Herald Privacy Policy

Effective Date: May 27, 2026
Company: Comcage LLC, DBA Oodle
Service: Herald

1. Overview

This Privacy Policy explains what information Comcage LLC, DBA Oodle collects, why we collect it, how we use it, when we access or share it, and the choices available to users of Herald and related websites, applications, features, and services (the “Service”).

Our guiding principle is to collect only what we need to provide, secure, support, and improve the Service.

This Privacy Policy applies to site visitors, prospective customers, customers, and authorized users of Herald. It does not apply to third-party services or websites we do not control.

Where Herald is used by an organization, that organization may control certain Customer Content and account data. Users should contact that organization for requests relating to organization-controlled data.

2. What We Collect and Why

Identity and Access Information

We may collect information such as name, email address, organization, role, login credentials, preferences, account settings, and records showing that a user or account was created through signup or account creation. We use this information to create and manage accounts, authenticate users, provide the Service, send important account notices, support account security, administer agreements, and document account status.

Billing and Plan Information

If a customer uses a paid version of the Service, we may collect billing, plan, subscription, usage allowance, overage, and payment-related information to administer subscriptions, process renewals, collect amounts owed, calculate taxes, send invoices, detect fraudulent transactions, and maintain tax and accounting records.

Payment card information may be submitted directly to a third-party payment processor and may not be stored on our servers. Payment processors handle payment card processing and related billing functions under their own terms and privacy policies.

Customer Content

We store content and data submitted to or generated through the Service so customers can use Herald as intended. Customer Content may include prompts, messages, drafts, outputs, contact lists, campaign content, files, metadata, and related business information.

Customers are responsible for ensuring they have the rights and permissions needed to provide Customer Content and recipient data to Herald and to use that information through the Service.

Usage, Device, Analytics, and Cookies

We may collect information about how users access and use the Service, such as log data, IP address, device and browser information, pages or features used, timestamps, referring URLs, diagnostic data, cookies, pixels, local storage, and similar technologies.

This may include usage metrics, plan-limit and billing-plan usage, AI feature usage, delivery and deliverability metrics, bounce, complaint, unsubscribe, and suppression events, abuse signals, rate-limit events, and operational metadata.

We use this information to operate the Service, troubleshoot problems, understand product usage, administer plan limits and usage-based charges, prevent abuse, improve performance, measure marketing, protect deliverability, and protect the security of the Service. Users may be able to control cookies through browser settings or other tools. Disabling certain cookies may affect Service functionality.

Acceptance Records

When a user creates an account, signs up, or accepts or acknowledges Terms, a Privacy Policy, an order, offer terms, or another Service-related agreement, we may collect and retain acceptance records. These records may include the acceptance or acknowledgement date and time, user and account identifiers, policy or document version, IP address, device information, and related log metadata where collected.

We use acceptance records for compliance, account administration, documenting assent, resolving disputes, enforcing agreements, maintaining audit records, and complying with legal or business recordkeeping needs.

Communications and Support

If users contact us, request support, respond to surveys, or otherwise communicate with us, we may collect the information provided in those communications. We use this information to respond, provide support, maintain support history, improve the Service, and communicate about the Service.

AI-Assisted Features

The Service may include AI-assisted features that process Customer Content and other information to draft, summarize, classify, recommend, or generate content. We use information submitted to AI-assisted features to provide the requested functionality, maintain and secure the Service, troubleshoot issues, administer usage limits or disclosed AI-usage charges, and improve user experience.

Customer inputs, prompts, files, metadata, and outputs may be processed by our service providers and AI vendors as needed to provide AI-assisted functionality, subject to their applicable terms, privacy policies, and data-processing commitments.

We do not use Customer Content to train general-purpose AI models unless disclosed to or authorized by the customer, or where content has been de-identified, aggregated, or otherwise processed so it no longer identifies the customer or an individual.

AI-assisted outputs may be inaccurate or incomplete, and users are responsible for reviewing outputs before relying on them or sharing them.

3. How We Use Information

We may use information to:

• Provide, operate, maintain, secure, and improve the Service.
• Create and manage accounts.
• Authenticate users and protect account security.
• Process transactions and administer subscriptions, plan limits, and disclosed usage-based charges.
• Provide support and respond to requests.
• Personalize and improve user experience.
• Monitor performance, debug issues, and prevent abuse.
• Measure usage, AI usage, deliverability, bounce, complaint, unsubscribe, and abuse signals.
• Protect deliverability, investigate misuse, enforce terms and policies, and manage platform risk.
• Comply with legal obligations.
• Send administrative, transactional, security, billing, service-related, and permitted marketing communications.

Users may opt out of marketing communications, but may still receive non-marketing messages related to their account or use of the Service.

4. When We Access Customer Content

No Comcage LLC, DBA Oodle human looks at Customer Content except in limited circumstances:

• To help with support requests, where we will ask for permission before accessing account content when practical.
• To fix errors or automated processing problems when we cannot resolve the issue without looking at the minimum amount of relevant data.
• To safeguard the Service, investigate abuse, protect deliverability, or address security issues.
• To comply with applicable law, legal process, or valid government requests.

We aim to access the minimum amount of information needed for the purpose.

5. When We Share Information

We may share information with:

• Service providers and subprocessors that help us operate, host, secure, support, analyze, bill for, and improve the Service.
• Email delivery, infrastructure, analytics, AI, payment, support, abuse-prevention, and other vendors used to provide the Service.
• Third-party integrations enabled or configured by the customer or user.
• Professional advisors, such as lawyers, auditors, or accountants.
• Authorities or other parties when required by law or to protect rights, safety, and security.
• Parties involved in a business transaction, such as a merger, acquisition, financing, or sale of assets.

We do not sell personal information in the ordinary meaning of “sell.” We may make additional disclosures where required by applicable privacy laws.

6. Data Retention and Deletion

We retain information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, and for other legitimate business purposes.

If an account is canceled or terminated, Customer Content may become inaccessible immediately. Within 30 days, Customer Content will be permanently deleted from active systems. Within 60 days, Customer Content will be permanently deleted from backups. We cannot recover Customer Content after it has been permanently deleted.

We may retain limited account, billing, tax, security, legal, acceptance, abuse-prevention, suppression-list, deliverability, usage-limit, and transaction records for longer where needed for legitimate business, legal, compliance, fraud-prevention, or deliverability purposes.

7. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, or alteration. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. Location of Data and International Transfers

Information may be processed in the United States and other countries where we or our service providers operate. Those countries may have data protection laws that differ from the laws where users live. Where required, we will use appropriate safeguards for international transfers of personal information.

9. Privacy Rights and Choices

Depending on location, users may have rights to access, correct, delete, export, restrict, or object to certain processing of personal information. Users may also have choices about marketing communications, cookies, and account settings.

Privacy requirements and available rights may vary by location, and users may contact Herald to review, update, correct, delete, or otherwise make privacy-related requests about their information as applicable. Requests may be sent to [email protected]. We may need to verify requests before responding. We will respond to privacy requests as required by applicable law.

10. Children’s Privacy

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice as required by law or as reasonably appropriate. Continued use of the Service after an updated Privacy Policy becomes effective means the updated policy applies to information handled after that date.

12. Contact

Questions about this Privacy Policy may be sent to:

Comcage LLC, DBA Oodle
2345 Ashland Ave
Cincinnati, OH 45206
[email protected]