NinjaPipe (“NinjaPipe”, “we”, “our”, or “us”), headquartered in Melbourne, Australia, provides customer relationship management solutions through our web platform (ninjapipe.app), website (ninjapipe.com), mobile applications for iOS and Android, and connected APIs and integrations. This Privacy Policy explains how we collect, use, share, and protect personal data when you use our services.
By accessing or using NinjaPipe, you agree to this Privacy Policy. If you do not agree, you should not use our services. This policy should be read together with our Terms.
Scope
This policy applies to users of NinjaPipe worldwide, including visitors to our website, registered users of our web or mobile apps, and customers integrating or connecting our services with third-party applications.
Data we collect
Depending on how you use NinjaPipe, we may collect:
- Account information. Name, email, and credentials used to create and sign in to your account (for example, password or single-sign-on details provided by you or an identity provider).
- Customer Data you add to NinjaPipe. Business records you or your team enter, import, or sync—such as contacts, companies, deals, notes, tasks, files, emails, form submissions, booking data, invoices, documents, and similar CRM or operational content.
- Usage and device data. For example, IP address, browser and device type, general location derived from IP, pages or features used, in-product events, and logs. We also use diagnostics, error reporting, and (for mobile apps) crash or performance data to keep the product reliable.
- Billing data. Subscription status, plan, invoices, and payment-related metadata. Payment card information is collected and processed by our payment providers (Stripe, PayPal); we do not store full card numbers on our own systems.
We may also receive information from connected integrations when you choose to connect third-party services (for example, email, calendar, messaging, or automation tools), as described in the integrations you enable.
For Google Workspace connections, see also our Google API Services User Data Policy disclosure (Limited Use).
How we use data
We use personal data to:
- Provide, operate, secure, and improve NinjaPipe
- Manage user accounts, workspaces, and permissions
- Sync and integrate with tools you connect
- Send product, support, billing, and security-related communications
- Monitor for fraud, abuse, and security incidents; troubleshoot and protect the service
- Meet legal, regulatory, and tax obligations
Where we rely on optional cookies or similar technologies, we will explain choices in our cookie section below.
Legal bases for processing (EEA/UK and similar laws)
Where the GDPR or comparable laws apply, we process personal data on the following bases:
- Contract — to provide NinjaPipe, set up and administer your account, and deliver the features you subscribe to
- Legitimate interests — for example, to keep the service secure, improve the product, understand aggregate usage, prevent fraud, provide support, and operate our business, balanced against your rights
- Consent — where required for marketing communications or certain optional integrations or non-essential tools
- Legal obligation — for tax, accounting, responding to lawful requests, and other compliance requirements
Third-party processors and service providers
NinjaPipe uses trusted third-party providers to host, process, secure, support, and improve the service. Examples include (without limitation) Supabase for database and related backend infrastructure, Vercel for application hosting, Stripe and PayPal for payments, SendGrid for email delivery, and vendors for analytics, monitoring, logging, support ticketing, and error tracking, where we use them.
We only share personal data with service providers where necessary to provide, secure, improve, or support NinjaPipe. We require appropriate contractual and security commitments from these providers. When you connect an integration, data may also be processed by that third party according to their terms and your settings.
Data sharing and disclosure
We do not sell personal data. We may share it only in situations such as:
- With subprocessors and service providers as described above
- With professional advisers, regulators, or law enforcement when required or permitted by law
- In connection with a merger, acquisition, or sale of assets, where personal data may be transferred as part of the transaction subject to this policy or notice to you
International data transfers
Your data may be processed in countries other than your own. Where required, we use appropriate safeguards such as data processing agreements, standard contractual clauses, or equivalent protections.
Customer Data and NinjaPipe account data
For content and records you store in the CRM (Customer Data), you and your organization generally decide what is entered and how it is used. NinjaPipe processes that Customer Data to run the product, carry out your instructions, and as described in this policy. For account and billing data we hold about you as an individual, we act as a controller in the usual sense for a SaaS provider; for your workspace’s business records, your organization may be the controller and NinjaPipe the processor, depending on your agreement and applicable law. If you need a formal data processing agreement, see our Terms and contact us.
If you add personal data about other people (for example, your customers or leads), you are responsible for having a valid legal basis to do so.
Data retention
We keep personal data only as long as needed to provide NinjaPipe, comply with legal obligations, resolve disputes, enforce agreements, and maintain security. You can request deletion of your account or help with workspace data by contacting us. Some information may remain in backups for a limited period or where we must keep it for legal or security reasons.
Security
We use reasonable technical and organizational safeguards to protect personal data, including access controls, encryption where appropriate, monitoring, and secure infrastructure from reputable providers. No method of storage or transmission is perfect; you should also protect your account credentials and use strong authentication where offered.
Your rights
Depending on where you live, you may have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion of personal data
- Export or receive a copy of your data (portability, where applicable)
- Object to or restrict certain processing
- Withdraw consent where processing is based on consent
- Lodge a complaint with a data protection authority
To request this, contact us at support@ninjapipe.com. We will respond in line with applicable law.
Cookies and similar technologies
We use cookies and similar technologies for core functions, security, preferences, and usage measurement. You can control cookies in your browser or through consent tools we provide where available.
Mobile applications
If you use our iOS or Android apps, we may collect device and app analytics (for example, crash or performance data) to improve stability. The apps may request permissions such as notifications, contacts, or storage only with your consent where required.
Third-party links and services
Our product may link to or integrate with services we do not control. Their privacy practices are governed by their own policies. Please review them when you connect a new tool.
Children’s privacy
NinjaPipe is not directed at individuals under 16. We do not knowingly collect personal data from children. If you believe we have, contact us and we will take appropriate steps.
Changes to this policy
We may update this policy from time to time. The “Last updated” date at the top will change when we do. We may also notify you by email or in the product for material changes.
Contact
NinjaPipe
- Email: support@ninjapipe.com
- Address: Melbourne, Australia
- Website: ninjapipe.com
- Last updated: April 26, 2026
For EU/EEA/UK users, you may also contact your local data protection authority with questions or complaints.