Privacy Policy

Last updated: April 1, 2026

Mailflow Authority ("we," "us," or "our") operates the website at mailflowauthority.com. This Privacy Policy explains what information we collect, how we use it, and what rights you have over it.

We believe in being straightforward. No buried clauses, no surprise data sharing. If you have questions after reading this, reach out at [email protected].

Information We Collect

We collect personal information in the following ways:

  • Lead forms and ads. When you fill out a form on our website or through a Meta (Facebook/Instagram) Lead Ad, we collect information you provide such as your name, email address, phone number, and business name.
  • Contact forms. When you use our contact form or send us an email directly, we collect the information in your message.
  • Cookies and tracking pixels. We use Meta Pixel and the Meta Conversions API to understand how people find and use our website. These tools collect data like pages viewed, browser type, and general location. More details are in the "Cookies and Tracking" section below.
  • Analytics. We may use standard website analytics tools that collect anonymous usage data such as page views and session duration.

How We Use Your Information

We use the information we collect to:

  • Respond to your inquiries and provide the services you requested.
  • Send follow-up communications by email and SMS/text message related to the service or information you expressed interest in. You can opt out of these at any time (see "Your Rights" below).
  • Improve our website, marketing, and services.
  • Run and optimize advertising campaigns through Meta platforms (Facebook and Instagram).

Where We Store Your Data

Personal information collected through our forms and ads is stored in GoHighLevel, our customer relationship management (CRM) platform. GoHighLevel is used to manage contacts, send email and SMS follow-ups, and track interactions with our business.

GoHighLevel maintains its own security practices including encryption and access controls. We limit access to your data to authorized team members only.

Cookies and Tracking

Our website uses the following tracking technologies:

  • Meta Pixel. A small piece of code that tracks website activity (such as page views and button clicks) and sends that data to Meta. This helps us measure ad performance and build audiences for advertising.
  • Meta Conversions API (CAPI). A server-side integration that sends event data (like form submissions) directly to Meta. This works alongside the Pixel to improve tracking accuracy.

These tools may place cookies on your browser and collect device identifiers. You can manage cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. Note that disabling cookies may affect how parts of the site function.

We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties. Period. Your data is used solely to provide and improve our services and to communicate with you about those services.

Under the California Consumer Privacy Act (CCPA), we confirm that we have not sold personal information of consumers in the preceding twelve months and have no intention of doing so.

Third-Party Services

We share data with a limited number of service providers that help us operate our business:

  • Meta (Facebook/Instagram) — ad delivery and performance measurement.
  • GoHighLevel — CRM, email, and SMS communications.

These providers process data on our behalf and are contractually obligated to protect it. We do not share your information with any other third parties for their own marketing purposes.

Your Rights

Depending on where you live, you may have specific rights under privacy laws like the GDPR (European Union) or CCPA (California). In all cases, we respect the following rights for every user:

  • Access. You can request a copy of the personal data we hold about you.
  • Correction. You can ask us to update or correct inaccurate information.
  • Deletion. You can request that we delete your personal data. We will comply unless we have a legal obligation to retain it.
  • Opt-out of communications. Every email and SMS we send includes an unsubscribe or opt-out option. You can also contact us directly to be removed from all communications.
  • Withdraw consent. If you previously gave consent for us to process your data, you can withdraw it at any time.
  • Data portability. You can request your data in a commonly used, machine-readable format.
  • Do Not Sell (CCPA). As stated above, we do not sell personal information. If you still wish to submit a formal "Do Not Sell" request, you may do so by contacting us.

To exercise any of these rights, email us at [email protected]. We will respond within 30 days (or sooner if required by applicable law).

Data Retention

We retain your personal data only as long as necessary to fulfill the purposes described in this policy, or as required by law. If you request deletion, we will remove your data from our systems within 30 days unless a legal obligation requires us to keep it.

Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected data from a child, we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For significant changes, we may also notify you by email. We encourage you to review this page periodically.

Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact:

Braedon

Mailflow Authority

Portland, Oregon

[email protected]