Privacy Policy

1. Introduction

PercyTech SMS ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SMS messaging platform and related services ("Service").

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with the practices described, please do not use our Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Name, email address, and phone number
• Company name and business information
• Billing address and payment information (processed securely via Stripe)
• Account preferences and settings

2.2 Message Data

We process and store:

• Message content (SMS/MMS text and media)
• Message metadata (timestamps, delivery status, error codes)
• Recipient phone numbers and contact information
• Conversation history and message threads

2.3 Usage and Analytics Data

We automatically collect:

• Log files, IP addresses, and device information
• Service usage patterns and feature interactions
• Performance metrics and error logs
• Cookies and similar tracking technologies (see Section 7)

2.4 Third-Party Integration Data

If you integrate with third-party services, we may receive:

• Data from authentication providers (e.g., Auth0)
• Data from messaging carriers and providers (e.g., Bandwidth)
• Data from payment processors (e.g., Stripe)

3. How We Use Your Information

We use collected information to:

• Provide and Improve Service: Operate, maintain, and enhance the SMS platform functionality
• Process Messages: Transmit, deliver, and store your SMS/MMS messages
• Manage Accounts: Process registrations, authenticate users, and manage subscriptions
• Billing: Process payments, send invoices, and manage subscriptions
• Customer Support: Respond to inquiries, resolve issues, and provide technical assistance
• Compliance: Comply with legal obligations, enforce Terms of Service, and prevent fraud
• Analytics: Analyze usage patterns to improve service quality and develop new features
• Communications: Send service updates, security alerts, and important notifications

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share information only in the following circumstances:

4.1 Service Providers

We share data with trusted third-party service providers who assist in operating our Service, including:

• Messaging Carriers: Bandwidth and other carriers to deliver SMS/MMS messages
• Payment Processors: Stripe for secure payment processing
• Cloud Infrastructure: AWS for hosting and data storage
• Authentication: Auth0 for user authentication and management
• Email Services: AWS SES, Resend, or SMTP providers for transactional emails

All service providers are contractually obligated to protect your information and use it solely for the purposes we specify.

4.2 Legal Requirements

We may disclose information when required by law, including:

• Compliance with court orders, subpoenas, or legal processes
• Responding to government requests or regulatory inquiries
• Protecting our rights, property, or safety, or that of our users
• Investigating potential violations of our Terms of Service
• Preventing fraud or security threats

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: Data in transit (TLS/SSL) and at rest (AES-256)
• Access Controls: Role-based access controls and authentication requirements
• Secure Infrastructure: Hosted on AWS with enterprise-grade security standards
• Regular Audits: Security assessments and vulnerability scanning
• Data Backup: Regular backups with disaster recovery procedures
• Employee Training: Security awareness training for all team members

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to:

• Provide and maintain the Service
• Comply with legal obligations and regulatory requirements
• Resolve disputes and enforce agreements
• Maintain business records for audit purposes

Specific retention periods:

• Account Data: Retained while your account is active and for 90 days after termination
• Message Data: Retained according to your account settings, typically up to 24 months
• Billing Records: Retained for 7 years as required by tax and accounting regulations
• Logs: Retained for up to 90 days for security and troubleshooting

Upon account deletion, we will delete or anonymize your data within 90 days, except where retention is required by law.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Authenticate users and maintain session state
• Remember your preferences and settings
• Analyze Service usage and performance
• Provide personalized features and content

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain Service features.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

8.1 Access and Portability

Request a copy of your personal information in a portable format.

8.2 Correction

Update or correct inaccurate information through your account settings or by contacting us.

8.3 Deletion

Request deletion of your account and associated data, subject to legal retention requirements.

8.4 Opt-Out

Unsubscribe from marketing communications (transactional messages related to Service operation cannot be opted out of).

8.5 Objection and Restriction

Object to certain processing activities or request restrictions on how we use your information.

To exercise these rights, please contact us at privacy@percytech.com. We will respond within 30 days.

9. Children's Privacy

Our Service is intended for business use and is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States where our servers are located. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected and how it's used
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell your data)
• Right to non-discrimination for exercising your privacy rights

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:

• Right to access, rectification, and erasure
• Right to restrict processing and data portability
• Right to object to processing
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Material changes will be communicated via email or prominent notice on the Service. The "Last Updated" date at the top indicates when changes were made.

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

PercyTech SMS Privacy Team
Email: privacy@percytech.com
Address: [Your Business Address]
Phone: [Your Contact Number]