Legal
Privacy Policy
Last updated: July 17, 2026
Jump to a section
- 1. INTRODUCTION
- 2. DEFINITIONS
- 3. SCOPE OF THIS PRIVACY POLICY
- 4. INFORMATION WE COLLECT
- 5. INFORMATION YOU PROVIDE
- 6. AUTOMATICALLY COLLECTED INFORMATION
- 7. SOCIAL MEDIA ACCOUNT INFORMATION
- 8. CLIENT PORTAL DATA
- 9. PAYMENT INFORMATION
- 10. COMMUNICATIONS
- 11. OUR ROLE AS CONTROLLER OR PROCESSOR
- 12. HOW WE USE INFORMATION
- 13. LEGAL BASES FOR PROCESSING
- 14. AI AND AUTOMATION SYSTEMS
- 15. AI-GENERATED AND CLIENT-SUBMITTED CONTENT
- 16. THIRD-PARTY SERVICE PROVIDERS
- 17. SOCIAL MEDIA AND THIRD-PARTY PLATFORMS
- 18. HOSTING, INFRASTRUCTURE, AND TECHNICAL SERVICES
- 19. COOKIES AND SIMILAR TECHNOLOGIES
- 20. ANALYTICS, ADVERTISING, AND MARKETING TECHNOLOGIES
- 21. INTERNATIONAL DATA TRANSFERS
- 22. DATA RETENTION
- 23. DATA ACCURACY AND MINIMIZATION
- 24. SECURITY MEASURES
- 25. SECURITY INCIDENTS AND DATA BREACHES
- 26. YOUR PRIVACY RIGHTS
- 27. EXERCISING PRIVACY RIGHTS
- 28. CALIFORNIA AND OTHER UNITED STATES PRIVACY RIGHTS
- 29. CHILDREN'S PRIVACY
- 30. BUSINESS TRANSFERS AND CORPORATE TRANSACTIONS
- 31. LEGAL DISCLOSURES AND PROTECTION OF RIGHTS
- 32. THIRD-PARTY WEBSITES, SERVICES, AND LINKS
- 33. DO NOT TRACK AND PRIVACY SIGNALS
- 34. EMAIL, TEXT, AND MARKETING COMMUNICATIONS
- 35. PUBLIC CONTENT, TESTIMONIALS, AND SOCIAL INTERACTIONS
- 36. CHANGES TO THIS PRIVACY POLICY
- 37. JURISDICTION-SPECIFIC NOTICES
- 38. COMPLAINTS AND SUPERVISORY AUTHORITIES
- 39. INTERPRETATION AND RELATIONSHIP TO OTHER AGREEMENTS
- 40. CONTACT INFORMATION
1. INTRODUCTION
Welcome to Navon Social LLC ("Company," "Navon Social," "we," "our," or "us").
This Privacy Policy explains how we collect, use, disclose, store, transfer, protect, and otherwise process Personal Data when you access or use our websites, client portal, applications, social media management services, website development services, SEO services, AI-powered services, content creation services, graphic design services, marketing services, consulting services, live chat services, domain-related services, hosting-related services, or any other products or services offered by the Company (collectively, the "Services").
Your privacy is important to us. We are committed to handling Personal Data in accordance with applicable privacy and data protection laws while providing our Services efficiently and securely.
By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy.
2. DEFINITIONS
For purposes of this Privacy Policy:
Account means any account, client profile, portal account, dashboard, login credentials, or other registration created to access the Services.
AI Systems means artificial intelligence models, machine learning systems, automated content-generation systems, large language models, image-generation systems, automation platforms, moderation systems, recommendation systems, and similar technologies used by the Company or its service providers.
Client means any individual or entity that purchases, subscribes to, registers for, requests, or otherwise uses the Services.
Content means any information, files, text, graphics, images, videos, audio, logos, documents, source code, prompts, instructions, comments, communications, uploads, downloads, or other material submitted to or generated through the Services.
Personal Data means any information relating to an identified or identifiable natural person, including information considered personal information, personally identifiable information, or a similar protected category under applicable privacy laws.
Processing means any operation performed on Personal Data, including collection, recording, organization, structuring, storage, modification, retrieval, consultation, use, disclosure, transmission, dissemination, combination, restriction, deletion, or destruction.
Services means all current and future services, products, software, websites, applications, client portals, APIs, automation systems, AI-powered tools, consulting services, digital marketing services, website services, social media services, and related offerings provided by the Company unless expressly stated otherwise.
Third Party means any individual, organization, platform, service provider, business, governmental authority, or other entity other than the Company, the Client, or persons acting under the direct authority of either.
3. SCOPE OF THIS PRIVACY POLICY
This Privacy Policy applies to Personal Data processed by the Company in connection with the Services, regardless of whether such information is collected:
- through our websites;
- through our client portal;
- during account registration;
- during purchases or subscription enrollment;
- through customer support;
- through email communications;
- through live chat;
- through telephone or video consultations;
- through social media interactions;
- through website development projects;
- through SEO services;
- through AI-powered services;
- through marketing campaigns;
- through consulting engagements;
- through mobile devices;
- through APIs or software integrations;
- through third-party platforms; or
- through any other interaction with the Company.
This Privacy Policy also applies to future products and services offered by the Company unless a separate privacy policy expressly governs those products or services.
This Privacy Policy does not apply to websites, applications, services, platforms, or products operated independently by third parties, even where they are linked to, accessible through, or integrated with the Services.
Third-party services are governed by their own terms, policies, and privacy practices.
4. INFORMATION WE COLLECT
Depending on how you interact with the Services, we may collect and process various categories of information.
4.1 Identity Information
Identity information may include:
- full name;
- business name;
- company information;
- username;
- display name;
- job title;
- professional role;
- profile information;
- account identifiers; and
- other identifying information voluntarily provided to us.
4.2 Contact Information
Contact information may include:
- email address;
- telephone number;
- billing address;
- mailing address;
- business address;
- social media contact information; and
- communication preferences.
4.3 Account Information
Account information may include:
- login credentials;
- encrypted or hashed passwords;
- authentication information;
- security settings;
- account preferences;
- subscription information;
- service selections;
- account status;
- access permissions; and
- account activity.
4.4 Payment and Transaction Information
Payment and transaction information may include:
- purchase information;
- invoice information;
- subscription information;
- transaction history;
- payment confirmations;
- billing records;
- payment status;
- refund records; and
- payment processor identifiers.
Complete payment card information is generally processed by third-party payment processors and is not stored directly by the Company.
4.5 Technical Information
Technical information may include:
- IP address;
- browser type and version;
- operating system;
- device type;
- device identifiers;
- device characteristics;
- screen resolution;
- language preferences;
- time-zone settings;
- referring URLs;
- pages visited;
- timestamps;
- log files;
- diagnostic information;
- crash reports;
- error information; and
- performance data.
4.6 Usage Information
Usage information may include information regarding how you access, navigate, and interact with the Services, including:
- pages viewed;
- features used;
- buttons or links selected;
- portal interactions;
- content approvals;
- revision requests;
- downloads;
- uploads;
- session duration;
- navigation behavior;
- service activity; and
- interaction history.
4.7 Communications
Communication information may include:
- emails;
- support requests;
- contact-form submissions;
- live-chat conversations;
- telephone communications;
- consultation notes;
- project discussions;
- feedback;
- reviews;
- survey responses; and
- other correspondence with the Company.
4.8 Project Information
Project information may include information provided in connection with Services requested from the Company, including:
- website requirements;
- branding information;
- marketing strategies;
- SEO objectives;
- design preferences;
- project files;
- business descriptions;
- audience information;
- content requests;
- campaign information;
- product or service information;
- brand guidelines; and
- other project-related materials.
4.9 Content Submitted to the Services
We may process Content that Clients voluntarily upload, submit, transmit, approve, modify, request, or otherwise provide, including:
- documents;
- images;
- videos;
- audio files;
- logos;
- graphics;
- written content;
- marketing materials;
- prompts;
- AI instructions;
- comments;
- revisions;
- approval requests;
- website content;
- social media content; and
- other materials submitted in connection with the Services.
5. INFORMATION YOU PROVIDE
You may voluntarily provide Personal Data when you:
- register or maintain an Account;
- purchase or subscribe to Services;
- request a quotation, proposal, or consultation;
- communicate with us;
- complete onboarding forms;
- upload project materials;
- submit website, marketing, or branding information;
- approve Content;
- request revisions;
- connect social media accounts;
- provide platform credentials or access tokens;
- authorize integrations;
- participate in surveys;
- submit reviews or testimonials;
- request customer support;
- attend consultations or meetings; or
- otherwise interact with the Company.
You represent and warrant that information you provide is accurate, complete, current, lawfully obtained, and not misleading.
You are responsible for updating information where necessary to maintain its accuracy.
Where you provide Personal Data relating to another individual, you represent and warrant that you have obtained all permissions, authorizations, notices, and consents required under applicable law to provide that information to the Company and to permit the Company to process it for the purposes described in this Privacy Policy.
Clients are solely responsible for determining whether they are legally permitted to collect, disclose, upload, transmit, or otherwise provide Personal Data to the Company.
The Company is not responsible for verifying the legal authority under which Clients provide Personal Data relating to employees, customers, contractors, followers, website visitors, business contacts, or other third parties.
Please avoid submitting unnecessary highly sensitive information unless it is specifically required for the requested Services and appropriate safeguards have been agreed upon.
6. AUTOMATICALLY COLLECTED INFORMATION
When you access or use the Services, certain information may be collected automatically through technologies such as:
- cookies;
- log files;
- analytics services;
- tracking pixels;
- web beacons;
- software development kits;
- APIs;
- browser storage;
- device identifiers;
- server logs; and
- similar technologies.
Automatically collected information may include:
- IP address;
- browser configuration;
- browser type and version;
- operating system;
- screen resolution;
- device type;
- device identifiers;
- time zone;
- language settings;
- referring websites;
- exit pages;
- clickstream information;
- timestamps;
- general geographic region inferred from an IP address;
- session information;
- diagnostic logs;
- security logs;
- error reports;
- feature usage;
- interactions with advertisements;
- interactions with emails;
- interactions within the client portal; and
- other technical or usage-related information.
This information may be used for:
- security monitoring;
- fraud prevention;
- authentication;
- analytics;
- troubleshooting;
- system administration;
- product and service improvement;
- performance monitoring;
- service optimization;
- error detection;
- auditing;
- enforcing our agreements; and
- protecting the Company, Clients, and third parties.
The Company may combine automatically collected information with other information lawfully obtained from Clients, service providers, integrations, public sources, or third-party platforms.
7. SOCIAL MEDIA ACCOUNT INFORMATION
Certain Services may require Clients to provide, authorize, or facilitate access to social media accounts, pages, profiles, advertising accounts, business accounts, or related platform features managed by or on behalf of the Client.
Depending on the Services requested, the Company may process:
- social media usernames;
- account identifiers;
- page identifiers;
- profile information;
- authentication credentials;
- API tokens;
- access tokens;
- refresh tokens;
- platform permissions;
- advertising account information;
- analytics information;
- audience insights;
- follower information made available by the platform;
- engagement metrics;
- advertising performance data;
- campaign information;
- content calendars;
- scheduled posts;
- published posts;
- comments or messages expressly authorized for management;
- media libraries;
- platform notifications; and
- other information made available through authorized platform access.
Such access and information will be used for providing, administering, securing, and improving the requested Services.
The Company may use official APIs, third-party social media management platforms, automation tools, scheduling systems, analytics providers, messaging tools, advertising platforms, and other technologies in connection with managing Client accounts.
Authentication credentials, tokens, and permissions may be stored or processed by the Company or by authorized service providers where reasonably necessary to provide the Services.
Clients should provide access through official permission-management systems, business manager accounts, role-based access, APIs, or similar methods whenever reasonably available instead of sharing primary passwords.
The Company does not control the privacy, security, availability, data-retention practices, policies, or technical systems of social media platforms.
Social media platforms process Personal Data independently in accordance with their own privacy policies and terms.
Clients remain responsible for complying with the terms, policies, advertising requirements, privacy obligations, and other rules of every third-party platform connected to the Services.
8. CLIENT PORTAL DATA
When you access or use our client portal, dashboard, account area, project-management interface, approval system, or similar platform, we may process information relating to your use of those systems.
Client portal information may include:
- Account details;
- project status;
- project timelines;
- uploaded files;
- downloaded files;
- content drafts;
- content approvals;
- approval timestamps;
- revision requests;
- comments;
- messages;
- activity history;
- login history;
- security events;
- notifications;
- billing history;
- invoices;
- subscription information;
- service usage;
- support requests;
- analytics displayed within the portal; and
- other information associated with portal activity.
The Company may maintain logs of portal activity for purposes including:
- providing and administering the Services;
- documenting approvals and instructions;
- security monitoring;
- fraud prevention;
- auditing;
- quality assurance;
- dispute resolution;
- billing verification;
- system integrity;
- legal compliance;
- enforcement of agreements; and
- service improvement.
Information displayed within the client portal may originate from the Company, the Client, social media platforms, analytics providers, advertising platforms, payment processors, or other third-party services.
The Company does not guarantee that third-party data displayed through the client portal will always be complete, current, error-free, or continuously available.
9. PAYMENT INFORMATION
Payments for the Services may be processed through third-party payment processors, banking providers, invoicing systems, or other financial service providers.
The Company generally does not directly collect or store complete payment card numbers, card verification codes, or equivalent sensitive payment credentials.
We may receive or retain information including:
- payment confirmations;
- billing names;
- billing addresses;
- transaction identifiers;
- payment processor identifiers;
- payment status;
- subscription status;
- invoice history;
- purchase history;
- refund history;
- chargeback information;
- payment failure information;
- currency information;
- tax-related information; and
- limited payment-method details, such as card type or the final digits of a payment card.
Payment processors independently collect, use, store, and protect payment information in accordance with their own terms and privacy policies.
The Company may use payment and transaction information for:
- processing purchases;
- administering subscriptions;
- issuing invoices;
- maintaining accounting records;
- processing permitted refunds;
- responding to payment disputes;
- preventing fraud;
- collecting amounts owed;
- complying with tax and financial obligations; and
- enforcing our agreements.
The Company is not responsible for the independent privacy practices, security measures, processing activities, service availability, or errors of third-party payment providers.
10. COMMUNICATIONS
The Company may collect, process, store, and retain information contained in communications between Clients, prospective Clients, users, representatives, contractors, service providers, and the Company.
Communications may occur through:
- email;
- contact forms;
- telephone calls;
- live chat;
- support systems;
- messaging platforms;
- video conferences;
- consultations;
- project-management systems;
- client portal messaging;
- social media platforms; and
- other communication channels.
Communication information may include:
- the content of messages;
- attachments;
- sender and recipient information;
- dates and timestamps;
- project instructions;
- service requests;
- support information;
- feedback;
- complaints;
- approval decisions;
- revision requests;
- meeting notes; and
- other information included in the communication.
Communications may be retained and processed for purposes including:
- providing and administering the Services;
- responding to inquiries;
- providing customer support;
- documenting Client instructions;
- quality assurance;
- staff or contractor training;
- service improvement;
- security monitoring;
- fraud prevention;
- billing and accounting;
- dispute resolution;
- legal compliance;
- enforcing agreements; and
- protecting the rights, property, safety, and legitimate interests of the Company, Clients, users, and third parties.
Where permitted by applicable law, telephone calls, video conferences, support interactions, or other communications may be recorded or transcribed for documentation, quality assurance, training, security, or dispute-resolution purposes.
Where consent to recording is required by applicable law, the Company will seek such consent or provide an appropriate notice before recording.
The Company may maintain records of communications for as long as reasonably necessary for legitimate business purposes, fulfillment of contractual obligations, dispute resolution, enforcement, security, accounting, or compliance with applicable law.
11. OUR ROLE AS CONTROLLER OR PROCESSOR
Depending on the circumstances and the Services provided, the Company may process Personal Data in different legal capacities.
11.1 Company as Data Controller
The Company generally acts as a data controller, business, or equivalent responsible entity when it determines the purposes and means of processing Personal Data relating to:
- prospective Clients;
- Client representatives;
- Account registration and administration;
- billing and payment records;
- customer support;
- business communications;
- website visitors;
- security monitoring;
- fraud prevention;
- analytics relating to our own Services;
- marketing conducted by or on behalf of the Company;
- legal compliance;
- enforcement of our agreements; and
- operation and improvement of the Services.
11.2 Company as Data Processor or Service Provider
The Company may act as a data processor, service provider, contractor, or equivalent entity when processing Personal Data on behalf of a Client and in accordance with the Client's documented instructions.
This may occur when the Company processes Personal Data in connection with:
- social media management;
- advertising campaign management;
- website development;
- website hosting;
- SEO services;
- content management;
- live sales chat;
- customer communication services;
- analytics services;
- marketing automation;
- AI-assisted content creation;
- lead-management services; or
- other Services performed on behalf of a Client.
Where the Company acts as a processor or service provider, the Client is generally responsible for determining the lawful basis, purpose, scope, and permitted duration of the processing.
The Client is also responsible for providing legally required privacy notices and obtaining all legally required permissions or consents from affected individuals.
11.3 Data Processing Agreements
Where required by applicable law, the Company and the Client may enter into a separate data processing agreement governing the processing of Personal Data.
If a data processing agreement conflicts with this Privacy Policy concerning processing performed on behalf of a Client, the data processing agreement will control to the extent of that conflict.
Nothing in this Privacy Policy changes the respective legal roles of the Company, the Client, or any Third Party as determined under applicable law.
12. HOW WE USE INFORMATION
The Company may collect, use, disclose, retain, and otherwise process Personal Data for purposes including:
- providing, operating, maintaining, and administering the Services;
- creating and managing Accounts;
- authenticating users;
- processing purchases and subscriptions;
- preparing and issuing invoices;
- performing contractual obligations;
- communicating with Clients and prospective Clients;
- responding to inquiries and support requests;
- conducting onboarding;
- managing projects;
- developing websites and digital assets;
- creating, modifying, scheduling, and publishing Content;
- managing social media accounts;
- managing marketing and advertising campaigns;
- providing SEO services;
- providing graphic design services;
- providing content-writing services;
- providing live sales chat or customer communication services;
- generating or assisting with Content through AI Systems;
- displaying analytics and statistics;
- personalizing the Services;
- remembering user settings and preferences;
- measuring service usage and performance;
- conducting research and analytics;
- improving existing Services;
- developing new Services and features;
- testing systems, features, and integrations;
- maintaining infrastructure and backups;
- detecting, investigating, and preventing fraud;
- detecting and preventing security incidents;
- protecting Accounts and systems;
- monitoring compliance with our agreements;
- investigating suspected misuse;
- resolving disputes;
- establishing, exercising, or defending legal claims;
- complying with legal, regulatory, tax, accounting, and reporting obligations;
- responding to lawful requests from governmental authorities;
- protecting the rights, property, safety, and legitimate interests of the Company, Clients, users, and third parties; and
- carrying out other purposes disclosed at the time information is collected or otherwise permitted by applicable law.
The Company may use information for more than one lawful purpose where permitted by applicable law.
Where the Company intends to process Personal Data for a materially different purpose, it may provide additional notice or request consent where legally required.
13. LEGAL BASES FOR PROCESSING
Where the General Data Protection Regulation, United Kingdom General Data Protection Regulation, or another law requiring a legal basis applies, the Company may rely on one or more of the following legal bases.
13.1 Performance of a Contract
We may process Personal Data where processing is necessary to:
- enter into an agreement with you;
- take steps at your request before entering into an agreement;
- provide Services you requested;
- administer your Account;
- process purchases or subscriptions;
- communicate regarding a project;
- manage Client instructions and approvals; or
- otherwise perform our contractual obligations.
13.2 Legitimate Interests
We may process Personal Data where processing is necessary for our legitimate business interests or the legitimate interests of a Third Party, provided those interests are not overridden by applicable rights and freedoms.
Such legitimate interests may include:
- operating and improving the Services;
- maintaining business records;
- providing customer support;
- protecting our systems and Accounts;
- preventing fraud and misuse;
- securing our infrastructure;
- conducting reasonable analytics;
- understanding service performance;
- developing new products and features;
- communicating with existing Clients regarding related Services;
- enforcing contracts;
- collecting unpaid amounts;
- resolving disputes;
- protecting legal rights; and
- ensuring efficient business operations.
Where required, the Company may conduct a balancing assessment before relying on legitimate interests.
13.3 Consent
We may process Personal Data based on your consent where consent is requested and legally valid.
Where processing is based on consent, you may withdraw that consent at any time, subject to applicable law.
Withdrawal of consent does not affect the lawfulness of processing performed before the withdrawal.
Withdrawal may prevent the Company from providing Services that depend on the relevant processing.
13.4 Legal Obligations
We may process Personal Data where necessary to comply with legal or regulatory obligations, including:
- tax obligations;
- accounting obligations;
- financial reporting requirements;
- court orders;
- lawful governmental requests;
- regulatory requirements;
- record-retention obligations; and
- other obligations imposed by applicable law.
13.5 Protection of Vital Interests
In limited circumstances, we may process Personal Data where necessary to protect the vital interests of an individual.
13.6 Other Lawful Bases
The Company may rely on any other lawful basis available under applicable privacy or data protection law.
The legal basis relied upon may vary depending on the type of information, the relevant Service, the relationship between the parties, and the jurisdiction in which processing occurs.
14. AI AND AUTOMATION SYSTEMS
The Company may use AI Systems, automation systems, algorithms, software tools, and third-party AI providers in connection with the Services.
AI Systems may be used for purposes including:
- generating written Content;
- generating images, graphics, audio, or video;
- editing or modifying Content;
- creating social media posts;
- developing marketing materials;
- assisting with website creation;
- conducting research;
- summarizing information;
- translating Content;
- analyzing performance data;
- assisting with SEO tasks;
- suggesting marketing strategies;
- moderating or classifying Content;
- detecting fraud, spam, abuse, or security threats;
- automating repetitive processes;
- improving workflows;
- providing customer support assistance; and
- supporting other Services requested by Clients.
Information submitted to the Services may be transmitted to and processed by third-party AI providers where reasonably necessary to perform the requested Services.
Such information may include:
- prompts;
- instructions;
- project descriptions;
- business information;
- written Content;
- images;
- audio;
- video;
- documents;
- performance data; and
- other information submitted for AI-assisted processing.
The Company may configure AI tools to reduce retention, training use, or unnecessary processing where commercially reasonable and technically available.
Unless expressly disclosed otherwise, the Company does not intentionally use private Client Content to train a general-purpose artificial intelligence model owned and independently controlled by the Company.
Third-party AI providers may process, retain, monitor, or use submitted information in accordance with their own agreements, privacy policies, security practices, and service configurations.
The Company does not control the independent processing practices of third-party AI providers.
Clients should not submit unnecessary Personal Data, confidential information, trade secrets, regulated information, financial credentials, health information, government identifiers, or other highly sensitive information to AI-powered workflows unless the submission is necessary, lawful, and specifically authorized.
AI-generated or AI-assisted outputs may contain inaccuracies, omissions, biases, or unintended information. Human review may be used where reasonably appropriate, but the Company does not guarantee that every AI-assisted output will be reviewed by a human before delivery or publication unless expressly agreed in writing.
The Company does not use solely automated processing to make decisions producing legal or similarly significant effects concerning individuals unless such processing is permitted by applicable law and appropriate notices or safeguards are provided.
15. AI-GENERATED AND CLIENT-SUBMITTED CONTENT
Clients may provide information, instructions, prompts, files, examples, references, or other Content for use in AI-assisted workflows.
Clients are responsible for ensuring that such Content:
- was lawfully obtained;
- may lawfully be disclosed to the Company;
- may lawfully be processed through AI Systems;
- does not violate the privacy rights of another person;
- does not violate confidentiality obligations;
- does not include unnecessary sensitive Personal Data;
- does not infringe intellectual property rights; and
- complies with applicable law and platform requirements.
The Company may process submitted Content to generate, revise, analyze, classify, translate, moderate, format, publish, distribute, or otherwise provide the requested Services.
AI-generated Content may be based on patterns learned from large datasets and may produce results similar or identical to results generated for other users.
AI-generated Content should not be assumed to be unique, confidential, accurate, complete, original, free from third-party rights, or suitable for a particular legal or commercial purpose.
The Company may retain prompts, instructions, outputs, revisions, approval records, and related metadata where reasonably necessary for:
- providing the Services;
- documenting Client instructions;
- maintaining project history;
- quality assurance;
- security;
- fraud prevention;
- dispute resolution;
- system improvement;
- legal compliance; and
- enforcement of agreements.
Where an AI provider offers different data-use configurations, retention settings, or account types, the configuration used may depend on technical availability, cost, project requirements, contractual arrangements, and the Services purchased by the Client.
16. THIRD-PARTY SERVICE PROVIDERS
The Company may engage third-party service providers, contractors, subprocessors, consultants, platforms, and infrastructure providers to support the operation and delivery of the Services.
Such third parties may provide services including:
- website hosting;
- cloud storage;
- database management;
- content delivery;
- cybersecurity;
- backup and recovery;
- email delivery;
- customer support;
- live chat;
- project management;
- client portal functionality;
- payment processing;
- accounting and invoicing;
- analytics;
- advertising;
- social media management;
- content scheduling;
- AI and machine-learning services;
- video, image, audio, or text generation;
- communications;
- identity verification;
- fraud prevention;
- legal services;
- professional consulting; and
- other operational or technical functions.
Third-party service providers may access or process Personal Data only to the extent reasonably necessary to perform their functions, comply with applicable law, protect their systems, or exercise rights provided under their agreements.
Where required by applicable law, the Company will use contractual or other safeguards intended to govern third-party processing of Personal Data.
Some third-party providers may independently determine certain purposes and means of processing and may therefore act as independent controllers, businesses, or equivalent responsible entities.
The Company is not responsible for independent processing activities performed by third parties outside the Company's instructions or reasonable control.
The identities and categories of service providers used by the Company may change as the Services, technologies, availability, pricing, security requirements, and business operations evolve.
17. SOCIAL MEDIA AND THIRD-PARTY PLATFORMS
The Services may interact or integrate with social media networks, search engines, advertising networks, analytics providers, communication platforms, website platforms, content-management systems, and other third-party services.
These platforms may independently collect and process information relating to:
- Client Accounts;
- Client representatives;
- followers and subscribers;
- website visitors;
- advertising audiences;
- customers and prospective customers;
- engagement activity;
- messages and comments;
- device information;
- online identifiers;
- cookies and tracking technologies;
- advertising performance;
- content interactions; and
- other information governed by their own policies.
Information exchanged with third-party platforms may include information required to:
- authenticate an Account;
- establish an integration;
- publish or schedule Content;
- manage advertisements;
- respond to authorized messages;
- retrieve analytics;
- manage comments;
- monitor campaign performance; or
- provide another requested Service.
Third-party platforms may modify their APIs, privacy practices, permissions, data availability, technical requirements, or retention rules at any time.
The Company does not control and is not responsible for:
- how third-party platforms process Personal Data;
- changes to platform policies;
- platform security incidents;
- platform tracking practices;
- platform advertising practices;
- platform data accuracy;
- platform data retention;
- platform suspension or termination decisions;
- platform outages; or
- the loss or restriction of API access.
Clients and other users should review the privacy policies and settings of each third-party platform they use.
18. HOSTING, INFRASTRUCTURE, AND TECHNICAL SERVICES
The Company may use third-party hosting providers, cloud platforms, data centers, content delivery networks, domain providers, email providers, security services, database providers, and other technical infrastructure providers.
Personal Data may be stored or processed on systems located in different jurisdictions depending on:
- the provider used;
- server availability;
- system architecture;
- backup locations;
- security requirements;
- technical requirements;
- Client location;
- service configuration; and
- applicable law.
Infrastructure providers may process:
- Account information;
- website Content;
- uploaded files;
- database records;
- IP addresses;
- server logs;
- security logs;
- communications;
- backup copies;
- authentication information; and
- other information necessary to operate the Services.
The Company may change infrastructure providers, server locations, hosting configurations, or technical architectures where reasonably necessary for security, availability, performance, compliance, cost, or operational reasons.
No hosting, storage, transmission, backup, or security system can guarantee absolute security, uninterrupted availability, permanent retention, or complete protection against unauthorized access or data loss.
Clients are responsible for maintaining independent copies of important Content where appropriate and for implementing reasonable safeguards within systems under their control.
19. COOKIES AND SIMILAR TECHNOLOGIES
The Company and its service providers may use cookies and similar technologies to operate, secure, analyze, personalize, and improve the Services.
These technologies may include:
- HTTP cookies;
- local storage;
- session storage;
- tracking pixels;
- web beacons;
- software development kits;
- device identifiers;
- analytics tags;
- advertising identifiers;
- server-side tracking technologies; and
- similar technologies.
19.1 Strictly Necessary Technologies
Strictly necessary technologies may be used to:
- enable core website functionality;
- authenticate users;
- maintain sessions;
- remember security settings;
- prevent fraud;
- protect forms and Accounts;
- process transactions;
- balance server traffic; and
- provide Services requested by the user.
19.2 Preference Technologies
Preference technologies may be used to remember language, region, display settings, login preferences, consent selections, and other user choices.
19.3 Analytics Technologies
Analytics technologies may be used to understand:
- how users find the Services;
- which pages are viewed;
- how features are used;
- how long sessions last;
- which errors occur;
- how systems perform; and
- how the Services may be improved.
19.4 Advertising Technologies
Where used, advertising technologies may help measure campaigns, attribute conversions, limit repeated advertisements, create audiences, personalize marketing, or display advertisements based on interactions with the Services.
19.5 Cookie Choices
Where required by applicable law, non-essential cookies or similar technologies will be used only after appropriate consent or another lawful basis has been established.
You may be able to manage cookie preferences through:
- a cookie consent tool provided through the Services;
- your browser settings;
- device settings;
- advertising platform settings; or
- privacy controls offered by relevant third parties.
Blocking or deleting cookies may prevent certain features from functioning correctly and may require you to re-enter settings or authentication information.
Browser-based signals, including Global Privacy Control signals, may be recognized where required by applicable law and technically applicable to the relevant processing.
20. ANALYTICS, ADVERTISING, AND MARKETING TECHNOLOGIES
The Company may use analytics, advertising, attribution, customer relationship management, email marketing, audience measurement, and campaign-management technologies.
These technologies may be used to:
- measure website traffic;
- understand user interactions;
- evaluate marketing performance;
- attribute inquiries, purchases, or conversions;
- measure email engagement;
- manage prospective Client relationships;
- create reports;
- improve Services and marketing campaigns;
- identify technical problems;
- prevent fraudulent activity;
- create or manage advertising audiences;
- deliver relevant advertisements where permitted;
- limit repetitive advertisements; and
- understand the effectiveness of promotional communications.
Information processed through these technologies may include:
- IP address;
- cookie identifiers;
- device identifiers;
- browser information;
- general location information;
- pages viewed;
- links selected;
- session information;
- referral information;
- campaign identifiers;
- conversion events;
- email interactions;
- Account activity; and
- other usage or technical information.
Analytics and advertising providers may process information independently or combine it with information collected through other websites, applications, services, or devices in accordance with their own privacy policies.
The Company does not guarantee the accuracy, completeness, or continuous availability of analytics, advertising, attribution, or campaign data supplied by third parties.
Marketing communications may be sent where permitted by applicable law, including where:
- you requested information;
- you consented to receive communications;
- you are an existing Client and the communication concerns related Services;
- the communication is otherwise permitted under applicable law; or
- the communication is necessary to administer your Account or Services.
You may unsubscribe from promotional email communications by using the unsubscribe mechanism included in the communication or by contacting the Company.
Unsubscribing from promotional communications will not prevent the Company from sending non-promotional communications relating to transactions, Accounts, security, billing, legal notices, support, or active Services.
21. INTERNATIONAL DATA TRANSFERS
The Company is organized in the United States and may provide Services to Clients and users located in multiple countries.
Personal Data may be transferred to, accessed from, stored in, or processed in the United States and other jurisdictions where the Company, its contractors, or its service providers operate.
The privacy and data protection laws of those jurisdictions may differ from the laws of the jurisdiction in which the information was originally collected.
Where required by applicable law, the Company may rely on recognized transfer mechanisms or safeguards, including:
- adequacy decisions;
- standard contractual clauses;
- approved contractual provisions;
- data processing agreements;
- certification frameworks;
- binding corporate rules used by relevant providers;
- explicit consent where legally permitted;
- transfers necessary for performance of a contract;
- transfers necessary for legal claims;
- other statutory derogations; or
- other safeguards recognized under applicable law.
The specific transfer mechanism used may depend on the jurisdictions involved, the service provider, the type of information, and the circumstances of the processing.
Where appropriate, the Company may assess transfer risks and implement supplementary contractual, organizational, or technical safeguards.
By requesting Services that require international infrastructure, platforms, contractors, or service providers, you acknowledge that international processing may be necessary to provide those Services, subject to applicable legal requirements.
22. DATA RETENTION
The Company retains Personal Data only for as long as reasonably necessary for the purposes for which it was collected or otherwise processed, including to:
- provide and administer the Services;
- maintain Accounts and Client relationships;
- complete projects and contractual obligations;
- maintain business, accounting, and transaction records;
- comply with tax, legal, regulatory, and reporting obligations;
- document Client instructions, approvals, and revisions;
- prevent fraud, abuse, and security incidents;
- resolve disputes;
- collect amounts owed;
- enforce agreements;
- establish, exercise, or defend legal claims;
- maintain backups and system integrity; and
- protect the rights, property, safety, and legitimate interests of the Company, Clients, users, and third parties.
The applicable retention period may depend on factors including:
- the nature and sensitivity of the information;
- the purposes for which the information is processed;
- the duration of the Client relationship;
- the duration of an active Account or subscription;
- the type of Service provided;
- contractual requirements;
- legal limitation periods;
- tax and accounting requirements;
- security and fraud-prevention needs;
- pending or reasonably anticipated disputes;
- technical limitations;
- backup schedules;
- instructions received from a Client where the Company acts as a processor; and
- requirements imposed by applicable law.
22.1 Account and Client Records
Account, contractual, billing, payment, communication, and project records may be retained during the Client relationship and for a reasonable period afterward where necessary for accounting, tax, legal compliance, dispute resolution, fraud prevention, enforcement, or other legitimate business purposes.
22.2 Project Content
Project files, Content, prompts, drafts, revisions, instructions, approval records, and related information may be retained for the duration of the relevant project and afterward where reasonably necessary to:
- provide continued Services;
- support future revisions;
- document performance;
- respond to Client requests;
- resolve disputes;
- maintain portfolio or licensing records where lawfully permitted;
- enforce agreements; or
- comply with legal obligations.
22.3 Social Media and Platform Data
Social media credentials, access tokens, platform permissions, analytics, campaign information, and related data may be retained while access is required to provide the Services.
The Company may remove, disable, revoke, or delete such access after the relevant Services end, subject to technical limitations, legal obligations, security requirements, unresolved payment obligations, and the practices of the applicable third-party platform.
22.4 Backups
Personal Data may remain in backup, archival, disaster-recovery, logging, or security systems for a limited period after deletion from active systems.
Backup information may not be immediately accessible or separately removable without disproportionate effort. Such information may remain protected and isolated until it is overwritten, deleted, or otherwise removed in accordance with applicable backup schedules.
22.5 Aggregated and De-Identified Information
The Company may retain aggregated, anonymized, or de-identified information for an extended or indefinite period where that information no longer identifies an individual and is maintained in a form not reasonably intended to be re-identified.
When Personal Data is no longer reasonably required, the Company may delete, anonymize, de-identify, aggregate, archive, or otherwise dispose of it, subject to applicable law and technical limitations.
23. DATA ACCURACY AND MINIMIZATION
The Company seeks to process Personal Data that is reasonably adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
Clients and users are responsible for providing accurate, complete, current, and non-misleading information.
You should notify the Company when information associated with your Account, Services, projects, billing, or communications becomes inaccurate or outdated.
The Company may take reasonable steps to correct, complete, update, restrict, or delete information that it determines is inaccurate, incomplete, outdated, unlawfully held, or no longer necessary.
The Company does not independently verify every item of information submitted by Clients, users, Client representatives, contractors, platforms, analytics providers, or other third parties.
Information derived from social media platforms, advertising platforms, analytics providers, AI Systems, public sources, Client systems, and other third-party services may be incomplete, delayed, estimated, modified, or inaccurate.
Clients should avoid providing Personal Data that is unnecessary for the requested Services.
The Company may request that unnecessary, excessive, unlawful, or highly sensitive information be removed from project files, communications, Accounts, integrations, or other systems.
24. SECURITY MEASURES
The Company uses reasonable administrative, organizational, contractual, physical, and technical measures designed to protect Personal Data against:
- unauthorized access;
- unauthorized use;
- unauthorized disclosure;
- accidental loss;
- alteration;
- destruction;
- fraud;
- misuse;
- service disruption; and
- other unlawful or unauthorized processing.
Depending on the relevant systems, Services, risks, and technical availability, security measures may include:
- access controls;
- role-based permissions;
- password protections;
- multi-factor authentication where available;
- encryption in transit or at rest where appropriate;
- secure hosting configurations;
- firewalls;
- security monitoring;
- logging;
- software updates;
- malware protection;
- backup procedures;
- contractual confidentiality requirements;
- service-provider assessments;
- incident-response procedures;
- credential-management procedures; and
- other safeguards considered reasonable under the circumstances.
Security measures may vary depending on:
- the nature of the information;
- the sensitivity of the information;
- the relevant system or provider;
- technical availability;
- implementation cost;
- the likelihood and severity of potential harm;
- the Services purchased;
- Client-controlled configurations; and
- applicable legal requirements.
No website, network, hosting environment, cloud service, AI System, storage system, authentication process, encryption method, communication channel, or security control can guarantee absolute security.
The Company does not represent or warrant that Personal Data will never be accessed, disclosed, altered, lost, destroyed, intercepted, corrupted, or otherwise affected by unauthorized activity, technical failure, human error, malicious conduct, or events outside the Company's reasonable control.
Clients are responsible for:
- protecting Account credentials;
- using strong and unique passwords;
- enabling available security features;
- limiting access to authorized personnel;
- removing access when personnel no longer require it;
- maintaining secure devices and networks;
- reviewing connected applications and integrations;
- maintaining independent copies of important Content; and
- promptly notifying the Company of suspected unauthorized access.
25. SECURITY INCIDENTS AND DATA BREACHES
In the event of an actual or suspected security incident, cyberattack, breach, compromise, unauthorized access, unlawful disclosure, loss, destruction, alteration, or misuse of information, the Company may take actions it considers reasonably appropriate, including:
- investigating the incident;
- restricting, suspending, or terminating access;
- resetting credentials;
- revoking tokens or permissions;
- isolating affected systems;
- preserving logs and evidence;
- engaging cybersecurity, legal, forensic, hosting, or technical professionals;
- contacting relevant service providers;
- restoring affected systems or information;
- implementing remedial safeguards;
- cooperating with governmental, regulatory, or law-enforcement authorities;
- notifying affected Clients, individuals, processors, controllers, insurers, or authorities where required; and
- taking other measures considered necessary to protect the Company, Clients, users, or third parties.
The timing, form, and content of any notification will depend on:
- the nature and scope of the incident;
- the information affected;
- the likelihood and severity of potential harm;
- the Company's role as controller or processor;
- information reasonably available at the time;
- instructions from affected Clients;
- requests from law-enforcement or regulatory authorities;
- applicable contractual requirements; and
- applicable law.
Where the Company acts as a processor or service provider, it may notify the relevant Client of a qualifying incident in accordance with applicable law and any governing data processing agreement.
The Company may be unable to provide complete information during the early stages of an investigation and may provide information in stages as facts become reasonably available.
Nothing in this section constitutes an admission of fault, liability, negligence, legal responsibility, or the applicability of any particular notification requirement.
The Company does not guarantee that security incidents will never occur.
26. YOUR PRIVACY RIGHTS
Depending on your location, the nature of the processing, the Company's legal role, and applicable law, you may have certain privacy rights concerning your Personal Data.
These rights may include the right to:
- receive information about how Personal Data is processed;
- request access to Personal Data;
- request correction of inaccurate or incomplete Personal Data;
- request deletion of Personal Data;
- request restriction of processing;
- object to certain processing;
- withdraw consent where processing is based on consent;
- request portability of certain Personal Data;
- opt out of certain direct marketing;
- opt out of certain sales, sharing, or targeted advertising where applicable;
- limit certain uses or disclosures of sensitive Personal Data where applicable;
- appeal the denial of a privacy request where applicable;
- request information concerning categories or recipients of disclosures where applicable;
- avoid unlawful discrimination for exercising applicable privacy rights; and
- submit a complaint to a competent privacy or data protection authority.
Privacy rights are not absolute and may be subject to conditions, exceptions, limitations, exemptions, verification requirements, and competing legal obligations.
The Company may decline, limit, or modify a request where permitted by applicable law, including where:
- the Company cannot reasonably verify the requester's identity or authority;
- the information is required to perform a contract;
- retention is required by law;
- retention is necessary for tax, accounting, or financial records;
- the information is necessary to establish, exercise, or defend legal claims;
- the information is necessary to detect or prevent fraud or security incidents;
- the request would adversely affect the rights or freedoms of another person;
- the request is manifestly unfounded, excessive, repetitive, or abusive;
- the requested information is subject to legal privilege or another lawful exemption;
- the Company acts solely as a processor and must refer the request to the relevant Client;
- the information cannot reasonably be linked to the requester;
- the information has been aggregated, anonymized, or de-identified; or
- another exception applies under applicable law.
The availability and scope of a particular right will be determined under the law applicable to the relevant processing and individual.
27. EXERCISING PRIVACY RIGHTS
To exercise an applicable privacy right, you may submit a request using the contact information provided at the end of this Privacy Policy.
Your request should include sufficient information to allow the Company to:
- identify you;
- locate relevant records;
- understand the right being exercised;
- understand the scope of the request; and
- communicate with you regarding the request.
The Company may request reasonable additional information necessary to verify your identity, Account ownership, authority, jurisdiction, or relationship with the Company.
Verification information will be used for the purpose of processing, documenting, and securing the request and may be retained where reasonably necessary to demonstrate compliance.
The Company will not disclose sensitive Account information, credentials, confidential Client information, or Personal Data relating to another person without appropriate verification and legal authority.
27.1 Authorized Representatives
Where permitted by applicable law, an authorized representative may submit a request on your behalf.
The Company may require:
- written evidence of the representative's authority;
- verification of the representative's identity;
- direct confirmation from the individual concerned;
- a valid power of attorney; or
- other information permitted by applicable law.
27.2 Requests Concerning Client-Controlled Data
Where the Company processes Personal Data solely on behalf of a Client, the relevant Client generally controls that information and is responsible for responding to privacy requests.
The Company may refer the requester to the relevant Client or assist the Client in responding where required by law or contract.
27.3 Response Periods
The Company will seek to respond within the period required by applicable law.
Where legally permitted, the response period may be extended due to the complexity, scope, number, verification status, or technical nature of the requests received.
27.4 Fees
The Company generally does not charge a fee for a valid privacy request.
Where permitted by applicable law, the Company may charge a reasonable fee or decline to act on requests that are manifestly unfounded, excessive, repetitive, technically burdensome, or abusive.
27.5 Appeals and Complaints
If applicable law provides a right to appeal a decision concerning a privacy request, instructions for submitting an appeal may be included in the Company's response.
You may also have the right to complain to a competent privacy, consumer protection, or data protection authority.
28. CALIFORNIA AND OTHER UNITED STATES PRIVACY RIGHTS
Residents of California and certain other United States jurisdictions may have additional rights under applicable state privacy laws.
Subject to applicability thresholds, exemptions, verification, and other legal limitations, these rights may include the right to:
- know whether Personal Data is being processed;
- request access to Personal Data;
- request categories of Personal Data collected;
- request categories of sources from which Personal Data was collected;
- request the purposes for collecting, using, selling, or sharing Personal Data;
- request categories of third parties to whom Personal Data was disclosed;
- request correction of inaccurate Personal Data;
- request deletion of Personal Data;
- obtain a portable copy of certain Personal Data;
- opt out of the sale of Personal Data;
- opt out of the sharing of Personal Data for cross-context behavioral advertising;
- opt out of certain targeted advertising;
- opt out of certain profiling producing legal or similarly significant effects;
- limit certain uses or disclosures of sensitive Personal Data;
- appeal certain decisions; and
- receive equal service and pricing without unlawful discrimination for exercising applicable rights.
28.1 Sale and Sharing
The Company does not sell Personal Data for monetary payment in the ordinary meaning of the word "sell."
However, certain state privacy laws define "sale," "sharing," or similar terms broadly enough to potentially include disclosures involving advertising, analytics, cookies, pixels, audience creation, or other online technologies.
Where the Company's activities constitute a sale, sharing, targeted advertising, or equivalent regulated activity under applicable law, eligible individuals may exercise applicable opt-out rights.
28.2 Sensitive Personal Data
The Company does not intentionally use sensitive Personal Data to infer characteristics about individuals except where permitted by applicable law and reasonably necessary to provide requested Services, maintain security, comply with law, or perform another disclosed purpose.
28.3 Financial Incentives
The Company does not ordinarily offer financial incentives in exchange for Personal Data.
If the Company introduces a program that qualifies as a financial incentive or price or service difference under applicable law, it may provide a separate notice describing the material terms of that program.
28.4 Global Privacy Control
Where required by applicable law and technically applicable, the Company may treat a recognized Global Privacy Control or similar browser-based signal as a request to opt out of qualifying sales, sharing, or targeted advertising for the browser or device from which the signal is received.
Because such signals may not identify an Account holder, their effect may be limited to the relevant browser, device, or online interaction.
28.5 Applicability
Nothing in this section represents that every state privacy law applies to the Company, every Service, every Client, or every processing activity.
The Company may rely on all exemptions, exceptions, and limitations available under applicable law.
29. CHILDREN'S PRIVACY
The Services are intended for businesses, professionals, organizations, and individuals capable of entering into legally binding agreements.
The Services are not directed to children under thirteen years of age, and the Company does not knowingly collect Personal Data online directly from children under thirteen without legally required authorization.
The Company does not knowingly permit children under thirteen to create Accounts, purchase Services, or independently enter into agreements with the Company.
If the Company learns that it has collected Personal Data online directly from a child under thirteen in circumstances requiring parental consent and valid consent was not obtained, the Company may take reasonable steps to delete or otherwise address that information.
A parent or legal guardian who believes a child has provided Personal Data directly to the Company may contact the Company using the information provided at the end of this Privacy Policy.
29.1 Client-Provided Information Concerning Children
Clients may operate businesses, websites, social media accounts, campaigns, or services involving children or families.
Where a Client provides, instructs, or authorizes the Company to process Personal Data concerning a child, the Client represents and warrants that:
- the processing is lawful;
- the Client has provided all required notices;
- the Client has obtained all required parental or guardian consents;
- the information is necessary for the requested Services;
- the Client has complied with applicable age-verification requirements;
- the Client has complied with applicable platform requirements; and
- the Client is authorized to instruct the Company to process the information.
The Company may refuse, restrict, suspend, or terminate Services involving children's Personal Data where it reasonably believes the processing may be unlawful, unsafe, excessive, outside the agreed scope, or inconsistent with applicable platform requirements.
This section does not limit any higher age threshold or additional protection required under applicable law.
30. BUSINESS TRANSFERS AND CORPORATE TRANSACTIONS
The Company may disclose, transfer, assign, or otherwise make Personal Data available in connection with an actual or proposed:
- merger;
- acquisition;
- sale of assets;
- sale of equity or membership interests;
- financing;
- investment;
- reorganization;
- joint venture;
- change of control;
- business combination;
- outsourcing arrangement;
- transfer of a product, platform, website, or service;
- insolvency proceeding;
- bankruptcy proceeding;
- receivership;
- liquidation; or
- similar corporate or commercial transaction.
Personal Data may be disclosed to parties including:
- prospective or actual purchasers;
- investors;
- lenders;
- business partners;
- successors;
- affiliates;
- legal advisers;
- financial advisers;
- accountants;
- insurers;
- auditors;
- consultants; and
- other participants in the transaction.
Where reasonably appropriate, such disclosures may be subject to confidentiality obligations or other safeguards.
A successor or acquiring entity may continue processing Personal Data in accordance with this Privacy Policy, a replacement privacy policy, applicable contractual obligations, and applicable law.
The Company may also transfer contracts, Accounts, subscriptions, project records, Client communications, Content, and related information as part of such a transaction.
31. LEGAL DISCLOSURES AND PROTECTION OF RIGHTS
The Company may access, preserve, use, or disclose Personal Data where it reasonably believes such action is necessary or appropriate to:
- comply with applicable law;
- comply with legal process;
- respond to a subpoena, warrant, court order, or governmental request;
- respond to a regulatory inquiry;
- cooperate with law-enforcement authorities;
- comply with tax, accounting, financial, or reporting requirements;
- investigate suspected fraud, abuse, misconduct, or illegal activity;
- detect, investigate, prevent, or respond to security incidents;
- enforce agreements, policies, and payment obligations;
- protect the Company's legal rights and legitimate interests;
- protect the rights, property, safety, or security of Clients, users, employees, contractors, service providers, or third parties;
- prevent physical, financial, reputational, or technical harm;
- establish, exercise, or defend legal claims;
- obtain professional legal, accounting, insurance, cybersecurity, or financial advice; or
- respond to an emergency involving potential danger to a person or property.
The Company may challenge, narrow, reject, or seek clarification of a request where it considers the request invalid, excessive, unlawful, overbroad, technically defective, or inconsistent with applicable rights.
The Company may be prohibited from notifying an affected individual or Client about certain requests, investigations, disclosures, preservation obligations, or legal processes.
Nothing in this Privacy Policy requires the Company to disclose privileged information, confidential legal advice, trade secrets, security-sensitive information, information relating to another person, or information protected from disclosure by applicable law.
32. THIRD-PARTY WEBSITES, SERVICES, AND LINKS
The Services may contain links to, display Content from, integrate with, or otherwise provide access to websites, applications, platforms, products, services, advertisements, tools, plugins, widgets, or resources operated by third parties.
Third-party services may include:
- social media platforms;
- payment processors;
- advertising platforms;
- analytics providers;
- website hosting providers;
- domain registrars;
- content-management systems;
- communication platforms;
- AI providers;
- cloud storage providers;
- project-management systems;
- customer relationship management systems;
- email marketing platforms;
- embedded media providers;
- mapping services;
- review platforms;
- marketplaces;
- affiliate websites; and
- other independent third-party services.
The Company does not control the privacy, security, accessibility, availability, accuracy, data collection, data retention, advertising, tracking, or other practices of independent third parties.
When you access or interact with a third-party service, that third party may independently collect or process Personal Data in accordance with its own:
- privacy policy;
- cookie policy;
- terms of service;
- data processing terms;
- security practices;
- platform settings; and
- other applicable policies.
The inclusion of a link, integration, embedded feature, or reference to a third-party service does not constitute an endorsement, warranty, representation, sponsorship, partnership, or guarantee by the Company.
You should review the privacy and security practices of each third-party service before providing Personal Data or authorizing access.
The Company is not responsible for Personal Data submitted directly to, collected by, or independently processed by a third party outside the Company's reasonable control.
33. DO NOT TRACK AND PRIVACY SIGNALS
Some browsers, devices, and software applications allow users to transmit "Do Not Track," Global Privacy Control, opt-out preference, or similar signals.
There is not necessarily a uniform industry standard governing how every website, platform, or service must interpret all such signals.
The Company's response to a particular signal may depend on:
- the type of signal received;
- the browser or device used;
- the jurisdiction associated with the user;
- the processing activity involved;
- technical feasibility;
- the configuration of relevant third-party services; and
- applicable legal requirements.
Where required by applicable law and technically applicable, the Company may recognize qualifying browser-based opt-out preference signals as requests to opt out of certain sales, sharing, targeted advertising, or similar regulated processing.
A privacy signal may apply only to the browser, device, or online interaction from which it is received unless the signal can reasonably be connected to an authenticated Account.
Blocking cookies, clearing browser storage, changing devices, using a different browser, or signing out of an Account may affect the continued operation of a previously submitted preference.
Third-party services integrated with the Services may respond differently to browser-based privacy signals in accordance with their own practices and legal obligations.
34. EMAIL, TEXT, AND MARKETING COMMUNICATIONS
The Company may send communications relating to:
- Account registration;
- Account verification;
- security alerts;
- password resets;
- transactions;
- payments;
- invoices;
- subscriptions;
- project activity;
- Content approvals;
- revision requests;
- support requests;
- service updates;
- legal notices;
- policy updates;
- new or related Services;
- promotions;
- surveys;
- newsletters; and
- other business or marketing purposes.
34.1 Transactional and Service Communications
The Company may send transactional, administrative, security, billing, legal, or service-related communications where reasonably necessary to operate the Services or maintain the Client relationship.
You may not be able to opt out of essential non-promotional communications while maintaining an active Account, subscription, project, or contractual relationship with the Company.
34.2 Promotional Communications
The Company may send promotional communications where permitted by applicable law, including where:
- you requested information;
- you provided consent;
- you subscribed to a mailing list;
- you are an existing Client and the communication concerns related Services; or
- another lawful basis permits the communication.
You may unsubscribe from promotional email communications by using the unsubscribe link included in the relevant message or by contacting the Company.
The Company may retain limited suppression-list information after an unsubscribe request to help ensure that the relevant address is not unintentionally added back to the same promotional mailing list.
34.3 Communication Tracking
Where permitted by applicable law, communications may contain technologies that allow the Company or its service providers to determine whether a message was:
- delivered;
- opened;
- viewed;
- clicked;
- forwarded;
- returned as undeliverable; or
- otherwise interacted with.
This information may be used to administer communications, maintain mailing lists, understand engagement, improve messaging, detect abuse, and measure campaign performance.
34.4 Text Messages
If the Company offers text-message communications, such messages will be sent in accordance with applicable law and the consent or authorization provided.
Message and data rates may apply according to the recipient's mobile service provider.
Instructions for opting out of promotional text messages may be provided within the relevant communication.
35. PUBLIC CONTENT, TESTIMONIALS, AND SOCIAL INTERACTIONS
Information submitted to publicly accessible areas may be visible to other users, search engines, social media platforms, platform operators, website visitors, and the general public.
Publicly accessible information may include:
- reviews;
- testimonials;
- social media comments;
- public posts;
- profile information;
- business names;
- usernames;
- uploaded media;
- portfolio Content;
- case-study information;
- community discussions; and
- other information intentionally made public.
You should not submit confidential, sensitive, proprietary, or unnecessary Personal Data through publicly accessible features.
Information made public may be:
- copied;
- downloaded;
- shared;
- indexed;
- reposted;
- archived;
- modified;
- distributed; or
- otherwise used by third parties outside the Company's control.
Removal of information from the Company's active systems may not remove copies retained by search engines, social media platforms, archival services, recipients, or other third parties.
The Company may publish a Client's name, logo, testimonial, review, project description, or completed work only where authorized by the Client, permitted by an applicable agreement, made publicly available by the Client, or otherwise permitted by applicable law.
Where consent is the legal basis for publication, the Client may withdraw consent for future use, subject to information already lawfully published, printed, distributed, archived, or incorporated into existing materials.
36. CHANGES TO THIS PRIVACY POLICY
The Company may modify, update, supplement, replace, or otherwise revise this Privacy Policy from time to time.
Changes may be made to reflect:
- new or modified Services;
- changes to business operations;
- changes to processing practices;
- changes to service providers;
- changes to technologies;
- changes to AI Systems;
- changes to cookies or analytics;
- changes to security practices;
- changes to legal or regulatory requirements;
- changes to industry standards;
- changes to corporate structure; or
- other operational, commercial, technical, or legal developments.
The updated Privacy Policy will be identified by a revised "Last Updated" date.
Unless a later effective date is expressly stated, an updated Privacy Policy becomes effective when it is posted or otherwise made available through the Services.
Where required by applicable law, the Company may provide additional notice of material changes through:
- the website;
- the client portal;
- email;
- an Account notification;
- a cookie consent interface;
- a service announcement; or
- another reasonable communication method.
Where required by applicable law, the Company may request consent before applying a material change to processing that depends on consent.
Continued use of the Services after an updated Privacy Policy becomes effective constitutes acknowledgment of the updated Privacy Policy but does not replace consent where consent is specifically required by applicable law.
You are encouraged to review this Privacy Policy periodically.
37. JURISDICTION-SPECIFIC NOTICES
Privacy and data protection rights may vary depending on the jurisdiction in which an individual resides or in which processing occurs.
The Company may provide supplemental privacy notices, disclosures, consent mechanisms, request forms, contractual provisions, or other information where required for a particular:
- country;
- state;
- province;
- territory;
- Service;
- Client relationship;
- processing activity; or
- category of Personal Data.
A jurisdiction-specific notice may supplement this Privacy Policy and will apply only to the individuals, Services, or processing activities described in that notice.
If a jurisdiction-specific notice conflicts with this Privacy Policy, the jurisdiction-specific notice will control to the extent of the conflict and only where legally applicable.
Nothing in this Privacy Policy constitutes a representation that every privacy or data protection law applies to the Company, every Service, every Client, every user, or every processing activity.
The Company reserves the right to rely on all available:
- threshold requirements;
- small-business exemptions;
- entity-level exemptions;
- data-level exemptions;
- employment-related exemptions;
- business-to-business exemptions;
- processor or service-provider exemptions;
- legal exceptions;
- contractual exceptions; and
- other limitations available under applicable law.
38. COMPLAINTS AND SUPERVISORY AUTHORITIES
If you have a concern regarding the Company's processing of Personal Data, you are encouraged to contact the Company first so that the concern may be reviewed and, where appropriate, addressed.
When submitting a complaint, please provide sufficient information to allow the Company to understand:
- your identity and relationship with the Company;
- the processing activity concerned;
- the Personal Data involved;
- the relevant Account, project, or Service;
- the nature of your concern;
- the outcome you are requesting; and
- any supporting information reasonably relevant to the complaint.
The Company may request additional information where reasonably necessary to verify identity, investigate the complaint, locate relevant records, prevent fraud, or protect the rights of another person.
Depending on your location and applicable law, you may have the right to submit a complaint to a competent privacy, consumer protection, or data protection authority.
Individuals located in the European Economic Area may generally contact the data protection authority in the country of their habitual residence, place of work, or place of the alleged infringement.
Individuals located in the United Kingdom may have the right to complain to the United Kingdom Information Commissioner's Office.
Submitting a complaint to the Company does not limit any right to contact an applicable authority where such a right exists.
The Company will not unlawfully discriminate or retaliate against an individual solely for submitting a good-faith privacy complaint or exercising an applicable privacy right.
39. INTERPRETATION AND RELATIONSHIP TO OTHER AGREEMENTS
This Privacy Policy describes the Company's general processing practices and should be read together with any applicable:
- Terms of Service;
- service agreement;
- order form;
- proposal;
- statement of work;
- subscription agreement;
- data processing agreement;
- cookie notice;
- consent notice;
- platform-specific notice;
- jurisdiction-specific privacy notice; and
- other agreement or notice governing the Services.
This Privacy Policy does not create contractual rights beyond those required by applicable law or expressly provided in a binding written agreement.
Where the Company processes Personal Data on behalf of a Client, the applicable service agreement and data processing agreement may establish additional obligations, restrictions, instructions, or safeguards.
If a binding data processing agreement conflicts with this Privacy Policy regarding processing performed on behalf of a Client, the data processing agreement will control to the extent of the conflict.
If a jurisdiction-specific privacy notice conflicts with this Privacy Policy, the jurisdiction-specific notice will control to the extent required by applicable law.
Headings are included for convenience and do not limit or otherwise affect the interpretation of this Privacy Policy.
Words such as "including," "includes," and "such as" are illustrative and do not limit the scope of the preceding language.
References to laws, regulations, frameworks, platforms, technologies, or standards include amendments, replacements, successor provisions, and substantially equivalent requirements where applicable.
If any provision of this Privacy Policy is determined to be invalid, unlawful, or unenforceable, the remaining provisions will continue to apply to the fullest extent permitted by law.
Nothing in this Privacy Policy limits any non-waivable privacy or data protection right available under applicable law.
40. CONTACT INFORMATION
Questions, requests, complaints, or concerns regarding this Privacy Policy or the Company's processing of Personal Data may be submitted to:
Navon Social LLC
Wyoming, United States
Privacy Email: [email protected]
Website: https://navonsocial.com/
Please include sufficient information to allow the Company to identify the relevant Account, Client relationship, project, communication, or processing activity.
Do not send passwords, complete payment card information, government identification documents, medical information, or other highly sensitive information through unsecured email unless specifically requested and an appropriate secure transmission method has been provided.
The Company may require identity or authority verification before responding to a request involving Personal Data.
Communications sent to an address, account, or channel not designated for privacy requests may result in delayed processing.