Privacy Policy

1. Overview and Scope

MarketingAid Solutions FL, LLC, doing business as MarketingAid (“MarketingAid,” “we,” “us,” or “our”), is committed to protecting the privacy and security of personal information entrusted to us by our customers, their end users, and visitors to our website.

This Privacy Policy (“Policy”) describes how MarketingAid collects, uses, discloses, retains, and protects personal information in connection with our website at www.marketingaid.org and all associated subdomains (the “Site”); our digital infrastructure, website hosting, and appointment scheduling platform (the “Platform”); and all related subscription services (collectively, the “Services”).

This Policy applies to customers — businesses and individuals who subscribe to and use the Services; end users — individuals whose personal information is processed through customer-facing features of the Platform, such as individuals who book appointments through a customer’s MarketingAid-hosted website; and site visitors — individuals who visit our Site without subscribing to the Services.

This Policy does not apply to third-party websites, applications, or services that may be linked to or integrated with our Services. MarketingAid is not responsible for the privacy practices of such third parties. By accessing or using the Services, you acknowledge that you have read and understood this Policy. If you do not agree, you must discontinue use of the Services.

2. Data Controller Identity

For purposes of applicable data protection law, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the UK GDPR, MarketingAid Solutions FL, LLC is the data controller with respect to personal information collected directly from customers and Site visitors.

With respect to personal information of end users processed through the Platform on behalf of our customers, MarketingAid acts as a data processor, and the applicable customer is the data controller. Customers are solely responsible for ensuring that their collection and processing of end user data through the Platform complies with all applicable privacy laws, and for providing required notices to end users.

Data ControllerMarketingAid Solutions FL, LLC — 7901 4th St N #20635, St. Petersburg, FL 33702, USA. Email: [email protected]

3. Information We Collect

MarketingAid collects only the categories of personal information that are necessary to provide, operate, and improve the Services. We do not collect personal information beyond what is described in this Section.

Information Collected from Customers

When you register for or use the Services, we collect identity and contact information including your first and last name, business name, email address, phone number, and business address. We collect account credentials including your username and hashed password. We collect financial data through our payment processor, Stripe, which includes your billing address and the last four digits of your payment card — MarketingAid never stores raw card numbers on its own systems. We also collect usage data such as login activity, feature interactions, session data, and IP address, as well as communications data including support tickets, emails, and chat logs you submit to our team.

Information Collected from End Users

When end users interact with customer-hosted websites or appointment scheduling tools powered by the Platform, MarketingAid may process on behalf of our customers identity and contact data such as name, email address, and phone number submitted via booking or contact forms; appointment data including scheduled dates and times, service types, booking notes, and confirmation records; and technical data such as IP address, browser type, and device information collected passively through the Platform infrastructure.

Note for End Users: If you are an end user seeking to understand how your personal information is used in connection with a specific business’s website or appointment system, please contact that business directly. That business, not MarketingAid is the data controller for your information and is responsible for its lawful use.

Information Collected Automatically

When you visit our Site, we automatically collect certain technical and usage data through cookies, web beacons, pixels, and similar technologies. This includes IP address, browser type and version, operating system, referral URLs, pages viewed, time spent on pages, and device identifiers. See Section 9 for full details on our use of tracking technologies.

Information We Do Not Collect

MarketingAid does not collect, and has no legitimate business purpose for collecting, the following categories of sensitive personal information: Social Security numbers or government-issued identification numbers; financial account credentials or full payment card numbers; health or medical information; racial or ethnic origin; religious or philosophical beliefs; biometric data; or precise geolocation data.

4. How We Collect Information

MarketingAid collects personal information through the following means. We collect information directly from you when you register for an account, complete onboarding forms, contact our support team, respond to surveys, or communicate with us by email or phone. We collect information automatically through cookies, tracking pixels, server logs, and analytics tools as you interact with our Site and Platform. We receive limited data from third-party processors — such as Stripe for payment confirmation data and Google Analytics for aggregated usage metrics — strictly as necessary to provide the Services. Finally, when customers process end user data through the Platform as data controllers, that data passes through our infrastructure as a processor acting on the customer’s behalf.

5. How and Why We Use Your Information

MarketingAid uses personal information only for the purposes identified at the time of collection, or as otherwise described in this Policy. We do not use personal information for purposes that are incompatible with those stated herein without obtaining your consent or as otherwise required by law.

We use your information for service delivery — creating and managing customer accounts, provisioning and operating the Platform, processing payments, and providing technical support. We use it for billing and payment management — processing subscription and activation fees, generating invoices, and managing chargebacks and disputes. We use it for communications — sending transactional notices such as receipts, service updates, and cancellation confirmations, and responding to support inquiries. We use it for marketing — sending promotional emails about MarketingAid products, features, and offers to customers and prospects via GoHighLevel, subject to your opt-out rights at any time. We use it for analytics and platform improvement — understanding how the Site and Platform are used and identifying and resolving technical issues. We use it for security and fraud prevention — monitoring for unauthorized access, abuse, or fraudulent activity. And we use it for legal compliance — complying with applicable laws and regulations, responding to lawful requests from authorities, and enforcing our Terms of Service.

6. Legal Basis for Processing

To the extent the GDPR or UK GDPR applies to the processing of your personal information, MarketingAid relies on the following lawful bases.

Performance of a Contract (Art. 6(1)(b) GDPR) — Processing is necessary to perform the Services under our Terms of Service, including account management, service delivery, and billing.

Legal Obligation (Art. 6(1)(c) GDPR) — Processing is necessary to comply with applicable legal obligations, including financial recordkeeping requirements and responses to lawful government requests.

Legitimate Interests (Art. 6(1)(f) GDPR) — Processing is necessary for MarketingAid’s legitimate business interests, including improving the Platform, preventing fraud, ensuring network security, and direct marketing to existing customers, where such interests are not overridden by the data subject’s rights and freedoms.

Consent (Art. 6(1)(a) GDPR) — Where required by applicable law, we obtain your explicit consent prior to processing, including for certain marketing communications and non-essential cookies. You may withdraw consent at any time without affecting the lawfulness of prior processing.

7. Disclosure of Information

MarketingAid does not share, sell, rent, or trade personal information with third parties except as expressly described in this Section.

Authorized Service Providers

We disclose personal information to third-party service providers strictly as necessary to operate and deliver the Services. All such providers are bound by contractual data processing agreements and are prohibited from using personal information for any purpose other than performing services on our behalf.

We share relevant billing information with Stripe, our PCI DSS Level 1 certified payment processor, for secure payment processing and fraud prevention. MarketingAid does not store raw card data on its own systems. We share anonymized and aggregated browsing data, including anonymized IP addresses, with Google Analytics for Site usage analysis and performance monitoring. We share customer name, email address, and communication preferences with GoHighLevel, our marketing and CRM platform, for email marketing and customer communication purposes. We share customer content and account data as required for infrastructure operation with our hosting and cloud infrastructure providers, who are bound by strict confidentiality and data security obligations.

Legal Disclosures

MarketingAid may disclose personal information without prior notice if required to do so by applicable law or in the good-faith belief that such disclosure is necessary to comply with a legal obligation, court order, subpoena, or government request; to protect and defend the rights or property of MarketingAid; to prevent or investigate possible wrongdoing in connection with the Services; to protect the personal safety of users of the Services or the public; or to protect against legal liability. Where legally permissible, MarketingAid will make reasonable efforts to notify affected customers of such disclosures prior to compliance.

Business Transfers

In the event that MarketingAid undergoes a merger, acquisition, reorganization, bankruptcy, or sale of all or substantially all of its assets, personal information held by MarketingAid may be transferred to the acquiring entity as part of such transaction. MarketingAid will provide notice of any such transfer and any material changes to this Policy through the Site or by direct communication.

Aggregated and De-Identified Data

MarketingAid may use, share, and publish aggregated or de-identified information that does not identify any individual for product development, research, analytics, and marketing purposes. Such information is not subject to this Policy.

8. We Do Not Sell Your Data

Our CommitmentMarketingAid does not sell, rent, license, or otherwise commercially exploit personal information for monetary or other valuable consideration to any third party. This applies to all individuals whose information we process — including customers, end users, and Site visitors.

This commitment applies regardless of applicable law. Even in jurisdictions where “selling” personal data has a specific legal definition — such as California under the CCPA/CPRA — MarketingAid does not engage in any such activity. We use personal information solely to provide, operate, and improve our Services as described in this Policy.

Our use of Google Analytics and Meta Pixel for Site analytics and advertising measurement does not constitute a “sale” or “sharing for cross-context behavioral advertising” under California law, as these technologies are used solely for first-party analytics and are configured to minimize data sharing with those platforms. You may opt out of such tracking as described in Section 9.

9. Cookies and Tracking Technologies

MarketingAid uses cookies and similar tracking technologies on our Site and Platform to enhance functionality, analyze performance, and deliver relevant content.

Types of Cookies We Use

Strictly necessary cookies are required for the Site and Platform to function. They enable login sessions, security tokens, and core infrastructure and cannot be disabled without impairing your ability to use the Services.

Performance and analytics cookies, including Google Analytics, measure Site traffic, user behavior, and content performance using anonymized data. These cookies help us understand how visitors interact with our Site so we can improve it.

Marketing and advertising cookies, including the Meta (Facebook) Pixel, measure the effectiveness of our advertising campaigns and enable retargeting on Meta platforms. These cookies can be disabled without affecting your core use of the Site.

Functional cookies remember your preferences, language settings, and session state to improve your experience across visits.

Your Cookie Choices

Most browsers allow you to refuse or delete cookies through your browser settings, though disabling strictly necessary cookies may impair Site functionality. You may opt out of Google Analytics measurement by installing the Google Analytics Opt-Out Browser Add-On at tools.google.com/dlpage/gaoptout. You may manage Meta advertising preferences through your Meta account settings or via the Digital Advertising Alliance opt-out tool at optout.aboutads.info. MarketingAid acknowledges Do Not Track browser signals and will endeavor to honor them for non-essential tracking where technically feasible. Please note that opting out of advertising cookies does not opt you out of receiving advertisements — it means that advertisements you receive may be less tailored to your interests.

10. Data Retention

MarketingAid retains personal information only for as long as necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, resolve disputes, and enforce our agreements.

Customer account data is retained for the duration of your active subscription plus thirty (30) days following cancellation, during which time you may export your data. Billing and financial records are retained for seven (7) years from the date of each transaction, in accordance with IRS recordkeeping requirements and Florida tax law. Support communications are retained for two (2) years from the date of last communication for purposes of dispute resolution and legal compliance. End user data processed through the Platform on behalf of customers is retained for the duration of the customer’s active subscription plus thirty (30) days. Analytics data is retained for twenty-six (26) months in accordance with our Google Analytics configuration. Marketing contact records are retained until you opt out or your account is deleted, whichever occurs first. Data subject to a legal hold is retained for the duration of the applicable legal proceeding or regulatory requirement.

Upon expiration of the applicable retention period, MarketingAid will securely delete or anonymize personal information in accordance with industry-standard data destruction practices. Anonymized data may be retained indefinitely.

Customer ResponsibilityCustomers are solely responsible for exporting their content and any end user data processed through the Platform prior to account cancellation. MarketingAid will delete such data thirty (30) days following the effective date of termination and has no obligation to restore deleted data thereafter.

11. Security Measures

MarketingAid implements and maintains a comprehensive set of technical, organizational, and administrative security measures designed to protect personal information against unauthorized access, disclosure, alteration, loss, or destruction.

All data transmitted between users and MarketingAid’s infrastructure is encrypted using SSL/TLS protocols, with HTTPS enforced across all pages and subdomains. All payment processing is conducted through Stripe, a PCI DSS Level 1 certified payment processor — MarketingAid does not store, transmit, or process raw payment card data on its own systems. Access to personal information is restricted on a need-to-know basis, and all employees and contractors with access to personal data are bound by confidentiality obligations. Customer passwords are stored in hashed form using industry-standard cryptographic algorithms; plaintext passwords are never stored or transmitted. MarketingAid monitors its systems for unusual activity, unauthorized access attempts, and security vulnerabilities, and all third-party service providers are contractually required to maintain appropriate safeguards.

No method of transmission over the internet or electronic storage is completely secure. While MarketingAid employs commercially reasonable safeguards, we cannot guarantee absolute security. You acknowledge and accept this inherent risk as a condition of using the Services.

If you believe your account has been compromised or you have identified a security vulnerability, please contact us immediately at [email protected].

12. Children’s Privacy

The Services are designed exclusively for business use and are directed solely to individuals who are eighteen (18) years of age or older. MarketingAid does not knowingly collect, solicit, or process personal information from children under the age of 13, or from individuals under the age of 16 for EU/UK users, consistent with the requirements of the Children’s Online Privacy Protection Act (“COPPA”) and the GDPR, respectively.

If MarketingAid becomes aware that it has inadvertently collected personal information from a child below the applicable age threshold without appropriate parental or guardian consent, MarketingAid will promptly delete such information from its records. If you believe MarketingAid has collected personal information from a minor, please contact us immediately at [email protected].

13. Your Privacy Rights

Subject to applicable law and our legitimate interests, individuals whose personal information MarketingAid processes may hold the following rights. The specific rights available to you depend on your jurisdiction of residence and are detailed in Sections 14 through 16 below.

You have the right to know — to request disclosure of the categories and specific pieces of personal information we hold about you. You have the right to correct — to request correction of inaccurate or incomplete personal information we maintain. You have the right to delete — to request deletion of your personal information, subject to our legal obligations and legitimate business purposes. You have the right to portability — to request a copy of your personal information in a structured, commonly used, machine-readable format. You have the right to object — to object to the processing of your personal information on grounds of legitimate interests or direct marketing. You have the right to restrict processing — to request restriction of processing under certain circumstances, such as where accuracy is contested. You have the right to withdraw consent — where processing is based on consent, to withdraw it at any time without affecting prior lawful processing. And you have the right to opt out of marketing — to unsubscribe from promotional communications at any time via the unsubscribe link in any email or by contacting us directly.

How to Submit a Privacy Request

To exercise any of the rights described in this Policy, please submit a written request to [email protected] with the subject line “Privacy Rights Request.” Your request must include sufficient information to verify your identity. We will respond to all verifiable requests within the timeframes required by applicable law — generally 30 to 45 days — and will not discriminate against you for exercising your privacy rights. We reserve the right to deny requests that are manifestly unfounded, excessive, or repetitive, or where an exemption applies under applicable law, and will provide a written explanation for any such denial.

14. GDPR — European Union and United Kingdom

This Section applies to individuals located in the European Economic Area (“EEA”) or the United Kingdom whose personal information is processed by MarketingAid, in addition to all other provisions of this Policy.

Your GDPR Rights

Under the GDPR and UK GDPR, you hold all rights described in Section 13, including the rights of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), and objection (Art. 21). You also have the right to lodge a complaint with your local supervisory authority. For EU residents, the relevant authority is the data protection supervisory authority of your Member State. For UK residents, the relevant authority is the Information Commissioner’s Office (ICO) at ico.org.uk.

International Data Transfers

MarketingAid is headquartered in the United States, and personal information we collect may be stored and processed in the United States or in other countries where our service providers operate. When we transfer personal information from the EEA or UK to countries not recognized as providing an adequate level of data protection, we implement appropriate safeguards, including Standard Contractual Clauses approved by the European Commission (SCCs) or, for UK transfers, the International Data Transfer Agreement (IDTA). You may request a copy of the applicable transfer mechanism by contacting us at [email protected].

Data Processing Agreements

Customers who are subject to the GDPR and use the Platform to process EU/UK end user data may contact MarketingAid at [email protected] to request execution of a Data Processing Agreement (“DPA”) that satisfies the requirements of Article 28 of the GDPR.

15. CCPA/CPRA — California Residents

This Section applies to residents of California and supplements all other provisions of this Policy, pursuant to the California Consumer Privacy Act of 2018 and the California Privacy Rights Act of 2020 (collectively, “CCPA/CPRA”).

Categories of Personal Information Collected

In the preceding twelve (12) months, MarketingAid has collected the following categories of personal information as defined under the CCPA/CPRA: identifiers such as name, email address, and IP address; commercial information including billing and transaction records; internet or other electronic network activity information including usage data and analytics; and professional or employment-related information such as business name and address. We have not collected sensitive personal information as defined under the CPRA beyond account credentials, which are used solely for authentication purposes.

Your California Rights

As a California resident, you have the right to know — to request disclosure of the categories and specific pieces of personal information collected, the purposes for collection, and the categories of third parties with whom information is shared. You have the right to delete personal information, subject to statutory exceptions. You have the right to correct inaccurate personal information. You have the right to opt out of the sale or sharing of personal information — MarketingAid does not sell or share personal information for cross-context behavioral advertising, and no opt-out mechanism is required, though we honor all such requests. You have the right to limit use of sensitive personal information — we use account credentials solely for authentication, and no additional limitation is applicable. And you have the right to non-discrimination — MarketingAid will not discriminate against you for exercising your CCPA/CPRA rights.

Submitting California Requests

California residents may submit requests by emailing [email protected] with the subject line “California Privacy Request.” We will respond within 45 days of receiving a verifiable request, with a possible extension of an additional 45 days where reasonably necessary. Authorized agents may submit requests on behalf of California residents with written authorization. We may require verification of the agent’s authority before processing any such request.

16. Florida Privacy — FIPA

This Section addresses MarketingAid’s obligations under the Florida Information Protection Act, Fla. Stat. § 501.171 (“FIPA”), which governs the security of personal information and the notification obligations of businesses that maintain personal information of Florida residents.

MarketingAid takes reasonable measures to protect personal information from unauthorized access, use, modification, or disclosure, as required under FIPA. In the event of a security breach involving personal information of Florida residents, MarketingAid will provide notification as required by FIPA, including notice to affected individuals and, where applicable, to the Florida Department of Legal Affairs, within the timeframes specified by law. Our full incident response framework is set forth in Section 17.

17. Data Breach Response

MarketingAid maintains an internal incident response framework designed to identify, contain, assess, and remediate data security incidents promptly and responsibly.

Detection and Containment

Upon detection of a potential security incident, MarketingAid’s designated incident response personnel will immediately work to contain the incident, preserve evidence, and assess the nature and scope of any unauthorized access or disclosure.

Assessment and Classification

MarketingAid will assess whether the incident constitutes a reportable breach under applicable law — including FIPA, GDPR, and CCPA/CPRA — based on the type of personal information involved, the likelihood of harm to affected individuals, and the circumstances of the unauthorized access or disclosure.

Notification Obligations

Where a breach is determined to be reportable, MarketingAid will notify affected individuals without unreasonable delay and within the timeframe required by applicable law — within 30 days under FIPA and within 72 hours to the supervisory authority under GDPR. Where required by law, MarketingAid will also notify the applicable regulatory authority, including the Florida Department of Legal Affairs and the relevant EU or UK data protection authority. Where a breach involves data processed on behalf of customers, MarketingAid will notify affected customers within a commercially reasonable timeframe to enable them to fulfill their own notification obligations.

Notification Content

Breach notifications to affected individuals will include, to the extent known at the time of notification, a description of the nature of the incident; the categories and approximate number of individuals and records affected; the likely consequences of the breach; the measures taken to address the incident; and contact information for further inquiries.

18. International Data Transfers

MarketingAid operates primarily from the United States. If you are located outside the United States and choose to provide personal information to us, you acknowledge that your information will be transferred to and processed in the United States, where privacy laws may differ from and may be less protective than those in your country of residence.

For transfers of personal information from the EEA or UK, MarketingAid relies on appropriate transfer mechanisms as described in Section 14. For all other international transfers, MarketingAid implements contractual and technical safeguards consistent with applicable law to protect personal information during transfer.

19. Changes to This Privacy Policy

MarketingAid reserves the right to update or modify this Policy at any time to reflect changes in our data practices, applicable law, or business operations. When we make material changes to this Policy, we will update the effective date at the top of this page, post the revised Policy on our Site, and where required by applicable law or where changes are material, provide direct notice to customers by email.

Your continued use of the Services following the posting of an updated Policy constitutes your acknowledgment of and agreement to the updated terms. If you do not agree to the revised Policy, you must discontinue use of the Services and cancel your subscription in accordance with the Terms of Service. We encourage you to review this Policy periodically to stay informed about how MarketingAid protects your information.