be linked from the Site. Those are governed by their own policies.

3. What data we collect

3.1 Data you provide directly

Account & profile: name, business email, password (hashed), company, role, phone (optional), country, preferred language.
Billing: billing contact, VAT/TAX ID, billing address; when Paddle is MoR, payment card/SEPA details are handled by Paddle and its PCI‑compliant processors.
Support & communications: content of emails, tickets, chat, or calls; feedback and surveys; marketing preferences.
Uploads & enrichment jobs: files you upload for enrichment; column headers; field mappings; job names; webhooks.

3.2 Data we collect automatically

Usage & diagnostics: device/browser type, OS, referrer, pages viewed, actions within the dashboard, API usage metrics, timestamps, language.
Log data: IP address, request/response metadata, error logs, security and audit logs.
Cookies and similar technologies: as described in our Cookie Policy [link].

3.3 Data obtained from third parties

Integrations you authorize: data pulled/pushed from CRMs or tools (e.g., Salesforce, HubSpot, Pipedrive) per your configuration.
Public/OSINT sources: in certain enrichment flows and where legally permitted, we use public or licensed business data sources.

Special categories of data (e.g., health, biometric, religious beliefs), children's data, and payment card PANs must not be submitted to the Services. Do not upload or request processing of such data.

4. Purposes and legal bases

We process personal data for the purposes and under the legal bases listed below (GDPR Art. 6; KVKK Art. 5/6):

Purpose	Examples	Legal basis
Provide and operate the Services	account setup, authentication, API and dashboard delivery, job execution, CRM integrations	Contract necessity (GDPR 6(1)(b)); KVKK 5(2)(c)
Customer support & communications	resolve issues, respond to requests, service notices	Contract necessity; Legitimate interests
Billing & tax compliance	invoicing, charge/reconcile payments, tax records	Legal obligation; Contract necessity
Service improvement & security	analytics, troubleshooting, auditing, fraud prevention, rate limiting	Legitimate interests; Legal obligation where applicable
Marketing (B2B)	newsletters, product updates, webinars, case studies	Consent where required; Legitimate interests for B2B direct marketing subject to e‑privacy rules
Legal claims & compliance	responding to lawful requests, enforcing terms	Legal obligation; Legitimate interests

Where consent is our legal basis, you can withdraw it at any time (see Your rights below). Where legitimate interests are relied upon, we balance our interests against your rights and expectations.

5. Retention

We retain personal data only as long as necessary for the purposes described or to meet legal, accounting, or reporting requirements. Typical retention periods:

Account data: for the life of the account and up to 5 years after closure (contract/claims limitation).
Logs & security events: 90–180 days (operational/security), unless extended for investigations.
Billing & tax records: 5–10 years (as required by applicable law).
Marketing records: until you unsubscribe or object, and no longer than 3 years from last interaction.
File‑upload enrichments: stored transiently to complete processing and provide results; default retention ≤30 days unless you delete earlier or configure otherwise.

When retention expires, we delete or irreversibly anonymize data.

6. Sharing and disclosures

We share personal data with:

Service providers / sub‑processors that help deliver the Services (hosting, compute, storage, logging, email, analytics, support, payments). A current list is maintained at https://www.linkepy.com/subprocessors.
Payment providers / MoR: When Paddle is MoR, Paddle handles payment processing and tax invoicing. For questions about charges or VAT, please use the contact details on your receipt.
Professional advisors and auditors under confidentiality.
Authorities when required by law or to protect rights, safety, and security.

We do not sell personal data. We do not permit our providers to use personal data for their own marketing.

7. International transfers

We may transfer personal data outside your jurisdiction, including to the EU/EEA, Türkiye, the United States, and other countries where we or our providers operate. We use appropriate safeguards, such as:

Standard Contractual Clauses (SCCs) for GDPR;
UK International Data Transfer Addendum where applicable;
Additional technical and organizational measures consistent with Schrems II guidance (e.g., encryption in transit/at rest, access controls).

Details are provided in our DPA.

8. Security

We implement administrative, technical, and physical safeguards to protect personal data, including access controls, encryption in transit/at rest where applicable, network segmentation, vulnerability management, logging/monitoring, and employee training. No method of transmission or storage is 100% secure; if we identify a breach affecting your data, we will notify you without undue delay in accordance with applicable law.

Security overview: https://www.linkepy.com/security

9. Your rights (GDPR & KVKK)

Subject to legal limits, you may exercise the following rights:

Access – obtain a copy of your personal data.
Rectification – correct incomplete or inaccurate data.
Erasure – request deletion in specific circumstances.
Restriction – request limits on processing in specific cases.
Portability – receive data in a structured, machine‑readable format and transmit it to another controller where technically feasible (when processing is based on consent or contract and carried out by automated means).
Objection – object to processing based on legitimate interests and to direct marketing at any time.
Withdraw consent – where processing is based on consent.

How to exercise your rights

Contact us at [email protected] (or via your dashboard). We may need to verify your identity. We will respond within the timelines required by GDPR/KVKK.

Complaints

EU/EEA: you may lodge a complaint with your local data protection authority.
Türkiye: you may apply to us first under KVKK Art. 13; if unsatisfied, you may apply to the Personal Data Protection Authority (KVKK).

10. Cookies & similar technologies

We use cookies, pixels, and local storage for essential functionality, preferences, analytics, and (where permitted) B2B marketing. Details and controls are provided in our Cookie Policy [link]. You can manage cookies via the banner and your browser settings. Some features may not function without essential cookies.

11. Marketing communications

We may send B2B product updates, newsletters, or event invites. You can unsubscribe at any time via the link in our emails or by contacting [email protected]. Transactional/service emails are not marketing and you may still receive them.

We may measure basic email engagement (open/click, bounce) to understand deliverability and interest, in compliance with applicable law and your preferences.

12. Testimonials and case studies

With your prior consent, we may publish your name, role, company, logo, and testimonial on our Site. To request removal, email [email protected].

13. Data imported by customers (Processor role)

For data you import to the Services (e.g., contact files, CRM sync), you are the Controller and Linkepy acts as Processor. You are responsible for (i) having a valid legal basis, (ii) providing notices and obtaining consents as required, and (iii) honoring data‑subject requests. Our DPA (https://www.linkepy.com/dpa) governs such processing. On verified request, we will assist you with data‑subject requests and delete or return data at end of contract.

Opt‑out / Exclusion list. If an individual asks not to be processed by our enrichment Services, we can apply an exclusion to prevent future lookups involving that data in our platform. Requests: [email protected].

14. Children

Our Services are not directed to children and are intended for professional (B2B) use only. Do not submit information about children.

15. Changes to this Policy

We may update this Policy from time to time. If changes are material, we will provide notice (e.g., via the dashboard, Site banner, or email) and indicate the effective date. Your continued use of the Services after the effective date means you accept the updated Policy.

16. Contact

Questions about this Policy or our privacy practices:

Email: [email protected] (preferred)
Postal: To be announced (Istanbul, Türkiye)

If Paddle is MoR for your purchase, please consult the instructions on your Paddle receipt for payment‑related privacy inquiries.

Annexes & References

Data Processing Agreement (DPA) – https://www.linkepy.com/dpa
Security Overview – https://www.linkepy.com/security
Sub‑processors – https://www.linkepy.com/subprocessors
Cookie Policy – https://www.linkepy.com/cookies

Before publishing: Replace placeholders (dates, addresses, representatives), confirm retention periods with legal counsel, and ensure your Cookie banner and consent flows match this Policy.