Last Updated: June 4, 2025

1. Introduction

Pink Elephant (“Company”, “we”, or “us”) is committed to protecting your privacy and complying with applicable data protection laws in all regions where we operate. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website (https://pink-elephant.co) or use our services. We value your trust and handle all personal information with care and in accordance with the highest privacy standards

2. Scope and Applicability

This Privacy Policy applies to all visitors, users, and others (“users” or “you”) who access our website or use any Pink Elephant services, across all jurisdictions in which we operate. We conduct business in Canada, the United States, the United Kingdom, the European Union/European Economic Area (EU/EEA), Thailand, Indonesia, and Australia, among others. Our data practices are designed to comply with or exceed the requirements of all applicable privacy laws, including (where applicable) the EU and UK General Data Protection Regulation (GDPR), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), Thailand’s Personal Data Protection Act (PDPA), Indonesia’s Personal Data Protection Law, and Australia’s Privacy Act 1988, as well as any other relevant national or state privacy regulations. By using our website or services, you acknowledge that your personal data will be handled as described in this Policy.

3. Personal Data We Collect

Information you provide directly: We collect personal data that you choose to provide to us, for example when you: (a) subscribe to our newsletter or mailing list; (b) apply for a job through our Careers page; or (c) apply for or participate in our Entrepreneur-in-Residence (EIR) program. This information may include:

• Contact details: Such as your name, email address, telephone number, mailing address, or other contact information you provide.

• Professional information: If you apply for a job or the EIR program, we will collect the personal data in your application, which can include your résumé/CV (containing details like education, work experience, skills, etc.), cover letter, LinkedIn profile or portfolio links, and any other information you choose to submit for recruitment or program participation purposes.

• Identification and background data: For EIR applicants or other programs, we may ask for additional details such as your business or project information, professional background, or references, as relevant to the application process.

• Communication content: If you contact us via a web form, email, or “Let’s talk” inquiry, we collect the information you provide in that correspondence (such as the content of your message and any attachments).

We collect this information directly from you when you fill out forms on our site or communicate with us.

Information collected automatically: When you visit our website, we do not use any cookies or similar tracking technologies to collect your personal information. In particular, we do NOT use cookies to track visitors to our website. We do not employ web beacons, pixel tags, or analytics scripts that profile your browsing. However, like most websites, our servers may automatically log certain technical data sent by your browser for operational and security purposes. This automatically collected data may include your device’s IP address, browser type, operating system, referring URL, and timestamps of visits. We use this technical information only to maintain and secure our website (for example, to detect fraud or attacks, and to aggregate visitor traffic counts) and not to identify or track individual users. Our analytics, if any, are configured in a privacy-focused manner that does not use cookies and only uses minimal data (e.g. using anonymized IP addresses). 

No collection of sensitive categories: We do not actively collect any sensitive personal information via the website, such as government ID numbers, financial information, or health/medical details, unless you voluntarily provide such information as part of a specific process (for example, if a job application or EIR program requires certain disclosures). We ask that you do not submit sensitive personal data unless necessary. Any sensitive data inadvertently received will be treated with heightened security and confidentiality.

Children’s data: As explained in the Children’s Privacy section below, our website and services are not intended for individuals under 18, and we do not knowingly collect personal data from children.

4. Purposes of Processing Personal Data

We only collect and process personal data for purposes that are lawful and necessary for our business or to serve you. The specific purposes for which Pink Elephant processes your personal information include:

• Providing newsletters and updates: If you subscribe to our newsletter or mailing lists, we use your email address (and name, if provided) to send you our newsletter, industry updates, event invitations, and relevant marketing communications. This is done with your consent, and you can opt out at any time (see User Rights below). We will only send you marketing emails if you have requested or expressly agreed to receive them, and you may unsubscribe easily via the link in each email or by contacting us.

• Processing job applications: When you apply for a position with Pink Elephant, we process the personal data you provide (e.g. name, contact details, CV, cover letter, qualifications) to evaluate your candidacy, contact you for interviews, and make hiring decisions. Your application data is used strictly for recruitment and hiring purposes. We treat your job application information with strict confidentiality and do not share your resumé or contact details outside of Pink Elephant. If your application is unsuccessful, we may retain your application and CV for a limited period (see Data Retention below) in case of future opportunities, unless you request otherwise.

• Entrepreneur-in-Residence (EIR) program: If you apply for or participate in our EIR program (or similar founder programs), we process your provided data (such as your contact information, background, business idea/proposal, and any documents like your CV or pitch deck) to assess your application, communicate with you about the program, facilitate your participation if selected, and manage the program’s operations. This may include using your information to pair you with mentors, track your progress, and provide resources or support as part of the EIR program.

• Providing services to founders & companies: For founders, partners, or companies that engage with us (for example, through incubation, partnerships, or consulting services), we will use the personal and business information you provide to carry out our obligations in those relationships. This includes communicating with you, delivering any agreed services or advice, and facilitating events or initiatives for the partnership.

• Responding to inquiries and providing support: If you contact us via the “Let’s talk” form, by email, or other means with questions, feedback, or requests, we will use your contact details and message to respond to you and resolve any issues. We process this information to provide customer service and support, answer your questions about our mission or services, and address any concerns you may raise.

• Business administration and operations: We may process personal data as needed to administer our internal operations and ensure the functionality of our website and services. This includes using data to maintain the security and integrity of our website (e.g. monitoring for suspicious activity), to perform troubleshooting or debugging, to conduct data analytics in-house (without cookies or profiling) in order to improve our website’s design and user experience, and to manage our IT and network infrastructure.

• Legal compliance and protection: We process personal information when necessary to comply with legal obligations to which we are subject. For example, we may retain certain records to satisfy accounting or tax requirements or use personal data to fulfill compliance obligations (such as know-your-client or anti-fraud laws) where applicable. Additionally, we may process personal data as needed to establish, exercise, or defend our legal rights. This includes using and possibly disclosing information in connection with legal claims, audits, governmental or regulatory investigations, or as otherwise required by law or court order.

• Other purposes with consent: If we ever need to process your personal data for a purpose materially different from the above, we will only do so with your consent or as otherwise permitted by law. We will provide you with information at that time about any additional processing. We do not engage in any automated decision-making or profiling that produces legal or similarly significant effects on individuals.

We will only process your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another related purpose that is compatible with the original purpose and permitted by law. If we need to use your personal data for an unrelated purpose, we will notify you and obtain your consent or ensure we have another lawful basis, unless otherwise required or allowed by law.

5. Legal Bases for Processing

We process your personal data only when we have a valid legal basis to do so under applicable data protection laws. Depending on the context of the interaction and your jurisdiction, the legal bases we rely on include:

• Consent: In many cases, we process personal data based on your consent. For instance, we will obtain your consent before sending you marketing emails or newsletters, and you provide consent when you submit information to us (e.g. filling out a form or applying to a program). Where we rely on consent, it will be explicit and freely given for the specific purpose. You have the right to withdraw your consent at any time (see User Rights below), and we will then stop the processing that was based on consent. Withdrawal of consent will not affect the lawfulness of processing already carried out.

• Contractual necessity: We process personal data when it is necessary to enter into or perform a contract with you. This includes processing your information to consider you for employment (steps taken at your request prior to entering an employment contract), to enroll or manage you in the EIR program (which may be subject to terms and conditions you agree to), or to deliver any services you have requested. In other words, when you apply for a job or program, or engage us for services, we must use your data to carry out that agreement or to take steps at your request before entering into an agreement.

• Legal obligation: We will process personal data when it is necessary for compliance with a legal obligation to which Pink Elephant is subject. This can include retaining records to satisfy laws (tax, accounting, employment laws, etc.), responding to lawful requests by public authorities, or providing information as legally required.

• Legitimate interests: We may process personal data as necessary for our legitimate interests, provided those interests are not overridden by your data-protection rights and freedoms. Our legitimate interests include, for example, operating and improving our website and services, securing our IT systems, preventing fraud, protecting our business and users, and communicating with interested parties about our initiatives. We rely on this basis only for non-intrusive data processing that you would reasonably expect, and after weighing the impact on your privacy. We will always consider your rights and objections when relying on legitimate interests.

If you have questions about the specific legal basis applicable to any particular processing of your personal data, please contact us (see Contact Information below) and we will provide additional clarification. 

6. Data Sharing and Disclosure to Third Parties

We do not sell your personal information to third parties. However, in the course of running our business and providing our services, we may share your personal data with trusted third parties in certain situations, as detailed below. Whenever we disclose personal data, we do so in accordance with the principles of this Privacy Policy and applicable law, and we take steps to ensure any third-party recipients protect your data with appropriate security and confidentiality.

Service providers: We may share your personal data with third-party companies and individuals who perform functions on our behalf and under our instructions (collectively, “service providers”). These service providers assist us in operating our website, conducting our business, and delivering services to you. Examples include hosting or cloud storage providers, email distribution services (for sending newsletters or notifications), customer relationship management (CRM) software providers, analytics or IT security services, application tracking systems (for handling job applications), and similar support services. We provide service providers only the minimum information necessary for them to perform their specific tasks on our behalf. Each service provider is contractually obligated to process personal data only for the purposes we specify and to implement adequate security measures to protect your information. We require that our service providers do not use your personal data for their own purposes and do not disclose it to others. Where required by applicable law, we have entered into Data Processing Agreements (including Standard Contractual Clauses where relevant for international transfers) with our service providers to safeguard your privacy.

Affiliates and related companies: Pink Elephant operates as a global organization, and we may share personal data with our affiliated entities, subsidiaries, or branch offices in the countries where we operate (Canada, USA, UK, EU, Thailand, Indonesia, Australia). Such sharing will occur only on a need-to-know basis and for consistent purposes, for example, if internal personnel in another region are involved in evaluating an EIR application or if we refer your inquiry to a local team. All Pink Elephant affiliates are bound to uphold the privacy protections of this Policy. Where our affiliates act as service providers or data processors for us, they will handle personal data only as instructed and with appropriate care. In cases where an affiliate is a separate data controller (such as a local subsidiary handling regional operations), any intra-group data transfers will be governed by lawful transfer mechanisms and internal agreements ensuring an equivalent level of data protection.

Business transfers: If Pink Elephant undergoes a business transaction such as a merger, acquisition by another company, reorganization, or sale of all or part of our assets, your personal data may be disclosed to the parties involved (e.g., a prospective buyer and its agents) as part of the transaction due diligence or transferred as an asset in the deal. In such events, we will ensure that any recipient of your personal data commits to respect the privacy of your information in a manner consistent with this Policy. We will provide notice on our website of any such change in ownership or control of personal data, and your choices regarding your data will remain available to you.

Legal obligations and safety: We may disclose personal data to third parties if we are required to do so by law or if such action is necessary to: (i) comply with a legal obligation or valid legal process (e.g., subpoenas, court orders); (ii) respond to requests from governmental or public authorities (including to meet national security or law enforcement requirements); (iii) enforce our Terms of Use or other agreements; or (iv) protect the rights, property, or safety of Pink Elephant, our customers, or others. For example, if necessary, we may share information with law enforcement or regulators to report fraud or abuse, or to address security vulnerabilities. We will limit any such disclosure to the relevant information and circumstances that legally require it.

Other third parties with consent: We will not share your personal data with any third parties for their own marketing or business uses without your consent. If you explicitly consent to or request us to share information with a third party (for example, if you ask us to introduce you to a partner organization or mentor, or you integrate a third-party service in an EIR project), we will share according to your direction. We may also disclose data to other parties at your instruction or with your explicit consent.

Importantly, we do not sell, rent, or trade your personal information to third parties for monetary or other valuable consideration, and have not done so in the past 12 months. Any sharing we do is strictly for the purposes stated above and primarily with service providers or affiliates acting on our behalf, or as required by law.

We also want to reassure you that any third party who receives personal data from us is required to protect it in accordance with applicable data protection laws and, where applicable, to use it only for the service they are providing to us. We diligently vet our third-party partners for strong privacy and security practices. If you have questions about specific third parties with whom your data may be shared, you may contact us for more information.

7. International Data Transfers

Given Pink Elephant’s global operations and the presence of our activities across Canada, the US, UK, EU, Thailand, Indonesia, Australia, and other countries, the personal data we collect may be transferred to and stored in multiple jurisdictions. Specifically, if you are located outside of the jurisdiction where our servers or offices are, your information (including personal data) may be transferred to, stored, or processed in a country different from your home country. This means that your data could be transferred across national borders, for example from the European Economic Area (EEA) to Canada or the United States, or from Asia to the EU, etc.

We take steps to ensure that international transfers of personal data comply with applicable data protection laws and that your personal data receives a level of protection equivalent to that afforded in your home jurisdiction. When we transfer personal data out of the UK or EEA to a country that the European Commission (or UK authorities) has not deemed to provide an adequate level of data protection, we implement appropriate safeguards as required by GDPR. In most cases, this involves using the European Commission’s Standard Contractual Clauses (SCCs) or the UK International Data Transfer Addendum, which contractually obligate the recipient to protect your data to EU/UK standards. We may also rely on other transfer mechanisms approved by law, such as an adequacy decision, binding corporate rules for intra-group transfers if applicable, or your informed consent in limited situations.

All Pink Elephant entities and service providers that handle personal data must abide by our strict privacy and security requirements, regardless of where they are located. Our internal policies govern the transfer, use, and protection of personal data within the company globally. We also monitor regulatory developments and will adapt our transfer practices to remain compliant.

If an international transfer is required, and no adequacy decision or other safeguard is available, we will only conduct the transfer if one of the derogations for specific situations under applicable law applies (for instance, if the transfer is necessary for the performance of a contract with you, or with your explicit consent after being informed of possible risks).

You can request more information about our international data transfer safeguards by contacting us (see Contact Information below).

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy, and no longer than is legally permitted or necessary. This means:

• General retention period: We keep personal information for the duration of our relationship with you, and thereafter only for as long as required to satisfy the purpose of collection or any legal, accounting, or reporting requirements. Once the purpose has been achieved, we will securely delete or anonymize the data, unless we are required to retain it longer by law.

• Newsletter and marketing data: If you have subscribed to our communications, we retain your contact information until you unsubscribe or otherwise withdraw your consent. Upon your unsubscribe request, we will promptly remove your contact details from our mailing list (typically within a few days) and will not recontact you for marketing unless you re-subscribe.

• Job applications: For unsuccessful job applicants, we may retain your application data for a defined period after the recruitment process concludes, in order to consider you for future positions that may arise, or as part of our general candidate pool. Typically, we will keep applicant data for up to one year following the decision on your application, unless you object to such retention or applicable law requires a shorter or longer period. You have the right to request deletion of your applicant data sooner, and we will honor such requests unless we have a legal obligation or compelling interest to retain the information. If you are hired by Pink Elephant, your application data will become part of your employee record and be retained in accordance with our employee data retention policies.

• EIR program data: If you apply to the EIR program and are not selected, we may keep your application on file for a similar period (e.g., up to one year) in case new opportunities or rounds of the program open up, or to invite you to related events. If you are accepted into the program, we will retain your data for the duration of your participation and for a period thereafter as needed for program administration, alumni communications, or legal purposes. Again, you may request deletion of your data, and we will accommodate that request barring any overriding requirements.

• Operational and contact data: If you contact us with an inquiry or support request, we may keep the correspondence and our response for a period of time after resolution, in case you have follow-up questions or to improve our customer service. Typically, routine communications are kept for up to 1-2 years. Logged technical data (like IP addresses or system logs) are retained only for a short duration (often 30-90 days) unless we need to investigate security incidents or abuse, in which case such logs may be kept until the issue is resolved.

• Legal and regulatory retention: We may need to retain certain data for longer periods if required by applicable laws. For example, business records, contracts, and invoicing information may be kept for several years to satisfy tax, audit, and financial reporting regulations. Similarly, if a legal claim, dispute, or investigation is anticipated or ongoing, we will retain relevant information until that matter is fully resolved. In all cases, we limit access to such data and retain it only for the necessary duration.

When we no longer have a legitimate need or legal obligation to keep your personal data, we will securely destroy it or irreversibly anonymize it. Anonymized data (which is not identifiable to you) may be retained for analytics or statistical purposes without further notice, since it no longer constitutes personal information.

If you have specific questions about our retention practices for any particular type of data, you can contact us for more details. Additionally, if you wish to have your personal data deleted, you have the right to request erasure (see User Rights below), and we will honor such requests to the extent required by law.

9. User Rights 

Subject to applicable law and any exemptions, you have certain rights regarding your personal data. We are committed to honoring your rights and have established processes to enable you to exercise them. These rights may vary depending on your jurisdiction, but we extend many rights universally so that all users can have control over their information.

Your key data protection rights include:

• Right to access: You have the right to request confirmation of whether we are processing personal data about you, and if so, to request a copy of the information we hold about you. We will provide you with a copy of your personal data in a commonly used format, along with details on why and how we use it, who we share it with, and how long we keep it, as required by law.

• Right to rectification: We want to ensure that your personal data is accurate and up to date. You have the right to request that we correct or update any inaccurate or incomplete personal data we hold about you. Upon your request, we will promptly rectify any errors or omissions in your information.

• Right to erasure: You have the right to request that we delete your personal data. You may make such a request, for example, if the data is no longer necessary for the purposes for which it was collected, you have withdrawn your consent (where we relied on consent), or you object to our processing (see the “Right to Object” below) and we have no overriding legitimate grounds to continue. We will honor valid deletion requests and erase your data, provided there is no legal obligation or compelling reason for us to retain it. Please note that certain data cannot be deleted if we must keep it by law (e.g., transaction records) or if it’s necessary for legal claims.

• Right to restrict processing: You have the right to request that we limit the processing of your personal data in certain circumstances. For instance, if you contest the accuracy of your data, you can request restriction while we verify the information. Or if you object to our processing based on legitimate interests, you can request restriction pending our verification of overriding grounds. When processing is restricted, we will continue to store your personal data but will not use or share it except to the extent allowed by your consent or required for legal reasons.

• Right to object: You have the right to object to our processing of your personal data when that processing is based on our legitimate interests (or those of a third party). If you raise an objection, we will evaluate whether our legitimate grounds for processing override your privacy rights. If they do not, we will cease the processing in question. Importantly, you have an unconditional right to object to the processing of your personal data for direct marketing purposes. If at any time you prefer that we not use your information for marketing, you can opt out and we will stop all marketing-related processing of your data.

• Right to data portability: To the extent required by applicable law, you have the right to receive certain personal data you have provided to us in a structured, commonly used, and machine-readable format, and to have that data transmitted to another controller where technically feasible. This right applies to personal data processed by us by automated means, based on your consent or on a contract with you. If you request it, and it’s technically feasible, we will directly transmit your data to another organization at your direction.

• Right to withdraw consent: Where we rely on your consent to process personal data (e.g., for sending newsletters or processing optional data), you have the right to withdraw that consent at any time. You can do so by contacting us or, for emails, by clicking the “unsubscribe” link. Once you withdraw consent, we will stop the processing that was based on it. Withdrawal of consent will not affect the lawfulness of processing done before the withdrawal.

• Rights related to automated decisions: Pink Elephant does not currently make any decisions about you that are based solely on automated processing (without human involvement) and that produce legal or similarly significant effects. However, if in the future we engage in automated decision-making (including profiling), where required by law you would have the right not to be subject to such decisions, or at least the right to human intervention and to contest the decision.

To exercise any of your rights, please contact us using the details in the Contact Information section below. We may need to verify your identity (for example, by asking you to provide information to confirm your identity) before fulfilling your request, to ensure that your data is protected from unauthorized access. We will respond to your request within the timeframe required by law (for example, within 30 days for many jurisdictions, with the possibility of a reasonable extension). If we are unable to fulfill your request (due to a legal exception or lack of required information), we will provide you with a clear explanation of the reasons, unless we are prohibited from doing so.

There is typically no fee for exercising your rights. However, if a request is manifestly unfounded or excessive (for example, repetitive), we may charge a reasonable fee or refuse to act on it, as permitted by law.

In addition to these rights, you also have the right to lodge a complaint with a supervisory authority or regulatory agency if you believe we have infringed your privacy rights. For EU/UK individuals, this would be your country’s Data Protection Authority. In Canada, you can contact the Office of the Privacy Commissioner of Canada (OPC). In Australia, the Office of the Australian Information Commissioner (OAIC) oversees privacy complaints. Thailand’s PDPC and Indonesia’s regulatory bodies handle complaints in their jurisdictions. We encourage you to contact us first so we can address your concerns directly, but you have the right to seek assistance from the authorities as well.

10. Data Security

The security of your personal data is extremely important to us. We implement and maintain industry-standard technical and organizational security measures to protect your information from unauthorized access, disclosure, alteration, and destruction. These measures include, but are not limited to:

• Encryption: We use encryption protocols to protect personal data in transit over the internet. Where appropriate, we also encrypt sensitive data at rest in our databases or storage systems.

• Access controls: We restrict access to personal data strictly to those employees, contractors, and service providers who have a business need to know such information. Our personnel are bound by confidentiality obligations and trained on privacy and security practices. Access to systems and data is controlled through identity and access management procedures, and we employ measures like strong authentication, role-based access, and regular access reviews.

• Monitoring and testing: We monitor our systems for potential security breaches and have detection systems in place. We also conduct periodic security assessments, vulnerability scans, and penetration testing to evaluate the strength of our defenses. Any identified issues are remediated with high priority.

• Data backups and recovery: We routinely back up critical data to ensure we can recover information in case of a technical incident or disaster. Backup data is securely stored and protected from unauthorized access. We periodically test our backup and recovery processes to ensure integrity.

While we strive to protect your information, it is important to note that no method of transmission over the Internet, or method of electronic storage, is completely secure. Therefore, we cannot guarantee absolute security of your data. However, we continuously work to update and improve our security measures to meet or exceed best practices. In the unlikely event of a data breach that affects your personal data, we will notify you and the relevant authorities as required by law.

You also play a role in security. We encourage you to use strong, unique passwords and to take precautions when sending information over the internet. If you suspect any unauthorized access to your personal data or any security vulnerabilities related to Pink Elephant, please contact us immediately.

11. Children’s Privacy

Our website and services are not intended for children under 18 years of age. We do not knowingly solicit or collect personal data from anyone under the age of 18. If you are under 18, please do not use or provide any information on this website, including not registering on the site, not signing up for newsletters, and not sending us any personal information. No one under age 18 may provide any personal information to or on the website.

We understand the importance of protecting children’s privacy, especially in an online environment. In the event that we learn we have inadvertently collected personal data from a child under 18 without verified parental consent, we will take immediate steps to delete such information from our servers and refrain from using it for any purpose. If deletion is not feasible (e.g., because it’s contained in an email backup), we will ensure the data is not used or disclosed further.

If you are a parent or guardian and you believe we might have any information from or about a child under 18, please contact us so that we can investigate and address the issue promptly.

By using this site, you represent that you are at least 18 (or the age of majority in your jurisdiction if higher). If you are under 18, do not use the site or send any personal information to us.

12. Changes to this Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will post the updated Privacy Policy on this page and update the “Last Updated” date at the top. Any modified policy will be effective immediately upon posting, unless otherwise required by law. We encourage you to review this page periodically to stay informed about how we are protecting your information.

If we make any significant or material changes to this Policy we will take additional steps to notify you. This may include posting a notice of the changes in a prominent place on our website, or directly emailing you if you have provided us with contact information. We will do so prior to the change becoming effective, so you have the opportunity to understand and review the updates. Where required by law, we will obtain your consent for the updated practices.

Your continued use of the Pink Elephant website or services after any changes to this Privacy Policy constitutes acceptance of the updated terms, to the extent permitted by law. However, we will not reduce your rights under this Privacy Policy without your explicit consent. For substantial changes, we may specifically seek your acknowledgment or re-consent as needed.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or about how Pink Elephant collects and processes your personal data, please do not hesitate to contact us. We are here to help and committed to addressing any privacy-related queries or issues you may have.

You can reach our privacy team via email at privacy@pink-elephant.co. This is our dedicated contact for privacy and data protection inquiries.

When you contact us, please provide your name and contact information, and clearly describe your question or request. If you are making a request to exercise a privacy right, please specify the nature of your request and the context so that we can locate your information. We may need to verify your identity for security purposes before acting on your request, as described above.

We will respond to your inquiry as soon as reasonably possible, generally within 30 days or earlier if required by law. If you have an urgent issue, please indicate that in your communication and we will do our best to prioritize it.

We sincerely appreciate your interest in our mission and your trust in Pink Elephant. Protecting your privacy is fundamental to our values. If you feel that we have not addressed your concerns satisfactorily, please let us know, and we will work to find a resolution. If you need to, you also have the right to contact your local data protection authority as mentioned in the User Rights section.

Thank you for reading our Privacy Policy. Your privacy is important to us, and we will always use your data properly and lawfully in line with this Policy and applicable laws.