BuildWidth - Wide Open to What's Next
Logo

BuildWidth
BuildWidth — Privacy Policy
Privacy

Privacy Policy

Effective date: 30 May 2025  •  Who we are: BuildWidth (the “Company”, “we”, “our”, or “us”).

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you interact with our websites, funnels, apps, checkout pages, forms, calendars, messaging (email/SMS), and any services we operate (collectively, the “Services”).

If you do not agree with this policy, please do not use the Services. Where required by law, we will ask for your consent before collecting or processing your information.

On this page

  1. Scope & Roles
  2. Information We Collect
  3. How We Use Information
  4. Sharing & Disclosure
  5. International Data Transfers
  6. Data Retention
  7. Security
  8. Cookies & Tracking
  9. Communications (Email/SMS)
  10. Your Rights & Choices
  11. Children’s Privacy
  12. Third‑Party Links & Integrations
  13. Changes to This Policy
  14. Contact Us
  15. Jurisdiction‑Specific Notices
  16. Key Integrations & Processors

1) Scope & Roles

Controller: For most activities, BuildWidth is the data controller—we decide how and why your personal information is processed.

Processor: For certain client projects, we may act as a data processor handling information on behalf of a client (the “Client Controller”). In those cases, our processing is governed by a contract with that client. If you are an end‑user of a client, please direct any privacy requests to the client.

This Policy applies to information we collect:

  • On our own websites, landing pages, and GHL‑hosted pages;
  • Through forms, surveys, calendars, chats, and support channels;
  • Via email, SMS/MMS, push, in‑app messages, and social media;
  • From analytics, advertising pixels, and integrations used to deliver our Services.

2) Information We Collect

A. Information you provide

  • Contact details (name, email, phone), company and role
  • Account and authentication data (usernames, hashed passwords)
  • Content you submit (messages, files, feedback, support tickets)
  • Billing details (billing name, address; limited payment data via our payment processors)

B. Information collected automatically

  • Device and usage data (IP address, browser type/version, OS, language)
  • Activity logs (page views, clicks, features used, timestamps, referral URLs)
  • Approximate location (derived from IP)
  • Cookies and similar technologies (pixels, tags, SDKs). See Cookies & Tracking below.

C. Information from third parties

  • Service providers (payment, email/SMS, CRM, analytics, ads)
  • Social media and single sign‑on (if you connect an account)
  • Public, commercial, or affiliate sources

Sensitive data: We do not intentionally collect sensitive personal information (e.g., government IDs, health data) unless required for a specific purpose you consent to. Please do not submit such data unless we ask for it and provide a lawful basis.

3) How We Use Information

We process personal information to:

  • Provide, secure, and maintain the Services
  • Create and manage accounts, authenticate users
  • Respond to inquiries, provide customer support
  • Send transactional communications (e.g., receipts, updates)
  • Improve and develop features, conduct analytics and research
  • Personalize content, measure and optimize marketing campaigns
  • Detect, prevent, and investigate fraud, abuse, or security incidents
  • Comply with legal obligations and enforce our terms

Legal bases (EEA/UK): consent, contract performance, legitimate interests (e.g., product improvement, security), legal obligation, and—when applicable—vital interests.

4) Sharing & Disclosure

We share personal information with:

  • Service providers / processors that support our operations (e.g., hosting, CRM/marketing platforms such as Go High Level; email/SMS delivery; analytics like GA4; automation tools; payments like Stripe; cloud storage; customer support). They may only process data under our instructions and must protect it.
  • Business partners and integration partners when you connect or use their features.
  • Clients when we act as their processor, or if your interaction relates to their project.
  • Professional advisers (legal, audit, accounting) under confidentiality.
  • Authorities where required by law or to protect rights, safety, and security.
  • Corporate transactions (merger, acquisition, financing, sale) subject to safeguards.

We do not sell personal information for money. Some of our advertising or analytics uses may be considered “sharing” or “targeted advertising” under certain laws (see Your Rights below for opt‑out choices).

5) International Data Transfers

We may transfer, store, and process information in countries other than where it was collected (e.g., the U.S., EU, UK, PH). When transferring data internationally, we use appropriate safeguards—such as Standard Contractual Clauses (SCCs), the UK Addendum/IDTA, and/or other legal mechanisms—to help protect your information.

6) Data Retention

We keep personal information only as long as necessary to fulfill the purposes described in this Policy, including to meet legal, tax, or accounting requirements. Typical retention periods:

  • Account, project, and support records: while active and up to 24 months after inactivity
  • Marketing and analytics logs: 12–24 months
  • Contract and billing records: up to 7 years (or as required by law)

We may anonymize or aggregate data for analytics or product improvement and retain it without time limit.

7) Security

We employ administrative, technical, and physical safeguards designed to protect personal information (access controls, encryption in transit, least‑privilege, monitoring). No system is 100% secure; please use unique, strong passwords and notify us immediately of any suspected compromise.

8) Cookies & Tracking Technologies

We use first‑party and third‑party cookies, pixels, and similar technologies to:

  • Keep you signed in and remember preferences
  • Measure site performance and diagnose issues
  • Understand campaign performance and audience interest
  • Deliver and measure advertising, including retargeting

You can manage cookies through your browser settings and opt‑out of certain third‑party tracking (e.g., Google’s tools or industry opt‑out pages). Disabling cookies may affect some features. Where required, we present a consent banner with choices.

9) Communications: Email & SMS (A2P 10DLC)

  • By providing your email or phone number and opting in, you agree to receive communications related to our Services (e.g., reminders, updates, promos).
  • SMS terms: Message frequency varies. Message & data rates may apply. Reply STOP to opt‑out; HELP for help. We may use approved A2P 10DLC routes for U.S. messaging.
  • Transactional messages (e.g., receipts, account notices) may still be sent where permitted by law.

You can unsubscribe from marketing emails via the link in each email or by contacting us.

10) Your Rights & Choices

Your privacy rights depend on your location. Subject to legal limits, you may have rights to:

EEA/UK (GDPR): access, rectify, erase, restrict, portability, object to processing (including direct marketing), and not be subject to solely automated decisions with legal or similarly significant effects. You may withdraw consent at any time.

California (CCPA/CPRA): know/access specific pieces and categories, correct, delete, opt‑out of sale/sharing and targeted advertising, limit use of sensitive information, and non‑discrimination for exercising rights. You may use an authorized agent to submit requests.

Philippines (Data Privacy Act of 2012): be informed, object, access, correct, erase/block, data portability, damages, and file a complaint with the National Privacy Commission (NPC).

How to exercise your rights
Submit a request using the contact methods below. We may need to verify your identity (and, if applicable, authority of an agent). For client‑controlled data, we will direct you to the applicable client.

Opt‑out of targeted ads/“sharing”
Use our Do Not Sell or Share My Personal Information link (where provided) or contact us to apply your preferences. You can also manage ad settings with individual platforms and use browser‑level tools.

11) Children’s Privacy

Our Services are not directed to children under 13 (or other age as defined by local law). We do not knowingly collect personal information from children. If you believe a child provided information, contact us and we will take appropriate steps to remove it.

12) Third‑Party Links & Integrations

Our Services may link to or integrate with third‑party sites and tools. This Policy does not cover third‑party practices. Review their privacy policies before providing information.

13) Changes to This Policy

We may update this Privacy Policy from time to time. The “Effective date” above indicates the latest version. Material changes will be communicated via the Services or by direct notice where required. Your continued use after the update means you accept the updated Policy.

14) Contact Us

BuildWidth – Privacy
Email: [email protected]
Postal address: (Insert legal entity name and full postal address)
DPO / Privacy Contact (if applicable): (Name, email)

For EEA/UK users, you may lodge a complaint with your local supervisory authority.
For PH users, you may file a complaint with the National Privacy Commission.
For CA residents, if you have questions about your CCPA/CPRA rights, contact us at the email above.

15) Additional Notices (Jurisdiction‑Specific)

California: We do not sell personal information for monetary consideration. We may “share” personal information for cross‑context behavioral advertising as defined by CPRA. Categories we may collect include: identifiers; commercial information; internet/network activity; geolocation (coarse); professional information; inferences. We disclose these categories to service providers and partners for operational purposes.

EEA/UK: Where required, we rely on SCCs or other adequacy mechanisms for data transfers. You may request a copy of relevant transfer safeguards (subject to redactions).

Philippines: We adhere to the Data Privacy Act of 2012 (RA 10173) and NPC issuances. We implement organizational, physical, and technical measures appropriate to the nature of the personal data we process.

16) Key Integrations & Processors (Illustrative)

Update this list to reflect your current stack.

  • Website/CRM/Marketing: Go High Level (GHL) and related plugins
  • Email/SMS delivery: Mailgun, Twilio or similar
  • Analytics & Ads: Google Analytics 4, Google Ads, Meta Pixel, LinkedIn Insight Tag
  • Payments/Invoicing: Stripe, Wise, PayPal (as applicable)
  • Productivity/Storage: Google Workspace, cloud file storage
  • Automation: Zapier, Make (Integromat), n8n

Each provider processes data under its own terms and privacy policy and, where acting as our processor, under a data processing agreement.

This document is provided for informational purposes and does not constitute legal advice. Consider consulting counsel to tailor it to your specific practices and jurisdictions.
BuildWidth — Footer