Privacy Policy
Effective Date: December 29, 2024
Last Updated: December 29, 2024
Welcome to JetSuite ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital marketing software-as-a-service platform (the "Service"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.
We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates.
Table of Contents
1. Information We Collect
1.1 Personal Information You Provide
We collect information that you voluntarily provide to us when you:
- Register for an account
- Subscribe to our services
- Connect third-party social media accounts
- Contact us for support
- Participate in surveys or promotions
This information may include:
- Account Information: Name, email address, username, password
- Business Information: Business name, website URL, business category, location
- Payment Information: Credit card details, billing address (processed securely through Stripe)
- Profile Information: Business logo, brand colors, fonts, descriptions
- Communication Data: Messages, feedback, support requests
1.2 Information Collected Automatically
When you access our Service, we automatically collect certain information:
- Device Information: IP address, browser type, operating system, device identifiers
- Usage Information: Pages viewed, features used, time spent, click patterns
- Log Data: Access times, error logs, performance data
- Location Data: General geographic location based on IP address
1.3 Information from Third-Party Services
When you connect third-party accounts (Facebook, Instagram, Google Business Profile, etc.), we receive:
- OAuth Tokens: Access tokens to post on your behalf (encrypted and stored securely)
- Profile Data: Username, profile ID, email (if provided)
- Page/Account Data: Pages you manage, basic account information
- Analytics Data: Performance metrics from connected platforms
Important: We NEVER store your social media passwords. All connections use secure OAuth 2.0 authentication, and you can revoke access at any time.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Provide Services: Create and manage your account, process subscriptions, deliver requested features
- Social Media Management: Post content to your connected accounts, schedule posts, analyze performance
- Business Analysis: Generate reports, provide insights, recommend improvements
- Communication: Send service updates, respond to inquiries, provide customer support
- Payment Processing: Process subscriptions and handle billing (via Stripe)
- Improve Services: Analyze usage patterns, fix bugs, develop new features
- Security: Detect fraud, prevent abuse, protect user accounts
- Legal Compliance: Comply with legal obligations, enforce our terms
- Marketing: Send promotional materials (only with your consent, opt-out anytime)
3. Disclosure of Your Information
We may share your information in the following situations:
3.1 Service Providers
We share information with third-party service providers who perform services on our behalf:
- Stripe: Payment processing
- Supabase: Database and authentication
- Vercel: Hosting and deployment
- Google (Gemini AI): AI-powered content generation and analysis
- Email Service Providers: Transactional and marketing emails
3.2 Social Media Platforms
When you connect social media accounts, we interact with their APIs to:
- Post content on your behalf
- Retrieve analytics and performance data
- Manage your pages and accounts
3.3 Legal Requirements
We may disclose your information if required by law or in response to:
- Court orders or legal process
- Government or regulatory requests
- Protection of our rights, property, or safety
- Prevention of fraud or illegal activity
3.4 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.
3.5 With Your Consent
We may share your information for any other purpose with your explicit consent.
We Do NOT: Sell, rent, or trade your personal information to third parties for their marketing purposes.
4. Third-Party Services
Our Service integrates with third-party platforms and services:
- Facebook/Instagram: Subject to Meta's Privacy Policy
- Google Business Profile: Subject to Google's Privacy Policy
- Twitter/X: Subject to X's Privacy Policy
- LinkedIn: Subject to LinkedIn's Privacy Policy
- TikTok: Subject to TikTok's Privacy Policy
- Stripe: Subject to Stripe's Privacy Policy
We are not responsible for the privacy practices of these third-party services. We encourage you to review their privacy policies before connecting your accounts.
5. Security of Your Information
We implement appropriate technical and organizational security measures to protect your information:
- Encryption: All data transmitted is encrypted using SSL/TLS
- Token Encryption: OAuth access tokens are encrypted using AES-256 encryption
- Secure Storage: Data stored in secure, encrypted databases
- Access Controls: Strict access controls and authentication requirements
- Regular Audits: Security assessments and vulnerability testing
- Secure Payment Processing: Payment data handled by PCI-compliant Stripe
Important: No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.
6. Data Retention
We retain your information for as long as necessary to:
- Provide you with our services
- Comply with legal obligations
- Resolve disputes
- Enforce our agreements
Account Deletion: If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or compliance purposes.
Backup Data: Deleted data may persist in backup systems for up to 90 days before permanent deletion.
7. Your Rights
Depending on your location, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information
- Portability: Request a copy of your data in a portable format
- Restriction: Request restriction of processing of your information
- Objection: Object to processing of your information
- Withdraw Consent: Withdraw consent for processing (where consent is the legal basis)
- Opt-Out: Opt-out of marketing communications
To exercise these rights, please contact us at privacy@getjetsuite.com
We will respond to your request within 30 days.
9. Children's Privacy
Our Service is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 18 without parental consent, we will take steps to delete that information.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.
We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy, including:
- Standard Contractual Clauses approved by the European Commission
- Ensuring service providers are certified under approved frameworks
- Implementing appropriate technical and organizational measures
11. California Privacy Rights (CCPA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):
- Right to Know: Request information about personal data collected, used, and shared
- Right to Delete: Request deletion of personal information
- Right to Opt-Out: Opt-out of sale of personal information (we do not sell personal information)
- Right to Non-Discrimination: Not be discriminated against for exercising your rights
To exercise these rights, contact us at privacy@getjetsuite.com
Verification: We may need to verify your identity before processing your request.
Authorized Agent: You may designate an authorized agent to make requests on your behalf.
12. GDPR Compliance (European Users)
If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):
Legal Basis for Processing
We process your personal data under the following legal bases:
- Contract Performance: To provide our services to you
- Legitimate Interests: To improve our services, prevent fraud
- Legal Compliance: To comply with legal obligations
- Consent: For marketing communications and optional features
Your GDPR Rights
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent
- Right to lodge a complaint with a supervisory authority
To exercise your rights, contact us at privacy@getjetsuite.com
13. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us:
Email: privacy@getjetsuite.com
Website: www.getjetsuite.com
Response Time: We will respond to your inquiry within 30 days