Privacy Policy

Last Updated: December 19, 2024

1. Introduction

This Privacy Policy describes how Compliant Conversation Exporter ("we," "us," or "our") collects, uses, and protects your information when you use our application (the "Service"). We are committed to protecting your privacy and handling your data in accordance with applicable data protection laws.

2. Information We Collect

2.1 Information You Provide

When you use our Service, we collect the following information:

• Go High Level Account Information: When you authorize our application through OAuth, we receive your location ID, company ID, and access tokens from Go High Level.
• WebDAV Credentials: If you choose to configure automatic exports, you provide WebDAV server URL, username, and password for your external storage provider (such as ComConnect or x360Sync).
• Export Settings: Your preferences for conversation export schedules, conversation types to include, and date ranges.

2.2 Information Collected Automatically

When you use our Service, we automatically collect:

• Conversation Data: We access and retrieve conversation messages from your Go High Level account, including SMS, email, calls, voicemails, and social media messages, solely for the purpose of exporting them to your designated external storage.
• Export Logs: We maintain logs of export operations including timestamps, number of conversations processed, and any errors encountered.
• Usage Data: Basic information about how you use the Service, such as when you log in and trigger exports.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide the Service: To authenticate your account, access your conversations, and export them to your designated external storage.
• Maintain Security: To securely store your access tokens and credentials, and to ensure only authorized users can access your data.
• Improve the Service: To monitor export success rates, identify and fix errors, and improve overall performance.
• Compliance: To help you maintain compliant record retention as required for regulated industries such as financial services, legal, and insurance.

4. How We Store and Protect Your Information

4.1 Data Storage

Your information is stored as follows:

• Database Storage: OAuth tokens, WebDAV credentials, export settings, and export logs are stored in a secure PostgreSQL database hosted on Railway.app infrastructure.
• External Storage: Exported conversation files are stored in your own external WebDAV storage (ComConnect, x360Sync, or other provider you configure). We do not retain copies of exported conversation data.
• Transit Security: All data transmitted between your browser, our servers, Go High Level, and your WebDAV storage is encrypted using industry-standard TLS/SSL protocols.

4.2 Security Measures

We implement the following security measures to protect your information:

• Encrypted database connections with SSL
• Secure credential storage
• OAuth 2.0 authentication for Go High Level integration
• Regular security updates and monitoring
• Access controls limiting data access to authorized processes only

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• With Your Consent: When you explicitly authorize us to share information.
• Service Providers: We use third-party services (Railway.app for hosting, PostgreSQL for database) that have access to your data only to perform services on our behalf and are obligated to protect your information.
• Go High Level: We access your Go High Level data using OAuth tokens you authorize, solely to retrieve conversation data for export.
• Your WebDAV Provider: Exported conversation files are transmitted to your configured WebDAV storage provider (ComConnect, x360Sync, or other).
• Legal Requirements: We may disclose your information if required by law, court order, or government regulation.

6. Data Retention

We retain your information as follows:

• Account Data: We retain your OAuth tokens, settings, and export logs for as long as your account is active.
• Export Logs: We maintain logs of export operations for up to 90 days for troubleshooting and support purposes.
• Exported Conversations: We do not retain copies of your exported conversation data. These files are stored only in your configured external WebDAV storage, which you control.

7. Your Rights and Choices

You have the following rights regarding your information:

• Access: You can view your export settings and logs through the Service dashboard.
• Modification: You can update your WebDAV credentials and export preferences at any time through the Settings page.
• Deletion: You can revoke our access to your Go High Level account at any time through the Go High Level marketplace. This will delete your OAuth tokens and prevent future exports.
• Export: You can request a copy of your account data by contacting us.
• Data Portability: All exported conversation data is stored in standard formats (JSON) in your own external storage.

8. Third-Party Services

Our Service integrates with the following third-party services:

• Go High Level: We use their OAuth API to access your conversation data. Review Go High Level's privacy policy at their website.
• Railway.app: Our hosting provider. Review Railway's privacy policy at railway.app/legal/privacy.
• Your WebDAV Provider: Your exported data is stored with your chosen provider (ComConnect, x360Sync, or other). Review their respective privacy policies.

9. Children's Privacy

Our Service is not intended for use by children under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can delete such information.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. By using our Service, you consent to the transfer of your information to the United States and other countries where our service providers operate.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: help@4fp.co
Website: https://compliant-conversation-exporter-production.up.railway.app

13. Compliance with Regulations

We are committed to complying with applicable data protection regulations, including:

• GDPR: For users in the European Union, we comply with the General Data Protection Regulation.
• CCPA: For users in California, we comply with the California Consumer Privacy Act.
• Industry-Specific Regulations: Our Service is designed to help you maintain compliance with industry-specific regulations such as SEC recordkeeping requirements, FINRA rules, and other regulatory frameworks applicable to financial services, legal, and insurance industries.

← Back to App