UPSKAYL PRIVACY POLICY

---

1. INTRODUCTION

Upskayl, operated by Fortune and Fortress Fast Grow Global FZ-LLC ("we," "us," "our," or "Upskayl"), is committed to protecting the privacy and security of personal information collected through our digital services. This Privacy Policy explains how we collect, use, store, and protect personal data when you use our services or interact with our systems.

Our Services Include:

• Website Design & Development
• AI Messaging Agents
• AI Voice Call Agents
• CRM Setup & Workflow Automation (GoHighLevel)
• Related digital growth and automation solutions

By engaging with our services, you acknowledge that you have read, understood, and agree to this Privacy Policy.

2. INFORMATION WE COLLECT

2.1 Website Services

• Visitor Data: Browsing behavior (pages visited, time spent) and lead information submitted through contact forms
• Analytics: We do not install or operate analytics tools such as Google Analytics or Facebook Pixel by default unless explicitly requested and configured by the client
• Cookies: We do not implement cookies, tracking pixels, or similar technologies unless required by specific project scope and agreed in writing

2.2 AI Messaging & Voice Agents

• Personal Information: Names, email addresses, phone numbers, conversation content, and declared interests
• Conversation Logs: Complete interaction records for quality assurance and service improvement
• Voice Data: Real-time audio processing for understanding and response generation (recordings stored only if explicitly enabled and agreed)

2.3 CRM & Workflow Automation

• Contact Information: Names, email addresses, phone numbers, lead sources, and interaction history
• Behavioral Data: Email opens, link clicks, website interactions, and sales pipeline stage data
• Client Database Access: Administrative access to client customer databases during active projects for setup and optimization

2.4 Marketing & Communications

• Email Addresses: Collected with consent for service updates, offers, and newsletters
• Testimonials: Client names, logos, or testimonials used only with written consent

3. HOW WE USE YOUR INFORMATION

We use collected information for the following purposes:

3.1 Service Delivery

• Providing contracted digital services (website development, AI agents, CRM setup)
• Customizing AI conversation flows and automation workflows
• Generating leads and qualifying prospects for our clients
• Maintaining and optimizing implemented systems

3.2 Quality Assurance & Improvement

• Analyzing conversation logs to improve AI agent performance
• Troubleshooting technical issues
• Enhancing service quality and user experience

3.3 Communication & Support

• Responding to inquiries and providing customer support
• Sending service updates and important notifications
• Marketing communications (with consent)

3.4 Legal & Business Operations

• Complying with applicable laws and regulations
• Protecting against fraud and unauthorized access
• Enforcing our terms of service

4. DATA SHARING & THIRD-PARTY SERVICES

4.1 Third-Party Service Providers

We share personal data with trusted service providers strictly for delivering contracted services:

• GoHighLevel CRM: Contact management and automation workflows
• WhatsApp Business API: Messaging services and customer communication
• Twilio & SMS Gateways: Voice and text message delivery
• OpenAI & AI Services: Natural language processing and conversation understanding
• Cloud Hosting Providers: Secure data storage and system hosting

4.2 Data Sharing Principles

• All third-party providers operate under confidentiality agreements
• Data is shared only as necessary for service delivery
• We do not sell personal data to unrelated third parties for marketing purposes
• We do not share data with affiliates or partners outside of contracted services

4.3 Legal Requirements

We may disclose personal information when required by law, court order, or to protect our legal rights and interests.

5. DATA SECURITY & STORAGE

5.1 Security Measures

We implement industry-standard security practices to protect personal data:

• Access Control: Role-based access with authorized team members only
• Authentication: Password protection and two-factor authentication (2FA) enforcement
• Encryption: TLS/SSL encryption for data transmission; at-rest encryption where supported
• System Maintenance: Regular software updates and security monitoring

5.2 Data Storage

• Location: Data is stored on secure third-party platforms and cloud hosting providers
• Infrastructure: Industry-standard security practices with enterprise-grade hosting solutions
• Internal Access: Limited to authorized team members directly involved in service delivery

6. DATA RETENTION

We retain personal data for the following periods:

• AI Conversation Logs: 90 days for quality assurance and improvement
• Voice Call Data: 90 days (only if recording is explicitly enabled and agreed)
• CRM & Marketing Data: Duration of service relationship plus 90 days
• Website Form Submissions: Duration of service relationship plus 90 days
• Legal Retention: Longer periods may apply where required by applicable law

7. YOUR RIGHTS & CHOICES

7.1 Access & Portability

• Request a copy of your personal data in our systems
• Export data in portable formats where technically feasible

7.2 Correction & Deletion

• Request correction of inaccurate personal information
• Request deletion of your personal data (completed within 30 days unless legal retention applies)

7.3 Opt-Out & Unsubscribe

• Opt out of marketing communications via unsubscribe links or direct request
• Withdraw consent for specific data processing activities

7.4 How to Exercise Your Rights

Contact our Privacy Team at privacy@upskayl.com with your request. We will respond within 30 days and may require identity verification.

8. INTERNATIONAL DATA TRANSFERS

We operate internationally and may transfer personal data across borders for service delivery. When transferring data internationally, we ensure appropriate safeguards are in place, including:

• Contractual protections with service providers
• Compliance with applicable cross-border data transfer regulations
• Adequate security measures during transmission and storage

9. COMPLIANCE & REGULATIONS

9.1 Regulatory Compliance

We aim to comply with applicable privacy regulations, including:

• GDPR: For clients and users in the European Union
• CCPA: For California residents
• Equivalent Privacy Laws: In other jurisdictions where we provide services

9.2 Special Considerations

• Minors: We do not knowingly collect or process personal data from individuals under 18
• Regulated Industries: We do not process HIPAA-protected health information or PCI-DSS financial data unless explicitly contracted with additional safeguards

10. DATA BREACH NOTIFICATION

In the event of a data security incident affecting personal information:

• Client Notification: Affected clients will be notified within 72 hours where required by law
• Investigation: Immediate investigation to identify root causes and implement mitigation
• Regulatory Reporting: Compliance with applicable breach notification requirements

11. POLICY UPDATES

This Privacy Policy may be updated periodically to reflect changes in our practices or legal requirements. We will:

• Post the updated policy with a new "Last Updated" date
• Notify clients of material changes via email or service notifications
• Maintain previous versions for reference where required by law

12. CONTACT INFORMATION

Privacy Inquiries

For questions about this Privacy Policy or our data practices:

Data Protection Officer

Our designated privacy contact handles all data protection inquiries and requests.

General Business Contact

13. LEGAL BASIS FOR PROCESSING

We process personal data based on the following legal grounds:

• Contract Performance: Processing necessary for delivering contracted services
• Legitimate Interest: Quality assurance, service improvement, and business operations
• Consent: Marketing communications and optional data processing activities
• Legal Compliance: Meeting regulatory and legal obligations

---