PRIVACY POLICY

Effective as of November 7, 2025

Your privacy matters to us. This Privacy Policy explains how 17257597 Canada Inc. ("Aflluxe," "we," "us," or "our") collects, uses, discloses, and protects personal information in connection with our websites (including https://aflluxe.com and subdomains such as https://flow.aflluxe.com and https://grow.aflluxe.com), applications, and related services (collectively, the "Services").

1. Scope & Third‑Party Links

This policy applies to personal information we process through the Services. Our Services may link to third‑party sites and services that are not controlled by Aflluxe. Their privacy practices are governed by their own policies. We encourage you to review them.

2. What We Mean by "Personal Information"

“Personal information” means information about an identifiable individual (e.g., name, email, phone number, IP address, device identifiers, and data about how you interact with the Services). This includes information you provide and information collected automatically from your device/browser.

3. Information We Collect

We collect information in three main ways: (a) you provide it to us directly; (b) it is collected automatically; and (c) we receive it from third parties.

a. Information You Provide

  • Contact details (name, email, phone number, business details, mailing address)

  • Account credentials and preferences

  • Marketing consents (email/SMS opt‑ins), form submissions, support requests

  • Billing details and purchase history (processed by our payment processors)

b. Information Collected Automatically

  • Log data (IP address, device/browser type, pages viewed, timestamps, referral URLs)

  • Device & usage data (unique IDs, approximate geolocation based on IP, events like clicks, conversions)

  • Error/diagnostic data to help us troubleshoot issues and improve the Services

While certain data may not identify you on its own, in combination it may become identifiable.

c. Information from Third Parties

  • Partners and platforms you connect (e.g., CRM integrations) may provide profile, activity, and campaign data

  • Publicly available information (e.g., social profiles consistent with your settings)

4. Cookies & Similar Technologies

We use cookies, pixels, tags, and local storage to operate and improve the Services, remember your preferences, measure performance, and personalize content/ads. Examples include analytics cookies and advertising pixels. You can manage cookies in your browser settings. Some features may not function properly without cookies.

  • See our Cookie Policy for details (placement, lifetimes, and choices).

  • Where required by law, we obtain consent for non‑essential cookies.

5. How We Use Personal Information

We use personal information to:

  • Provide, secure, and maintain the Services (including troubleshooting and support)

  • Configure and operate CRM, marketing automation, telephony/SMS and related features you request

  • Process payments, invoicing, and account administration

  • Personalize your experience and deliver relevant content and offers

  • Conduct analytics, research, and service improvement

  • Send transactional and (with consent where required) marketing communications

  • Detect, prevent, and investigate fraud, abuse, security incidents, and violations of our Terms

  • Comply with legal, regulatory, tax, and accounting obligations

We may combine information from different sources consistent with this policy.

6. Legal Bases (Canada, EU/UK)

Where applicable (e.g., under PIPEDA, GDPR/UK GDPR), we rely on one or more of the following legal bases: consent; performance of a contract; legitimate interests (e.g., to secure and improve the Services, market to consenting users, and defend legal rights); and legal obligations.

7. Marketing Email & SMS (CASL, CAN‑SPAM, TCPA/CTIA)

If you opt‑in via forms, checkboxes, keywords, or other affirmative methods, you authorize Aflluxe and/or our configured automations to send electronic messages, including marketing and transactional email and text messages (SMS/MMS).

  • Message frequency varies by program; message/data rates may apply.

  • Opt‑out: For email, use the unsubscribe link. For SMS/MMS, reply STOP, END, or UNSUBSCRIBE. Reply HELP for help.

  • Automated technologies (e.g., automated dialers) may be used where permitted by law.

  • Carrier liability: Carriers are not liable for delayed or undelivered messages.

  • We do not sell or share mobile numbers, text‑message originator data, or SMS consent data with third parties except to service providers (e.g., messaging carriers/aggregators) solely to deliver messages.

You are responsible for ensuring you have appropriate consents for any contact lists you upload into platforms we configure for you.

8. Disclosure of Personal Information

We may disclose personal information to:

  • Service providers / processors who support the Services (hosting, CRM/telephony, payments, analytics, ads, email/SMS delivery, support)

  • Affiliates and contractors who assist us under confidentiality obligations

  • Professional advisors (legal, accounting) under duty of confidentiality

  • Regulators, courts, law enforcement where required by law or to protect rights, safety, and security

  • Business transferees in connection with a merger, acquisition, financing, or sale of assets

Key vendors we commonly use (examples; will vary by client configuration):

  • CRM & messaging: GoHighLevel (and underlying SMS/voice providers such as Twilio/Telnyx/Plivo)

  • Payments: Stripe (or your selected processor)

  • Analytics/ads: Google Analytics/Ads, Meta (Facebook/Instagram), YouTube, LinkedIn

We do not permit vendors to use personal information for their own purposes without consent.

9. International Transfers & Data Location

We primarily process data in Canada and the United States (and other countries where our service providers operate). Privacy protections outside your home jurisdiction may differ. Where required, we implement appropriate safeguards (e.g., contractual clauses, DPAs) to protect personal information during cross‑border transfers.

10. Security

We apply technical and organizational measures designed to protect personal information (access controls, encryption in transit, least‑privilege practices, monitoring). No method is 100% secure, and we cannot guarantee absolute security.

11. Retention

We retain personal information as long as needed for the purposes described above, to comply with legal obligations (e.g., tax/accounting), resolve disputes, and enforce agreements. When no longer required, we will delete or de‑identify information in line with our retention policies and applicable law.

12. Your Rights & Choices

Your rights depend on your jurisdiction and relationship with us. Subject to exceptions, and after appropriate verification, you may:

  • Access personal information we hold about you

  • Correct inaccurate or incomplete information

  • Delete/erase information (subject to legal and contractual limits)

  • Restrict or object to certain processing

  • Withdraw consent where processing is based on consent (this does not affect prior processing)

  • Data portability (where applicable)

To exercise rights, contact [email protected] (or [email protected]). We will respond within the timeframe required by law.

Marketing choices: You may unsubscribe from emails or reply STOP to SMS at any time. We may still send non‑marketing messages (e.g., transactional, service notices).

13. Children’s Privacy

Our Services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child provided information to us, contact us and we will take appropriate steps to delete it.

14. Do Not Track & Global Privacy Control

Some browsers offer Do Not Track (DNT). We do not currently respond to DNT signals. Where applicable law requires honoring Global Privacy Control (GPC) or similar signals (e.g., certain U.S. jurisdictions), we will make commercially reasonable efforts to recognize and apply such signals as our systems support them.

15. State/Regional Disclosures

United States (certain states): Depending on your state, you may have additional rights (e.g., to know/access, delete, correct, opt‑out of sale/sharing/targeted advertising). We do not sell personal information in the traditional sense. Where our use of advertising cookies/pixels constitutes "sharing" or "targeted advertising" under applicable law, you can manage preferences via our Cookie Policy and consent banner and/or submit a request at [email protected].

European Union/United Kingdom: Aflluxe acts as controller for our own operations and may act as processor for client accounts configured in third‑party platforms (per applicable contracts). For EU/UK users, you also have the right to lodge a complaint with a supervisory authority.

Canada (PIPEDA/CASL): You may access, correct, and withdraw consent subject to legal limitations. You may complain to the Office of the Privacy Commissioner of Canada if concerns are not resolved.

16. Complaints & How to Contact Us

If you have concerns, contact us first so we can help:

17257597 Canada Inc

Privacy: [email protected]

General: [email protected]

If unresolved, you may contact your local authority, e.g.:

Office of the Privacy Commissioner of Canada — 30 Victoria Street, Gatineau, QC K1A 1H3, +1‑800‑282‑1376, priv.gc.ca

(For EU/UK residents, contact your national DPA/ICO.)

17) Changes to This Policy

We may update this Policy to reflect changes to our practices or for legal, technical, or regulatory reasons. We will post the updated version and revise the "Last Updated" date. If changes materially affect your rights, we will provide additional notice where required by law.

Copyrights 2025 | Aflluxe