1. Overview and Scope

This Privacy Policy ("Policy") applies to the CasperPortal software platform, website, and related services provided by CasperPortal, including any subdomains, mobile applications, or connected systems (collectively, "CasperPortal" or "Platform").

CasperPortal operates in conjunction with technology infrastructure provided by third-party vendors, including but not limited to GoHighLevel, LeadConnector, and other service providers. CasperPortal is not responsible for the privacy practices of these third parties.

This Policy does not apply to content, data, or communications created, uploaded, or managed by users through the Platform. Users remain solely responsible for their own data handling practices and legal compliance.

2. Information We Collect

CasperPortal and its service providers may collect the following categories of information:

• Account Information: Name, email address, phone number, company name, billing address, payment information, and account credentials.
• Technical Information: IP address, browser type, device type, operating system, device identifiers, pages visited, time spent on pages, referring URLs, and similar technical metrics.
• Billing and Payment Data: Credit card or payment processor information (processed by third-party payment providers), subscription history, and transaction records.
• Communications Data: Support tickets, email inquiries, chat logs, and other communications with CasperPortal support or representatives.
• User-Uploaded Data: Any content, customer records, contact lists, messages, configurations, or other information users upload to the Platform.
• Usage Data: Feature usage patterns, login history, API calls, automation activities, and interaction logs.
• Analytics Data: Website behavior, click patterns, session duration, and engagement metrics collected through cookies or similar technologies.

3. How We Use Information

CasperPortal uses collected information for the following purposes:

• Providing, maintaining, and improving the Platform and related services.
• Processing payments and managing subscriptions.
• Providing customer support and technical assistance.
• Communicating service updates, security alerts, and administrative notifications.
• Detecting, investigating, and preventing fraud, abuse, and unauthorized access.
• Complying with legal obligations, law enforcement requests, and regulatory requirements.
• Analyzing platform performance, usage trends, and user behavior to improve services.
• Sending promotional communications where permitted by law (users may opt out).
• Enforcing Terms of Service and other agreements.

CasperPortal does not sell or rent personal information to third parties for their independent marketing purposes.

4. User Responsibility for Data Compliance

CasperPortal is a software platform only. Users are solely responsible for:

• Ensuring compliance with all applicable laws regarding data collection, use, and disclosure, including GDPR, CCPA, TCPA, CAN-SPAM, and other regulations.
• Obtaining and maintaining valid consent before collecting, processing, or transmitting personal information through the Platform.
• Providing accurate privacy notices and disclosures to all data subjects.
• Implementing and maintaining appropriate data security measures.
• Responding to data subject access requests, deletion requests, and other legal inquiries.
• Maintaining records of consent and legal basis for processing.

CasperPortal makes no representations regarding the lawfulness of any user's data processing activities and provides no legal advice.

5. Third-Party Service Providers and Data Sharing

CasperPortal relies on third-party service providers to deliver platform functionality. These providers may process personal information on CasperPortal's behalf, including:

• Cloud hosting and infrastructure providers.
• Payment processors and financial service providers.
• Telecommunications carriers and messaging platforms.
• Analytics and monitoring services.
• Email delivery services.
• Customer support tools and platforms.
• Integration and API partners.
• Third-party platforms referenced in the Terms of Service (such as GoHighLevel or LeadConnector).

CasperPortal requires these providers to maintain appropriate confidentiality and security measures. However, CasperPortal is not responsible for third-party privacy practices. Users should review the privacy policies of all third-party services directly.

CasperPortal may also disclose information when required by law, court order, or legal process, or when necessary to protect the rights, safety, or property of CasperPortal, users, or the public.

6. Data Security and Breach Notification

CasperPortal implements commercially reasonable technical, administrative, and physical safeguards to protect personal information from unauthorized access, disclosure, alteration, and destruction. These may include encryption, access controls, and monitoring systems.

However, no security measure is impenetrable. CasperPortal does not guarantee absolute security and is not liable for unauthorized access, data breaches, or other security incidents resulting from factors beyond its reasonable control.

In the event of a confirmed data breach affecting personal information, CasperPortal will notify affected individuals as required by applicable law. Notification methods may include email, phone, or publication on the Platform.

Users are responsible for maintaining the confidentiality of their account credentials and promptly notifying CasperPortal of any unauthorized access.

7. Data Retention and Deletion

CasperPortal retains personal information only as long as necessary to:

• Provide the requested services and maintain active accounts.
• Comply with legal, regulatory, and contractual obligations.
• Resolve disputes and enforce agreements.
• Maintain backups and archive data for operational continuity.
• Conduct fraud investigations and security audits.

Upon account cancellation or termination, CasperPortal may retain certain data for a limited period in accordance with legal requirements, backup procedures, and operational practices. Specific retention periods depend on the type of information and applicable law.

Users wishing to request deletion of personal information should contact CasperPortal using the contact information below. CasperPortal will respond to valid requests in accordance with applicable law, though certain legal holds or operational requirements may delay deletion.

8. Individual Rights and Requests

Depending on applicable law and location, you may have the following rights regarding your personal information:

• Access: Right to request access to personal information we hold about you.
• Correction: Right to request correction of inaccurate or incomplete information.
• Deletion: Right to request deletion of personal information, subject to legal and operational requirements.
• Restriction: Right to request restriction of processing in certain circumstances.
• Portability: Right to request a copy of information in a portable format.
• Objection: Right to object to processing for marketing or profiling purposes.
• Withdrawal of Consent: Right to withdraw consent at any time (though this does not affect prior processing).

To exercise any of these rights, submit a written request to the contact information below. CasperPortal will respond to valid requests within the timeframe required by applicable law (typically 30-45 days), though CasperPortal may require verification of identity and may apply legal exceptions.

9. Cookies, Tracking, and Analytics

CasperPortal and its service providers use cookies, web beacons, pixels, and similar tracking technologies to:

• Remember user preferences and settings.
• Track usage patterns and engagement metrics.
• Detect and prevent fraud or abuse.
• Analyze platform performance and user behavior.
• Deliver targeted content and advertising.

Most web browsers allow users to refuse cookies or alert users when cookies are being sent. However, blocking cookies may impair functionality and prevent proper use of the Platform. Users may opt out of certain analytics services by adjusting browser settings or visiting provider opt-out pages.

CasperPortal does not honor Do Not Track (DNT) signals, but users may disable cookies in their browser settings.

10. Children and Minors

CasperPortal is intended exclusively for business users and individuals 18 years of age or older. CasperPortal does not knowingly collect personal information from children under 18.

If CasperPortal becomes aware that personal information of a minor has been collected, CasperPortal will promptly delete such information and may terminate the user's account.

Parents or guardians who believe a minor's information has been collected should immediately contact CasperPortal using the contact information below.

11. International Data Transfers

CasperPortal operates globally and may transfer personal information to jurisdictions outside the European Union, United Kingdom, California, or other regions with data protection laws.

By using CasperPortal, users expressly consent to the transfer of personal information to countries that may not provide the same level of data protection. CasperPortal implements standard contractual clauses and other mechanisms to facilitate lawful international transfers where required.

Users with concerns about international data transfers should contact CasperPortal before providing information.

12. Policy Updates and Amendments

CasperPortal may update this Privacy Policy at any time to reflect operational, legal, technological, or regulatory changes. Updated policies will be posted on the CasperPortal website with a revised "Effective Date."

Continued use of CasperPortal following the posting of an updated Privacy Policy constitutes acceptance of the updated terms. Material changes may be communicated via email or prominent notice on the Platform.

Users are responsible for reviewing this Policy periodically for updates.

13. Limitation of Liability and Disclaimer

TO THE MAXIMUM EXTENT PERMITTED BY LAW, CASPERPORTAL IS NOT LIABLE FOR:

• Unauthorized access, data breaches, or security incidents resulting from factors beyond CasperPortal's reasonable control.
• Any indirect, incidental, special, consequential, or punitive damages arising from privacy practices or data handling.
• Loss of data, loss of profits, business interruption, or other losses.
• Third-party access to information due to third-party actions or negligence.
• User's failure to comply with applicable privacy laws or CasperPortal's policies.

CasperPortal makes no warranty regarding privacy compliance, data security adequacy, or suitability for any particular purpose. This Privacy Policy does not create any legally binding obligation beyond what is expressly stated herein.

14. Contact Information

15. Governing Law and Dispute Resolution

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of New Hampshire, without regard to conflict of law principles. Any dispute arising out of or relating to this Privacy Policy shall be brought in the state or federal courts located in New Hampshire, and you consent to such jurisdiction and venue.

In the event of any dispute regarding data handling or privacy practices, you agree to work with CasperPortal in good faith to resolve the matter before pursuing formal legal proceedings.