Privacy & GDPR

Pact is designed from the ground up as a consent-native platform. Consent is not a checkbox — it is a first-class entity that governs every outbound action.

Every contact has a consent_status field with one of three values:

Status	Meaning	Outbound behavior
`confirmed`	Explicit opt-in collected	Can receive sequences and campaigns
`pending`	Consent not yet collected	Blocked from marketing; use re-engagement only
`declined`	Opted out	All outbound permanently suppressed

When a contact unsubscribes from any sequence or campaign, their status is set to declined immediately. No manual intervention required. The suppression applies across all sequences — you cannot accidentally re-enroll a declined contact.

Every change to a contact's consent status is logged with:

Timestamp
New status
Source (manual change, sequence unsubscribe, API update, import)
Acting user or system

The full consent history for any contact is visible on their detail page under Consent → History.

Data subject rights

Right to access

To export all data Pact holds on a contact, go to the contact detail page and click Export data. This generates a JSON file containing all CRM fields, activity history, consent history, and sequence membership.

For bulk exports covering all contacts (e.g., responding to a regulatory request), use the API:

bash

GET /v1/contacts/export?format=json

Right to erasure

To delete a contact and all associated data, go to the contact detail page and click Delete contact → Permanently delete. This removes:

All CRM fields
Activity history
Consent history
Sequence membership and step history

Anonymized aggregate metrics (e.g., sequence open rates) are retained for reporting — they contain no personally identifiable information.

For bulk erasure, use DELETE /v1/contacts/{public_id}.

Right to rectification

Update any contact field directly from the contact detail page or via PATCH /v1/contacts/{public_id}.

Your tenant's default consent policy determines the consent status applied to contacts imported without an explicit consent_status column. Configure it in Settings → Privacy → Default consent policy.

We recommend setting the default to pending unless you have a specific legal basis (e.g., legitimate interest) documented for treating new imports as confirmed.

Unsubscribe handling

Every sequence email generated by Pact includes a one-click unsubscribe link in the footer. Clicking it:

Sets the contact's consent_status to declined.
Removes the contact from all active sequences.
Logs the event in the consent audit trail.

The unsubscribe link uses a signed token — it cannot be forged to unsubscribe contacts without their action.

You can also add an unsubscribe link manually in any sequence step using {{unsubscribe_url}}.

Data processing agreement

If you process the personal data of EU residents, you need a Data Processing Agreement (DPA) with Pact as your data processor. Download and sign the DPA from Settings → Privacy → Data Processing Agreement. The DPA is available without a sales call for all plan tiers.

Data residency

Cloud-hosted Pact stores data in Azure's West Europe region by default. Azure Geo-Redundant Storage (GRS) replicates backups within the EU (Netherlands and Germany). No data is replicated outside the EU under the default configuration.

Enterprise customers can request a dedicated single-region deployment for stricter residency requirements.

Sub-processors

Pact uses a limited set of sub-processors:

Sub-processor	Purpose	Region
Microsoft Azure	Compute, storage, networking	EU West
Resend	Transactional email delivery	EU
Anthropic / OpenAI	AI drafting (optional)	US (data not retained beyond the request)

The current sub-processor list is published at app.pact.place/legal/sub-processors and updated 30 days before any addition.

Pact uses only functional cookies required for session management. No third-party tracking or advertising cookies are set. Cookie details are available at app.pact.place/legal/cookies.