Back to Home

Data Protection & Compliance

Last updated: 5/26/2026

1. Our Approach to Data

Anansio operates strictly on publicly available data (Open Source Intelligence or OSINT). We aggregate, clean, and enrich information that businesses and individuals have explicitly made public on the open web. We do not hack, breach, or access private databases.

2. GDPR & CCPA Compliance

We respect the rigorous data privacy standards set forth by the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

  • Lawful Basis: We process data based on legitimate interest for business-to-business (B2B) prospecting and market intelligence.
  • Right to be Forgotten: Any individual can request the removal of their profile from our index at any time.
  • Data Minimization: We only store professional contact information relevant for business purposes.

3. Data Security Measures

We implement industry-standard security protocols to protect our datasets, including encryption in transit (SSL/TLS) and at rest, regular security audits, and strict access controls within our engineering team.

4. Google User Data Protections

For users who connect Gmail for outreach sending, Anansio stores only the Google user data necessary to maintain that connection and send authorized messages. This includes the connected Gmail address, encrypted OAuth tokens, and limited operational metadata such as connection status and daily send quota usage.

  • Gmail OAuth tokens are encrypted before storage.
  • Google user data is transmitted over TLS/HTTPS.
  • Access is limited to authorized systems and personnel.
  • Anansio uses the minimum required Google scopes, including gmail.send and userinfo.email.
  • Anansio does not use connected Gmail data for advertising, data sale, or unrelated analytics.

5. Retention and Deletion Controls

Google user data is retained only while the Gmail integration is active and needed for service operation. If a user disconnects Gmail or deletes their account, Anansio removes the stored Gmail OAuth configuration from active systems, subject only to limited temporary retention in backups or where required by law.

6. Data Sourcing Ethics

Our crawlers respect robots.txt protocols and perform crawling at polite rates to avoid disrupting the services of the websites we index. We explicitly exclude sources known for distributing private or sensitive personal information without consent.

Questions or Removal Requests?

If you wish to exercise your data rights or have concerns about your information, please contact our Data Protection Officer immediately.

Contact Privacy Team