Privacy Policy

1. Introduction

This Privacy Policy ("Policy") describes how FunditandScale, LLC, DBA RevStack AI ("RevStack AI," "we," "us," or "our") collects, uses, discloses, and protects information when you visit our website at https://getrevstackai.com (the "Site") or use our software-as-a-service platform and related services (collectively, the "Services"). By accessing or using the Site or Services, you acknowledge that you have read, understood, and agree to be bound by this Policy. If you do not agree, please discontinue use immediately.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you register for an account, subscribe to a plan, or otherwise interact with our Services, including:

• Full name, email address, phone number, and business name
• Billing and payment information (processed securely through our third-party payment processors, Stripe and Fast Pay Direct)
• Account credentials (username and password)
• Business data you upload, import, or input into the platform, including but not limited to lead lists, customer contact information, CRM data, and marketing content
• Communications you send to us (support requests, feedback, and inquiries)

2.2 Information Collected Automatically

When you access the Site or Services, we automatically collect certain technical and usage information, including:

• IP address, browser type, operating system, device identifiers, and referring URLs
• Pages viewed, features used, clickstream data, session duration, and interaction patterns
• Cookies, pixel tags, web beacons, and similar tracking technologies (see Section 6 below)
• Geolocation data inferred from your IP address

2.3 Information from Third-Party Sources

We may receive information about you from third-party integrations and platforms you connect to your RevStack AI account, including Facebook, HubSpot, Twilio, and other integrated services. This information is subject to the privacy policies of those third-party providers in addition to this Policy.

3. Legal Bases for Processing Your Information

We process your personal information based on one or more of the following legal bases:

• Contractual Necessity: Processing is necessary to perform our contract with you (i.e., providing the Services under our Terms of Service).
• Consent: Where you have provided express consent for specific processing activities, including receiving marketing communications and automated outreach via SMS, voice, email, and messaging platforms.
• Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving the Services, preventing fraud, and ensuring platform security, provided such interests are not overridden by your rights and interests.
• Legal Obligation: Processing is necessary to comply with applicable laws, regulations, or legal proceedings.

4. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, operate, maintain, and improve the Services
• To process transactions and send related billing and account notifications
• To authenticate your identity and manage your account
• To communicate with you, including responding to inquiries, sending service updates, and delivering marketing communications (where permitted)
• To personalize your experience and deliver content and features relevant to your interests
• To monitor and analyze usage trends, performance, and effectiveness of the Services
• To detect, investigate, and prevent fraudulent, unauthorized, or illegal activity
• To comply with legal obligations and enforce our Terms of Service
• To send automated communications on your behalf through the Services (SMS, voice, email, and messaging) as directed by you

5. Consent to Communications

BY PROVIDING YOUR CONTACT INFORMATION TO REVSTACK AI, WHETHER THROUGH ACCOUNT REGISTRATION, A FORM SUBMISSION, AN OPT-IN ON OUR SITE, A LANDING PAGE, A THIRD-PARTY INTEGRATION, OR ANY OTHER MEANS, YOU EXPRESSLY CONSENT TO RECEIVE COMMUNICATIONS FROM US AND OUR AUTOMATED SYSTEMS VIA THE FOLLOWING CHANNELS:

• Short Message Service (SMS) and Multimedia Messaging Service (MMS) text messages
• Telephone calls, including calls made using an automatic telephone dialing system (ATDS) or prerecorded/artificial voice technology
• Email communications, including transactional, service-related, and marketing messages
• Ringless voicemail drops
• Messages via social messaging platforms (including but not limited to Facebook Messenger and Instagram Direct)
• Push notifications and in-app messages
• Mobile wallet notifications

5.1 SMS/Text Messaging Program Details

When you opt in to receive SMS/MMS messages from RevStack AI, the following applies:

• Program Name: RevStack AI Notifications
• Message Frequency: Message frequency varies based on your account activity and preferences
• Message and Data Rates: Standard message and data rates may apply depending on your wireless carrier and plan
• Opt-Out: Reply STOP to any message to unsubscribe from SMS/MMS messages. You will receive a single confirmation message after opting out. No further messages will be sent unless you re-opt-in.
• Help: Reply HELP to any message for assistance, or contact Support@GetRevStackAI.com
• Carriers: Carriers are not liable for delayed or undelivered messages
• Consent is not a condition of purchase
• Supported Carriers: Compatible with all major U.S. wireless carriers including AT&T, T-Mobile, Verizon, Sprint, and others

5.2 A2P Messaging Compliance

RevStack AI sends Application-to-Person (A2P) messages in compliance with all applicable carrier requirements, the Cellular Telecommunications Industry Association (CTIA) guidelines, and 10DLC registration standards. The following applies to all SMS and MMS messaging conducted through our platform:

• No Sharing of Opt-In Data: We do not sell, rent, lease, or share your phone number, SMS opt-in status, or consent data with any third parties for their own marketing or promotional purposes.
• Message Content: Messages sent from RevStack AI may include appointment confirmations, service reminders, follow-up communications, review requests, promotional offers, and account notifications related to your use of the Services.
• Opt-In Confirmation: When you provide your phone number and consent to receive text messages, you may receive an initial confirmation message verifying your opt-in. This message will include instructions on how to opt out (reply STOP) and how to get help (reply HELP).
• Record Keeping: We maintain records of all SMS opt-in consents, including the date, time, method of consent, and the specific language presented at the time of opt-in, for a minimum of five (5) years.
• TCPA Compliance: All text messages are sent in compliance with the Telephone Consumer Protection Act (TCPA), 47 U.S.C. § 227, and the rules and orders of the Federal Communications Commission (FCC). We do not send text messages to numbers on the National Do Not Call Registry unless prior express consent has been obtained.
• Quiet Hours: We make commercially reasonable efforts to limit messaging to the hours of 8:00 AM to 9:00 PM in the recipient's local time zone, unless the message is in direct response to a user-initiated inquiry.

5.3 Revocation of Consent

You may revoke your consent to receive communications at any time by: (a) replying "STOP" to any SMS or MMS message; (b) clicking the "unsubscribe" link in any email; (c) contacting us at Support@GetRevStackAI.com; or (d) adjusting your communication preferences in your account settings. Opt-out requests for SMS will be processed promptly and no further messages will be sent unless you re-opt-in. Even after you opt out of marketing communications, we may continue to send you transactional and service-related messages necessary for the administration of your account.

5.4 Third-Party Contact Information

If you provide us with contact information belonging to third parties (for example, lead lists or customer databases uploaded into the platform), you represent and warrant that you have obtained all necessary consents, permissions, and opt-ins from such individuals to receive communications through the channels described above, in full compliance with all applicable laws including the Telephone Consumer Protection Act (TCPA), the CAN-SPAM Act, and any applicable state laws. You accept sole responsibility and liability for any communications initiated using third-party contact information you provide.

6. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

• Service Providers: We share information with third-party vendors who perform services on our behalf, including Stripe and Fast Pay Direct (payment processing), Twilio (SMS and voice communications), Google Analytics (website analytics), Facebook/Meta (advertising pixels and analytics), HubSpot (marketing automation), and Go High Level (platform infrastructure). These providers are contractually obligated to use your information solely for the purposes of providing services to us and are subject to confidentiality obligations.
• Legal Compliance: We may disclose information if required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on the Site of any change in ownership or use of your personal information.
• With Your Consent: We may share information for any other purpose disclosed to you at the time of collection or with your explicit consent.

7. Cookies and Tracking Technologies

We use cookies, pixel tags (including the Facebook Pixel), web beacons, and similar technologies to collect information about your browsing activity, analyze trends, administer the Site, and gather demographic information. You may control the use of cookies through your browser settings; however, disabling cookies may limit your ability to use certain features of the Services.

We use Google Analytics to analyze website traffic. Google's use of data collected through Google Analytics is governed by Google's privacy policy. You may opt out of Google Analytics tracking by installing the Google Analytics Opt-Out Browser Add-on.

8. International Data Transfers

Our Services are hosted and operated in the United States. If you access the Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other jurisdictions where our service providers operate. By using the Services, you consent to the transfer of your information to the United States and other jurisdictions that may not provide the same level of data protection as your home country.

9. Data Retention

• Account Information: Retained for the duration of your account and for up to thirty (30) days following account closure to facilitate reactivation requests, unless earlier deletion is requested.
• Billing and Transaction Records: Retained for a minimum of seven (7) years to comply with applicable tax, accounting, and financial reporting obligations.
• Communication Records and Consent Logs: Retained for a minimum of five (5) years to document compliance with the TCPA, CAN-SPAM Act, and other applicable communication laws.
• Usage and Analytics Data: Retained in anonymized or aggregated form for up to twenty-four (24) months for product improvement and analytics purposes.
• Customer Data: Retained for the duration of your subscription. Upon termination or cancellation, Customer Data will be available for export for thirty (30) days, after which it may be permanently deleted.

10. Data Security

We implement commercially reasonable administrative, technical, and physical safeguards designed to protect your information from unauthorized access, disclosure, alteration, and destruction. These measures include encryption of data in transit (TLS/SSL), encryption of sensitive data at rest, access controls, multi-factor authentication for internal systems, and regular security assessments. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

11. Data Breach Notification

In the event of a security breach that results in the unauthorized access, acquisition, or disclosure of your personal information, we will notify affected individuals and applicable regulatory authorities in accordance with Pennsylvania's Breach of Personal Information Notification Act (73 P.S. § 2303), the California Civil Code § 1798.82, and any other applicable state or federal breach notification laws.

12. Your Rights and Choices

12.1 Account Information

You may update, correct, or delete your account information at any time by logging into your account settings or by contacting us at the email address below.

12.2 Marketing Communications

You may opt out of receiving promotional emails by following the unsubscribe instructions included in each email or by contacting us directly.

12.3 Do Not Track

Our Site does not currently respond to "Do Not Track" (DNT) browser signals. We will update this Policy if we adopt a DNT standard in the future.

13. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"), provides you with additional rights regarding your personal information.

13.1 Your CCPA/CPRA Rights

• Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
• Right to Correct: You have the right to request correction of inaccurate personal information we maintain about you.
• Right to Opt Out of Sale/Sharing: We do not sell your personal information.
• Right to Limit Use of Sensitive Personal Information: You may request that we limit the use and disclosure of your sensitive personal information to purposes necessary for providing the Services.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

To exercise any of these rights, please contact us at Support@GetRevStackAI.com. We will verify your identity before processing your request and will respond within forty-five (45) days.

14. Children's Privacy

The Services are not intended for individuals under the age of eighteen (18). We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take prompt steps to delete such information.

15. Third-Party Links and Integrations

The Services may contain links to or integrations with third-party websites, services, or applications that are not operated or controlled by us. This Policy does not apply to such third-party services, and we are not responsible for their privacy practices.

16. Changes to This Privacy Policy

We reserve the right to modify this Policy at any time. If we make material changes, we will notify you by posting the updated Policy on the Site with a revised "Effective Date" and, where appropriate, by sending you an email notification at least thirty (30) days before the changes take effect.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: