Privacy Policy

1. Introduction

Majestro ("we," "our," or "us") provides business automation software for service professionals. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our website, mobile applications, and services (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our Services.

2. Information We Collect

2.1 Information You Provide Directly

• Account Information: Name, email address, phone number, business name, business address, and password.
• Payment Information: Billing address and payment method details (processed securely through Stripe; we do not store complete credit card numbers).
• Profile Information: Business details, logo, website preferences, and customization settings.
• Customer Data: Contact information and details about your customers that you input into our CRM system.
• Communications: Information you provide when you contact our support team or communicate with us.

2.2 Information We Collect Automatically

• Usage Data: Information about how you use our Services, including features accessed, pages viewed, and actions taken.
• Device Information: IP address, browser type, operating system, device identifiers, and mobile network information.
• Log Data: Server logs, error reports, and system activity.
• Cookies and Similar Technologies: We use cookies, web beacons, and similar technologies to collect information about your browsing activities.
• Analytics Data: We use analytics services to understand how our Services are used.

2.3 Information from Third Parties

• Google Services: When you connect your Google account for review management, we receive information necessary to provide those services.
• Payment Processors: Payment confirmation and transaction details from Stripe.
• Integration Partners: Information from services you choose to integrate with Majestro.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision

• Create and manage your account
• Build and host your professional website
• Provide CRM functionality to manage your customer relationships
• Send automated emails and SMS messages on your behalf to your customers
• Collect and manage customer reviews
• Process payments and maintain billing records
• Provide customer support and respond to inquiries
• Provide access to our mobile applications

3.2 Service Improvement and Development

• Analyze usage patterns to improve our Services
• Develop new features and functionality
• Conduct research and analytics
• Test and monitor service performance

3.3 Communications

• Send service-related notifications and updates
• Respond to your comments and questions
• Send marketing communications (with your consent, which you can withdraw at any time)
• Send administrative messages, security alerts, and account updates

3.4 Legal and Security

• Comply with legal obligations and law enforcement requests
• Protect against fraud, abuse, and security threats
• Enforce our Terms of Service
• Protect our rights, property, and safety, and that of our users

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

• Payment Processing: Stripe processes payments securely.
• Email and SMS Delivery: Third-party providers deliver communications you send to your customers.
• Cloud Hosting: Your data is stored on secure cloud infrastructure.
• Analytics: Analytics providers help us understand service usage.
• Customer Support: Help desk and support ticket management systems.

These service providers are obligated to protect your information and may only use it to provide services to us.

4.2 Business Transfers

If we are involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

4.3 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests, including:

• Subpoenas, court orders, or legal processes
• Law enforcement or government agency requests
• To establish or exercise our legal rights or defend against legal claims
• To investigate, prevent, or take action regarding suspected illegal activities

4.4 With Your Consent

We may share your information with third parties when you give us explicit consent to do so.

4.5 Aggregated or De-Identified Information

We may share aggregated or de-identified information that cannot reasonably be used to identify you.

5. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Active Accounts: We retain your data while your account is active.
• Canceled Accounts: After you cancel your account, we retain certain information for up to 90 days to allow for account recovery, then delete or anonymize it unless we are required to retain it longer for legal, tax, or regulatory purposes.
• Financial Records: Payment and billing records are retained for 7 years to comply with tax and accounting regulations.
• Customer Data: When you delete customer data from your CRM, it is permanently deleted within 30 days.
• Backup Copies: Residual copies may remain in our backup systems for up to 90 days.

6. Your Rights and Choices

You have certain rights regarding your personal information:

6.1 Access and Portability

You can access and review most of your information by logging into your account. You can request a copy of your data in a portable format by contacting privacy@majestro.com.

6.2 Correction

You can update or correct your account information through your account settings. If you need assistance, contact hello@majestro.com.

6.3 Deletion

You can delete your account at any time through your account settings or by contacting us. Upon deletion, we will remove your personal information from our active systems within 90 days, subject to our data retention policy and legal obligations.

6.4 Marketing Communications

You can opt out of marketing emails by clicking the "unsubscribe" link in any marketing email or by updating your email preferences in your account settings. You will continue to receive transactional and service-related emails.

6.5 Cookies

Most web browsers allow you to control cookies through their settings. Note that disabling cookies may affect the functionality of our Services.

7. Data Security

We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption: Data in transit is encrypted using TLS/SSL. Sensitive data at rest is encrypted.
• Access Controls: Strict access controls limit who can access your information.
• Security Monitoring: We monitor our systems for suspicious activity and security threats.
• Regular Testing: We conduct regular security assessments and vulnerability testing.
• Employee Training: Our team members are trained on data protection and security best practices.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7.1 Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and any applicable regulatory authorities as required by law, typically within 72 hours of discovering the breach.

8. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@majestro.com, and we will delete such information.

To use our Services, you must be at least 18 years old and capable of entering into a legally binding agreement.

9. International Data Transfers

Our Services are provided from the United States. If you access our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.

These countries may have data protection laws that differ from those in your country. By using our Services, you consent to the transfer of your information to the United States and other countries as described in this Privacy Policy.

For European Economic Area (EEA) residents: We ensure appropriate safeguards are in place for international data transfers, including Standard Contractual Clauses approved by the European Commission.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

10.1 Right to Know

You have the right to request that we disclose:

• Categories of personal information we collected
• Categories of sources from which we collected personal information
• Business or commercial purpose for collecting or selling personal information
• Categories of third parties with whom we share personal information
• Specific pieces of personal information we collected about you

10.2 Right to Delete

You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, fraud prevention).

10.3 Right to Opt-Out of Sale

We do not sell your personal information as defined by the CCPA.

10.4 Right to Non-Discrimination

You have the right to not receive discriminatory treatment for exercising your CCPA rights.

10.5 How to Exercise Your Rights

To exercise these rights, email us at privacy@majestro.com or call (555) 123-4567. We will verify your identity before processing your request and respond within 45 days.

10.6 Authorized Agents

You may designate an authorized agent to make requests on your behalf. We will require verification of the agent's authority.

11. Data Processing Addendum

Important: Your Role as Data Controller

When you use our CRM and communication features to manage your customers, you act as the Data Controller and Majestro acts as the Data Processor. This means:

• You are responsible for obtaining necessary consents from your customers before storing their data in our system.
• You are responsible for complying with applicable data protection laws (including GDPR, CCPA) regarding your customers' data.
• You are responsible for responding to data subject requests (access, deletion, correction) from your customers.
• Majestro processes your customers' data only on your instructions and as necessary to provide our Services.
• Majestro maintains appropriate security measures to protect your customers' data.

By using our Services, you warrant that you have all necessary rights and consents to store and process your customers' data through our platform. You agree to indemnify Majestro against any claims arising from your failure to obtain necessary consents or comply with applicable data protection laws.

12. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to third-party websites or services. We encourage you to review the privacy policies of any third-party services before providing them with your information.

We are not responsible for the privacy practices or content of third-party websites or services.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email if the changes are material
• Post the updated policy on our website

We encourage you to review this Privacy Policy periodically. Your continued use of our Services after changes are posted constitutes your acceptance of the revised policy.

For material changes that affect your rights, we will provide at least 30 days' notice and obtain your consent if required by law.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

We will respond to your inquiry within 30 days. For California residents exercising CCPA rights, we will respond within 45 days.

15. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities and enhance your experience.

15.1 Types of Cookies We Use

• Essential Cookies: Required for the Services to function properly (authentication, security, session management).
• Performance Cookies: Help us understand how you use our Services and improve performance.
• Functional Cookies: Remember your preferences and settings.
• Analytics Cookies: Help us analyze usage patterns and measure the effectiveness of our Services.

15.2 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Note that if you disable essential cookies, some features of our Services may not function properly.