Bohsung & Kellner GbR, Pistoriusstrasse 118A, 13086 Berlin, Germany. Email: shervin@pipescaler.com. Please use this contact for privacy-related inquiries.
This privacy policy applies to the Pipescaler website, the Pipescaler web application, and managed outbound pilot services provided under the Pipescaler name, including onboarding, campaign execution, reporting, and the registration and login areas where applicable.
Where we provide a managed outbound pilot, we may source and enrich business contact data, prepare campaign materials, configure outreach domains or mailboxes, manage warm-up and sending workflows, and route or summarize prospect replies for the customer. Depending on the service component and data category, we may act either as processor on behalf of the customer or as an independent controller for our own legal, security, billing, fraud-prevention, and service administration purposes.
If we process personal data on the customer's behalf, the applicable DPA and the customer contract govern that processing. Customers remain responsible for the lawfulness of their outreach strategy, customer-provided materials, approved claims, and any suppression or opt-out instructions they provide to us.
We use strictly necessary cookies and, with your consent, analytics and marketing cookies and similar technologies. You can manage your preferences in the cookie banner or cookie settings. Non-essential cookies will only be used after you consent. The legal basis for storing and accessing information on your device is Section 25 TDDDG (Germany). The subsequent processing is based on the GDPR.
If you consent, we use analytics tools (Google and/or Firebase Analytics) to understand how the website/app is used (e.g., page views, events, sessions). Where applicable, analytics data may be associated with a user identifier. Configuration may include IP anonymization depending on the tool and settings.
Passwords are not stored in plain text. We rely on Firebase Authentication that stores passwords in hashed form.
We use OpenAI to provide AI features such as email generation and research assistance. This can involve sending certain inputs you provide in the app (including text you enter and configuration/settings) to OpenAI for processing.
To gather information about the lead company we use the OpenAI web search tool. This tool retrieves and processes information from public web pages to answer your request. We do not store the raw scraped text of the pages we access; instead we store extracted outputs needed to provide the feature (e.g., summaries or structured information).
We configure our usage in accordance with OpenAI's enterprise and API data usage policies. OpenAI may process data for purposes such as abuse prevention and service reliability. We do not intentionally use personal data for model training.
You can optionally connect Gmail or Microsoft Outlook/Office 365 to send emails from within Pipescaler. We use OAuth 2.0 for this connection.
We do not request permissions to read your inbox for either provider.
Token handling: Access tokens are stored in your browser session storage and are cleared when you close the tab or reload the page. Tokens are not sent to our backend servers. Email sending/drafting calls are made directly from your browser to Google/Microsoft APIs.
In managed pilot engagements, we may also configure and operate outreach domains, mailboxes, DNS records, and associated delivery infrastructure on the customer's behalf or under the customer's control, as described in the applicable commercial documents. Those operational data flows are separate from the browser-based Gmail and Outlook OAuth connection described above.
What we store: We may store metadata in your account (e.g., whether an email was drafted or sent, timestamps, campaign/batch identifiers). If you choose to store recipient email addresses in Pipescaler, we store them as described above.
Revoking access: You can revoke Pipescaler's access at any time in your Google or Microsoft account security/app permissions settings.
We use service providers (processors) for hosting and infrastructure (in particular Google Cloud/Firebase), analytics (if consented), and communication features. These providers process data on our instructions where applicable (Art. 28 GDPR). Depending on your usage, categories of recipients may include IT and cloud providers, analytics providers, and communication/email providers. We may also obtain business contact data from third-party data providers and publicly available sources for the purpose of lead generation and may use providers for domains, DNS, mailbox infrastructure, deliverability support, data enrichment, and security monitoring.
Depending on the features you use, relevant third parties may include: Google (Firebase/Google Cloud and Gmail APIs), Microsoft (Graph APIs for Outlook), OpenAI, domain and DNS providers, email infrastructure providers, and lead or enrichment data providers.
Processing may involve transfers outside the EU/EEA (e.g., when using global cloud or AI providers). Where required, we rely on appropriate safeguards such as the EU Standard Contractual Clauses. Please note that some countries may not offer the same level of data protection and governmental access may be possible.
We retain account, campaign, and pilot data for the duration of your account or pilot, and thereafter only for as long as necessary for contractual handover, legal retention obligations, dispute resolution, fraud prevention, security, or backup cycles. If you delete your account or the pilot ends, we delete or anonymize personal data associated with the account or pilot without undue delay unless a longer retention period is legally required or contractually justified.
Under the GDPR you may have the right to access, rectification, deletion, restriction, data portability, and to object to processing based on legitimate interests. You may withdraw consent at any time with effect for the future. You also have the right to lodge a complaint with a supervisory authority. To exercise your rights, contact us at shervin@pipescaler.com. We generally respond within one month.
We protect data using HTTPS/TLS, access controls, and appropriate technical and organizational measures. Access is limited to what is necessary.
Providing certain data is necessary to register and use the platform. Without this data, an account or use of the service may not be possible.
If you provide personal data of third parties (e.g., recipient email addresses or lead/contact information), you are responsible for ensuring you have a valid legal basis and that the information is provided lawfully. The same applies to any claim, targeting criteria, or suppression instruction you ask us to use in connection with a managed pilot.
We do not carry out decisions based solely on automated processing that produce legal effects within the meaning of Art. 22 GDPR.
You will receive newsletters only if you have consented, and you can withdraw your consent at any time with effect for the future. Where permitted by law, existing customers may receive messages about similar products; you can object at any time.
Pipescaler may be in a beta phase. Features and data flows may change over time. We will update this policy accordingly.
We may update this privacy policy from time to time. The current version is available on this website.
Berlin, 31 March 2026