Client Scribe Privacy Policy

Last Updated: January 2025

1. Introduction

Client Scribe ("we," "us," or "our") operates a SaaS platform at clientscribe.io that enables creative businesses to collect feedback from their clients on project deliverables. The platform facilitates sending SMS requests with secure links to feedback forms where clients can review work and submit notes, comments, or approvals.

This Privacy Policy explains how we collect, use, share, and protect personal information when you use our services, whether as:

Platform customers (businesses that use Client Scribe to send messages)
Message recipients (individuals who receive SMS messages via Client Scribe)
Website visitors (anyone accessing our public pages)

2. Information We Collect

A. Information from Platform Customers (Businesses)

Account information (name, email, company name, billing details)
Authentication credentials (encrypted passwords)
Team member information (names, emails, roles)
Usage data (features used, messages sent, login activity)

B. Information from Feedback Request Recipients

Phone numbers (provided by the business sending feedback requests)
Message content (SMS text containing feedback form links, STOP/HELP responses)
Message delivery status and timestamps
Feedback form submissions (notes, comments, approvals provided through secure links)
Opt-out preferences

C. Information Collected Automatically

IP addresses and device information
Browser type and operating system
Pages visited and features used
Cookies and similar tracking technologies (see Cookie Policy below)

3. How We Use Your Information

We use collected information for the following purposes:

Service Delivery

Send SMS feedback requests containing secure links to review forms
Process and manage feedback submissions, notes, and client input
Provide time-limited, secure access to feedback forms without requiring account creation
Provide access to platform features (analytics, webhooks, team management)
Process payments and manage subscriptions

Compliance and Legal Requirements

Enforce our Messaging Policy and SMS Terms
Comply with TCPA, CTIA guidelines, and carrier requirements
Respond to legal requests and prevent fraud or abuse
Honor opt-out requests (STOP keywords)

Platform Improvement

Analyze usage patterns to improve features and performance
Troubleshoot technical issues and provide customer support
Develop new features and services

Communication

Send transactional emails (account notifications, billing, security alerts)
Provide customer support and respond to inquiries
Send occasional product updates (with opt-out option)

4. How We Share Your Information

We do not sell your personal information. We share information only in the following limited circumstances:

With Service Providers and Sub-Processors

We share data with trusted third parties who help us deliver our services:

SMS carriers (Twilio) - to send and receive text messages
Cloud infrastructure (hosting, databases, CDN) - to store and serve data
Payment processors - to handle billing and subscriptions
Analytics providers - to understand platform usage (anonymized where possible)

All sub-processors are contractually required to protect your data and use it only for the purposes we specify.

Within Your Organization

If you are part of a business account, your data may be visible to other authorized team members within your organization based on role permissions.

For Legal or Safety Reasons

We may disclose information when required by law or to:

Comply with court orders, subpoenas, or regulatory requests
Enforce our terms of service and policies
Protect against fraud, abuse, or security threats
Protect the rights, property, or safety of Client Scribe, our users, or the public

Business Transfers

If Client Scribe is acquired, merged, or undergoes a similar business transaction, your information may be transferred to the new entity. We will notify you of any such change.

5. Data Retention

We retain personal information for as long as necessary to provide our services and comply with legal obligations:

Active account data: Retained while your account is active and for a reasonable period after closure to facilitate reactivation or address disputes.
Message logs: Retained for compliance purposes (typically 12-24 months) to demonstrate consent, honor opt-outs, and respond to carrier or regulatory inquiries.
Billing records: Retained for tax and accounting purposes as required by law (typically 7 years).
Opt-out records: Retained indefinitely to honor opt-out requests and prevent re-enrollment.

You may request deletion of your data at any time (see "Your Rights" below), subject to legal retention requirements.

6. Data Security

We implement industry-standard security measures to protect your information from unauthorized access, disclosure, alteration, or destruction:

Encryption in transit (TLS/SSL) and at rest for sensitive data
Secure authentication and password hashing (bcrypt)
Role-based access controls and multi-tenant data isolation
Regular security audits and vulnerability assessments
Monitoring for suspicious activity and abuse

However, no system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. Please use strong passwords and protect your account credentials.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

Access and Portability

Request a copy of the personal information we hold about you.

Correction

Request correction of inaccurate or incomplete information.

Deletion

Request deletion of your personal information (subject to legal retention requirements).

Opt-Out of SMS Messages

Reply STOP to any message to immediately opt out. See our SMS Terms for details.

Opt-Out of Marketing Emails

Use the unsubscribe link in any marketing email (transactional emails cannot be opted out of while your account is active).

Object to Processing

Object to certain uses of your information, such as analytics or marketing.

To exercise your rights, contact us at: privacy@clientscribe.io
We will respond to requests within 30 days.

8. Cookies and Tracking

We use cookies and similar technologies to provide and improve our services:

Essential cookies: Required for authentication, security, and basic platform functionality.
Analytics cookies: Help us understand how users interact with our platform (may be disabled in browser settings).
Preference cookies: Remember your settings and preferences.

Most browsers allow you to control cookies through settings. Note that disabling cookies may affect platform functionality.

9. International Data Transfers

Client Scribe is based in the United States. If you access our services from outside the U.S., your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

By using our services, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

10. Children's Privacy

Client Scribe is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@clientscribe.io.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Material changes will be communicated via email or prominent notice on our platform.

Continued use of our services after changes become effective constitutes acceptance of the revised policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Client Scribe Privacy Team

Email: privacy@clientscribe.io

For general support inquiries: support@clientscribe.io

For compliance questions: compliance@clientscribe.io

13. Related Resources

Client Scribe Messaging Policy - How businesses must use the platform
SMS Terms for Recipients - Terms for message recipients
SMS Consent Language & Examples - Templates for businesses

Legal Disclaimer: This Privacy Policy provides general information about our data practices. It does not constitute legal advice. Your use of Client Scribe is also governed by our Terms of Service. If you have specific legal questions about data protection, privacy rights, or compliance, please consult with a qualified attorney.