[ENTITY TBD] placeholders. These will be filled once the entity name is confirmed and filed with the Florida Division of Corporations. This page is staging only.
This Privacy Policy ("Policy") describes how ENTITY TBD, a Florida limited liability company ("Proactium," "we," "us," or "our") collects, uses, discloses, and protects information when you visit proactium.ai or use our cloud-based CRM and marketing automation platform (the "Service").
By using the Service, you agree to the practices described in this Policy. If you do not agree, please discontinue use of the Service.
1. Information We Collect
1.1 Information You Provide
- Account information: Name, email address, phone number, business name, and payment method when you sign up or update your account.
- Billing information: Handled by Stripe, Inc. We do not store raw card data. We receive payment confirmation, subscription status, and billing contact details from Stripe.
- Communications: Messages you send us via email, support tickets, or in-app chat.
- Subscriber Data: Contact lists, customer records, appointment data, review requests, and any other data you upload into the Service about your own customers ("Subscriber Data"). You are the data controller of Subscriber Data; we process it only on your instructions.
1.2 Information Collected Automatically
- Usage data: Pages visited, features used, time and duration of sessions, clicks, and interactions within the platform.
- Device and browser data: IP address, browser type and version, operating system, device identifiers, and referring URLs.
- Cookies and similar technologies: See Section 6 below.
1.3 Information from Third Parties
- GoHighLevel (GHL): The Service runs on the GoHighLevel platform under a white-label arrangement. GHL processes account configuration, automation execution, SMS/email delivery, and CRM data. GHL's own privacy practices apply to data processed at the infrastructure level. See GoHighLevel's Privacy Policy.
- Stripe: Payment processing. Stripe may share subscription status, billing events, and dispute information with us.
- Twilio / SMS carriers: SMS messages sent through the Service are routed through GHL's carrier network. Delivery receipts and opt-out signals are passed back to us.
2. How We Use Your Information
| Purpose | Legal Basis (where applicable) |
|---|---|
| Providing, operating, and improving the Service | Contract performance |
| Processing payments and managing subscriptions | Contract performance |
| Sending transactional emails (receipts, alerts, account notices) | Contract performance / Legitimate interest |
| Responding to support requests and communications | Contract performance / Legitimate interest |
| Sending product updates and marketing emails (with opt-out) | Legitimate interest / Consent where required |
| Detecting and preventing fraud, abuse, or security incidents | Legitimate interest / Legal obligation |
| Analyzing aggregated, anonymized usage to improve features | Legitimate interest |
| Complying with applicable law and legal process | Legal obligation |
We do not sell your personal information or your Subscriber Data to third parties.
3. Subscriber Data — Your Customers' Information
When you upload contact lists, patient records, or other data about your own customers into the Service, that information is "Subscriber Data." The following applies:
- You are the data controller; we are the data processor acting solely on your instructions.
- We do not use Subscriber Data for our own marketing or share it with third parties except as needed to deliver the Service (e.g., passing SMS content to GHL/Twilio for delivery).
- You are responsible for ensuring you have the legal right to upload and process that data, including obtaining required consents under TCPA, HIPAA (if applicable), and other applicable laws.
- Upon cancellation, we will retain Subscriber Data for 30 days to allow for export, after which it will be deleted from our systems. GHL's own retention schedule may differ.
4. Disclosure of Information
We share information only in the following circumstances:
- Service providers: GoHighLevel (platform infrastructure), Stripe (payments), email delivery providers, and hosting/CDN providers — all under data processing agreements.
- Business transfers: If we are acquired, merged, or sell assets, your data may be transferred to the successor entity, which will be bound by this Policy or a successor policy.
- Legal process: We may disclose information if required by law, subpoena, court order, or to protect the rights, property, or safety of Proactium, our subscribers, or the public.
- With your consent: Any other disclosure with your explicit permission.
5. Data Retention
We retain account information for as long as your subscription is active and for up to 7 years thereafter for legal, tax, and compliance purposes. Subscriber Data is retained for 30 days after cancellation, then deleted. Usage logs are retained for up to 12 months. You may request earlier deletion as described in Section 8.
6. Cookies and Tracking
Our website uses the following types of cookies and similar technologies:
- Strictly necessary: Session management, authentication, security. Cannot be disabled.
- Analytics: We use aggregated analytics (e.g., page views, session duration) to understand how visitors use our site. No cross-site behavioral tracking.
- Marketing: If you click an ad or land on our site from a paid campaign, we may set a conversion cookie to measure campaign performance. This does not track you across unrelated websites.
Most browsers allow you to refuse or delete cookies. Disabling cookies may affect Service functionality.
7. Data Security
We implement commercially reasonable administrative, technical, and physical safeguards to protect your information, including TLS encryption in transit and encryption at rest for sensitive fields. However, no internet transmission is 100% secure. You are responsible for maintaining the security of your account credentials.
If we become aware of a breach that affects your personal information, we will notify you as required by applicable law.
8. Your Rights and Choices
8.1 All Subscribers
- Access and correction: You may review and update your account information at any time through your dashboard settings.
- Marketing opt-out: Every marketing email includes an unsubscribe link. You can also email privacy@proactium.ai to opt out.
- Data deletion: You may request deletion of your account and personal data by emailing privacy@proactium.ai. We will process your request within 30 days, subject to legal retention obligations.
8.2 California Residents (CCPA / CPRA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act and California Privacy Rights Act:
- Right to Know: The categories and specific pieces of personal information we have collected about you.
- Right to Delete: Request deletion of personal information we hold about you (subject to exceptions).
- Right to Correct: Request correction of inaccurate personal information.
- Right to Opt-Out of Sale/Sharing: We do not sell or share personal information for cross-context behavioral advertising. No action required, but you may submit a request to confirm.
- Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information beyond what is necessary to provide the Service.
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise your California rights, contact us at privacy@proactium.ai or write to: ENTITY TBD, ADDRESS TBD, Florida. We will verify your identity before processing your request. You may designate an authorized agent by providing written authorization.
Categories of personal information collected in the past 12 months: Identifiers (name, email, IP address), commercial information (subscription records), internet/network activity (usage data), and inferences drawn from the above. We do not collect biometric data, geolocation data, or sensitive health data (Subscriber Data uploaded by healthcare Subscribers is your data, not ours to categorize).
8.3 EEA / UK Residents (GDPR)
If you are located in the European Economic Area or United Kingdom, you have rights under the General Data Protection Regulation, including rights of access, rectification, erasure, restriction of processing, data portability, and objection. Our lawful bases for processing are contract performance, legitimate interest, and legal obligation, as described in Section 2. Data is processed in the United States. We rely on Standard Contractual Clauses where applicable for cross-border transfers. To exercise your GDPR rights, contact privacy@proactium.ai. You also have the right to lodge a complaint with your local supervisory authority.
9. Children's Privacy
The Service is intended for business users aged 18 and older. We do not knowingly collect personal information from children under 13. If we learn we have inadvertently collected such information, we will delete it promptly.
10. Third-Party Links
The Service may contain links to third-party websites or integrations (e.g., review platforms, appointment scheduling tools). We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before submitting any personal information.
11. Changes to This Policy
We may update this Policy from time to time. We will notify you of material changes by email or in-app notice at least 30 days before the changes take effect. The "Last Updated" date at the top reflects the current version. Continued use of the Service after the effective date constitutes acceptance of the updated Policy.
12. Contact Us
Privacy questions or requests? Contact us at:
- Email: privacy@proactium.ai
- Mail: ENTITY TBD, ADDRESS TBD, Florida
We will respond to verified privacy requests within 45 days (with one possible 45-day extension for complex requests).