Last Updated AUGUST 20241. Overview
HighLevel Inc. (“HighLevel,” “we,” “us,” and “our”) respects your privacy and is committed to protecting it through compliance with this Privacy Policy (“Privacy Policy”). This Privacy Policy describes how we collect and use your Personal Information when you visit our website at
or otherwise use the Platform as described further in the
Terms of Service
, and that you may provide in electronic messages to HighLevel.
Please read this Privacy Policy to understand our policies and practices regarding your Personal Information and how we will handle it. If you do not agree with our policies and practices, do not use the Platform.
By accessing or using the Platform, you agree and consent to this Privacy Policy.
HighLevel may change this Privacy Policy at any time, at its discretion.
Your continued use of the Platform after we make changes is deemed to be acceptance of and consent to those changes, so please check the Privacy Policy periodically for updates.
This Privacy Policy is subject to and governed by the HighLevel Terms of Service. The Services are part of the Platform and are described further in the Terms of Service.
2. The Types of Information That HighLevel Collects About You and How HighLevel Collects Information About You
HighLevel may collect two types of information from you when you visit the Platform: Personal Information and Non-Personal Information (collectively “Information”).
We collect Information:
3. How HighLevel Uses Personal Information It Collects About You and the Purposes for the Collection and Use
We use Personal Information that we collect about you or that you provide to us for the following purposes:
LEGAL BASIS FOR OUR USE (APPLICABLE ONLY TO EEA AND UNITED KINGDOM VISITORS):
If you are in the European Economic Area or the United Kingdom, our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.
However, we will collect Personal Information from you only where we have your consent to do so, where we need the Personal Information to perform a contract with you, where we have a legal obligation to do so, or where the processing is in our legitimate interests (such as processing for administrative purposes, direct marketing, product development or improvement, preventing fraud or criminal acts and in support of information security) and not overridden by your data protection interests or fundamental rights and freedoms.
If we ask you to provide Personal Information to comply with a legal requirement or to perform a contract with you, we will make this clear at the time of collection. We will also tell you whether the requirement for that information is mandatory and explain any consequences to you if you do not provide the information.
Similarly, if we collect and use your Personal Information based on our legitimate interests (or those of any third party), we will take reasonable steps to provide clear notice and describe our legitimate interests.
HighLevel is the Data Controller of all Personal Information collected through the Platform in the EEA and the United Kingdom, except with respect to the Services (where HighLevel is the Data Processor) or where a supplemental Privacy Policy says otherwise. The contact details for HighLevel are set out in the "
HOW TO CONTACT US
” section.
If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information for any specific processing activity, please contact us using the contact details provided under the “
HOW TO CONTACT US
” Section below.
RETENTION OF YOUR PERSONAL INFORMATION:
We will only retain your Personal Information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements and for other purposes described in this Privacy Policy.
We may retain your Personal Information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for Personal Information, we consider the amount, nature and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
In some circumstances you can ask us to delete your data: see “YOUR LEGAL RIGHTS” below for further information.
And in some circumstances we will anonymize your Personal Information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
4. How HighLevel Protects Your Information
The Platform is designed to provide reasonable and appropriate administrative, technical and organizational security measures to protect your Personal Information against risks such as temporary or permanent loss, destruction, and unauthorized or unlawful access, alteration, use or disclosure.
We require our suppliers and vendors to apply similar protections when they access or use Personal Information that we share with them.
Users of the Platform must also do their part in protecting the data, systems, networks, and service they are utilizing.
No technology, data transmission or system can be guaranteed to be 100% secure.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that your password to any HighLevel account has been compromised), please immediately notify us by contacting us using the instructions in the “
HOW TO CONTACT US
” section below.
5. When HighLevel Shares Your Information
We work through our affiliates to provide the Platform and other HighLevel Services.
We also work with authorized suppliers and business partners.
When we share your Personal Information with these companies, we put in place appropriate measures to limit the use of your information only for legal and authorized purposes that are consistent with this Privacy Policy, as well as appropriate confidentiality and security measures.
We also share information with third parties for advertising and marketing; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of the Platform; and to protect our legal rights.
We may disclose Personal Information that we collect or you provide as described in this Privacy Policy:
We also share non-personally identifiable information, such as anonymized or aggregated information, with suppliers for purposes such as analysis, identifying trends in the areas of our products and to help research and develop new HighLevel Services.
HighLevel does not sell any of your Personal Information for monetary compensation.
6. Information From Children
We do not knowingly collect, use, or disclose Information from children under 16.
If we learn that we have collected the Personal Information of a child under 16—or the equivalent minimum age depending on the jurisdiction, such as 13 in the United States per the Children’s Online Privacy Protection Act—we will take steps to delete the information as soon as possible.
If you are under 16, do not provide any Information about yourself to HighLevel, including your name, address, telephone number or email address. If you become aware that Information of a child under 16 years of age has been provided, please use one of the methods provided under the “
HOW TO CONTACT US
” section below.
7. Links to Other Websites and Services
We are not responsible for the practices employed by websites or services linked to or from the Platform, including the information or content contained therein.
This Privacy Policy does not address, and we are not responsible for, the policies and practices of third parties or other organizations that are not operating on HighLevel’s behalf, including policies and practices related to privacy and security, data collection, processing, use, storage, and disclosure.
This includes: (a) any third party operating any site or service to which the Platform links – the inclusion of a link on the Platform does not imply endorsement of the linked site or service by us or by our affiliates; or (b) any app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer (such as Facebook, Apple, Google, Microsoft, LinkedIn, etc.) - including any Personal Information you disclose to other organizations through or in connection with the Platform or other HighLevel Services.
8. Do Not Track
Some browsers incorporate a "Do Not Track" (“DNT”) feature that, when turned on, signals to websites and online services that you do not want to be tracked.
At this time, the Platform does not respond to DNT signals.
9. YOUR LEGAL RIGHTS
HighLevel respects your rights in how your Personal Information is used and shared. Depending on where you live, you may have rights to request access or corrections to your personal data and make choices about the kinds of marketing materials you receive (or choose not to receive marketing from HighLevel at all). See below for more information, depending on your location.
10. European Privacy Rights
If you are in Europe, you may have additional rights under the GDPR, the UK GDPR, or nFADP.
Additional choices and rights may be available to you depending on which HighLevel Services you use.
11. International Compliance
HighLevel is a global company with its headquarters in the United States.
As such, we may transfer your Personal Information between the United States and our affiliates and business partners in other countries.
We may also transfer your Personal Information to our third party service providers, who may be located in a different country to you.
HighLevel transfers information internationally in order to operate efficiently, to improve performance, and to create redundancies to protect information in the event of an outage or other problem.
In so doing, we will process your Personal Information in a way that meets the commitments of this Privacy Policy and complies with the law wherever we transfer it.
Whenever HighLevel transfers Personal Information beyond the country of origin, we will do so in accordance with applicable laws.
For Personal Information originating in the European Economic Area (EEA), the United Kingdom (UK), or Switzerland that is transferred to a HighLevel entity outside the EEA, UK, or Switzerland, HighLevel participates in the
EU-U.S. Data Privacy Framework (EU-U.S. DPF)
and, as applicable, the UK extension to the EU-U.S. DPF, and/or the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF). HighLevel commits to the DPF Principles and, as needed, will take additional steps to provide appropriate safeguards for the Personal Information we transfer. The Federal Trade Commission has jurisdiction over HighLevel’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF).
HighLevel may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. HighLevel is liable in cases of onward transfers to third parties.
12. Data Privacy Framework
HighLevel Inc. and LeadConnector LLC comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. HighLevel has certified to the U.S. Department of Commerce that HighLevel and LeadConnector adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. HighLevel has certified to the U.S. Department of Commerce that HighLevel and Leadconnector adhere to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit
https://www.dataprivacyframework.gov/
. HighLevel further agrees to notify you without undue delay, if its self-certifcation under any of the Data Privacy Framework is withdrawn, terminated, revoked or otherwise invalidated and provide take appropriate steps to stop and remediate and unauthorized processing of such personal data.
13. California Privacy Rights
This section is addressed to California residents only and provides more information about your rights under the California Consumer Privacy Act or “CCPA” (California Civil Code Section 1798.100 et seq.), as amended. Subject to certain exceptions, the CCPA grants to California residents the rights to: be notified about the collection, use, disclosure, sale or sharing of their Personal Information; request access to, deletion of, or correction of their Personal Information; request to opt out of the “sale” or “sharing” of Personal Information (where such information is sold or shared); limit the use or disclosure of Sensitive Personal Information (as defined under CCPA); and to not be discriminated against for exercising such rights.
HighLevel does not sell your Personal Information.
If you wish to exercise your right to opt-out of HighLevel using your Personal Information for cross-contextual targeted advertising purposes (called “sharing” under the CCPA), you may do so by using the details in the “
HOW TO CONTACT US
” section or the appropriate withdrawal mechanism provided to you on the Platform.
You can request access to, correction of or deletion of your Personal Information by using the details in the “
HOW TO CONTACT US
” section.
If you request a deletion of your Personal Information, please note that HighLevel may still need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by CCPA.
If you submit a request to exercise rights under CCPA, HighLevel will ask you to provide certain information to verify your identity.
This information will depend on your prior interactions with HighLevel and the sensitivity of Personal Information at issue.
If HighLevel denies your request, we will explain why.
You can designate an authorized agent to make a request under the CCPA on your behalf in certain circumstances. If you use an authorized agent for this purpose, HighLevel may ask you to verify your identity or that you provided the authorized agent signed permission to submit a request under the CCPA.
If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and HighLevel will respond to any request from such authorized agent in accordance with the CCPA.
The Privacy Policy describes the categories of Personal Information that HighLevel collects and how HighLevel uses such Personal Information. If HighLevel collects Sensitive Personal Information, we limit our use of the Sensitive Personal Information to uses: (1) you have authorized, (2) that are required to fulfill your requests for goods or services, or (3) that are otherwise allowed by the CCPA or required by other laws or regulations.
The categories of Personal Information collected, disclosed, and sold from California residents over the preceding 12 months and HighLevel’s applicable retention periods include:
Personal Information CategoryRetention PeriodBusiness PurposeCollectedDisclosedSold
Identifiers (such name, address, IP address, email, etc.)
See Section 3 of Privacy Policy: “Retention of Your Personal Information”
For functionality, customer support, business operations, communication, advertising and marketing, and statistical purposes.
Yes
Yes
No
Personal information defined in Civil Code Section 1798.80(e) (such as signature, SSN, financial information, and insurance information, etc.)
No
No
No
Protected personal information (such as gender, religion, sexual orientation, or disability)
No
No
No
Commercial information (such as products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies, etc.)
See Section 3 of Privacy Policy: “Retention of Your Personal Information”
For development, customer support, business operations, communication, advertising and marketing, and statistical purposes.
Yes
No
No
Biometric information
No
No
No
Internet or other similar network activity (such as information on a consumer’s interaction with a website, application, or advertisement, etc.)
See Section 3 of Privacy Policy: “Retention of Your Personal Information”
For functionality, business operations, and statistical purposes.
Yes
Yes
No
Geolocation data
No
No
No
Audio, electronic, visual, thermal, or olfactory information
No
No
No
Professional or employment-related information
No
No
No
Education information
No
No
No
Inferences (such as analytics and preferences
Yes
Yes
No
14. Colorado Privacy Rights
This section is addressed to Colorado residents only and provides more information about your rights under the Colorado Privacy Act or “CPA.” Subject to certain exceptions, the CPA grants to Colorado residents the rights to: be notified about the collection, use, disclosure, or sale of their Personal Information; request access to, deletion of, or correction of their Personal Information; and request to opt out of the use of Personal Information for targeted advertising, sale, or certain profiling.
You can request access to, correction of or deletion of your Personal Information by using the details in the “
HOW TO CONTACT US
” section. If you request a deletion of your Personal Information, please note that HighLevel may still need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by CPA.
If you submit a request to exercise rights under CPA, HighLevel will ask you to provide certain information to verify your identity. This information will depend on your prior interactions with HighLevel and the sensitivity of Personal Information at issue. If HighLevel denies your request, we will explain why. If we have not responded to your request or asked for additional time to respond to your request within 45 days after you send us a request, you have the right to appeal our failure to take action. To appeal our failure to take action, contact us using the details in the “
HOW TO CONTACT US
” section.
You can designate an authorized agent to make a request under the CPA on your behalf in certain circumstances. If you use an authorized agent for this purpose, HighLevel may ask you to verify your identity or that you provided the authorized agent signed permission to submit a request under the CPA.
15. Connecticut Privacy Rights
This section is addressed to Connecticut residents only and provides more information about your rights under the Connecticut Data Privacy Act or “CTDPA.” You can exercise your rights by using the details in the “
HOW TO CONTACT US
” section. If we inform you that we decline to take action regarding your request, you have the right to appeal our failure to take action by contacting us using the details in the “
HOW TO CONTACT US
” section.
16. Utah Privacy Rights
This section is addressed to Utah residents only and provides more information about your rights under the Utah Consumer Privacy Act or “UCPA.” You can exercise your rights by using the details in the “
HOW TO CONTACT US
” section.
17. Virginia Privacy Rights
This section is addressed to Virginia residents only and provides more information about your rights under Virginia’s Consumer Data Protection Act or “VCDPA.” Subject to certain exceptions, the VCDPA grants to Virginia residents the rights to: be notified about the collection, use, disclosure, or sale of their Personal Information; request access to, deletion of, or correction of their Personal Information; request to opt out of the use of Personal Information for targeted advertising, sale, or certain profiling; and to not be discriminated against for exercising such rights.
You can request access to, correction of or deletion of your Personal Information by using the details in the “
HOW TO CONTACT US
” section. If you request a deletion of your Personal Information, please note that HighLevel may still need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to requesting such deletion, to comply with applicable law, or for other purposes permitted by VCDPA.
If you submit a request to exercise rights under VCDPA, HighLevel will ask you to provide certain information to verify your identity. This information will depend on your prior interactions with HighLevel and the sensitivity of Personal Information at issue. If HighLevel denies your request, we will explain why. If we inform you that we decline to take action regarding your request, you have the right to appeal our failure to take action. To appeal our failure to take action, contact us using the details in the “
HOW TO CONTACT US
'' section.
18. How To Contact Us About This Privacy Policy
To ask questions about this Privacy Policy and our privacy practices, contact us at
or by mail at:
HighLevel Inc.
ATTN: Legal Department400 North Saint Paul St., Suite 920
Dallas, Texas 75201
For the UK:
Rickert Services Ltd U
- HighLevel Inc. -
PO Box 1487
Peterborough
PE1 9XX United Kingdom
For the EU:
Rickert Rechtsanwaltsgesellschaft mbH
- HighLevel, Inc. -
Colmantstraße
1553115 Bonn
Germany
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, HighLevel commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact HighLevel at:
© Copyright Mrktng Sstm 2024