Privacy Policy - Innovate iHub

Privacy Policy

Your privacy and data security are our top priorities. Learn how we collect, use, and protect your information.

Last Updated: January 6, 2026
GDPR Compliant
CCPA Compliant
SSL Encrypted
SOC 2 Certified

Quick Navigation

1. Privacy Overview

At Innovate iHub, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our all-in-one business growth platform and related services.

Who We Are

Innovate iHub is a comprehensive business growth platform that provides CRM, marketing automation, website building, and numerous other tools to help businesses grow and succeed. We are the data controller responsible for your personal information.

Our Privacy Commitment

We are committed to:

  • Being transparent about what data we collect and why
  • Giving you control over your personal information
  • Protecting your data with industry-leading security measures
  • Only collecting data that is necessary for our services
  • Never selling your personal information to third parties
  • Complying with all applicable privacy laws and regulations

Scope of This Policy

This Privacy Policy applies to:

  • Our website at innovateihub.com and all subdomains
  • Our platform and all services offered through app.innovateihub.com
  • Mobile applications we provide
  • Email communications and newsletters
  • Customer support interactions

2. Information We Collect

2.1 Information You Provide to Us

We collect information you directly provide when you:

Account Registration

  • Contact Information: Name, email address, phone number, business address
  • Account Credentials: Username, password (encrypted)
  • Business Information: Company name, industry, business size, website URL
  • Billing Information: Credit card details, billing address (processed securely by our payment processors)

Platform Usage

  • Customer Data: Information about your customers you add to the CRM
  • Content: Emails, SMS messages, website content, funnels, forms, and other content you create
  • Marketing Materials: Images, videos, documents, and other files you upload
  • Communication Records: Call recordings, chat transcripts, email correspondence

Support and Communication

  • Information in support tickets, chat messages, and phone calls
  • Feedback, survey responses, and testimonials
  • Event registration information for webinars and training

2.2 Information Collected Automatically

Data Type What We Collect Purpose
Device Information IP address, browser type, device type, operating system Security, analytics, service optimization
Usage Data Pages viewed, features used, time spent, click patterns Improve platform, understand user behavior
Location Data Approximate location from IP address Localization, fraud prevention
Cookies & Tracking Cookie IDs, session data, analytics data Authentication, preferences, analytics
Performance Data Error logs, crash reports, performance metrics Technical support, bug fixes, optimization

2.3 Information from Third Parties

We may receive information from:

  • Integration Partners: When you connect third-party services (e.g., Stripe, Mailgun, social media platforms)
  • Data Enrichment Services: To enhance your customer data (only if you enable this feature)
  • Referral Partners: If you sign up through a partner or affiliate
  • Public Sources: Publicly available business information for verification purposes

Customer Data Processing

When you use our platform to manage your customers, you are the data controller and we are the data processor. You are responsible for obtaining necessary consents from your customers and complying with applicable privacy laws. We process this data solely on your behalf according to your instructions.

3. How We Use Your Information

3.1 To Provide Our Services

  • Create and manage your account
  • Process transactions and send billing notifications
  • Deliver the platform features you've subscribed to
  • Provide customer support and respond to inquiries
  • Send service-related communications and updates
  • Enable features like email campaigns, SMS messaging, and phone calls

3.2 To Improve and Optimize

  • Analyze usage patterns to improve platform functionality
  • Develop new features and services
  • Conduct testing and quality assurance
  • Troubleshoot technical issues and bugs
  • Perform data analytics and benchmarking

3.3 For Marketing and Communication

  • Send promotional emails about new features, tips, and offers (you can opt out)
  • Provide personalized recommendations and content
  • Invite you to webinars, events, and training sessions
  • Display targeted advertisements on third-party platforms
  • Measure the effectiveness of our marketing campaigns

3.4 For Security and Compliance

  • Prevent fraud, spam, and abuse
  • Detect and respond to security incidents
  • Verify identity and enforce our Terms of Service
  • Comply with legal obligations and respond to legal requests
  • Protect our rights, privacy, safety, and property

3.5 With Your Consent

We may use your information for other purposes with your explicit consent, such as participating in research studies or beta testing programs.

Legal Basis for Processing (GDPR)

For users in the EU/EEA, we process your data based on: (1) Contract performance - to provide our services, (2) Legitimate interests - to improve and secure our platform, (3) Legal compliance - to meet regulatory requirements, (4) Consent - for marketing communications and optional features.

4. How We Share Your Information

4.1 We Do NOT Sell Your Data

No Data Sales

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Your data is yours, and we respect that.

4.2 Service Providers

We share information with trusted third-party service providers who help us operate our business:

  • Payment Processors: Stripe, PayPal for processing payments
  • Cloud Infrastructure: AWS, Google Cloud for hosting and storage
  • Email Delivery: SendGrid, Mailgun for transactional emails
  • SMS Services: Twilio for text messaging
  • Analytics: Google Analytics, Mixpanel for usage analysis
  • Customer Support: Zendesk, Intercom for support ticketing
  • CDN & Security: Cloudflare for content delivery and DDoS protection

All service providers are contractually obligated to protect your data and only use it for the specified purposes.

4.3 Integration Partners

When you choose to integrate third-party services (e.g., Facebook, Google Ads, Zapier), we share necessary data to enable those integrations. You control which integrations to enable.

4.4 Business Transfers

If we are involved in a merger, acquisition, financing, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

4.5 Legal Requirements

We may disclose information if required by law or in response to:

  • Valid legal process (subpoena, court order, search warrant)
  • Requests from government authorities
  • Emergency situations involving danger of death or serious injury
  • Protection of our legal rights and property

4.6 Aggregated and De-identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you, such as industry benchmarks and usage statistics.

4.7 White-Label Customers

If you use our platform through a white-label reseller or agency, your data is accessible to that partner. They are responsible for their own privacy practices with respect to your information.

5. Cookies and Tracking Technologies

5.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. We use cookies and similar technologies (pixels, beacons, local storage) to enhance your experience and collect analytics.

5.2 Types of Cookies We Use

Cookie Type Purpose Duration
Essential Cookies Required for platform functionality, authentication, and security Session / Persistent
Analytics Cookies Help us understand how users interact with the platform Up to 2 years
Preference Cookies Remember your settings and preferences Up to 1 year
Marketing Cookies Track effectiveness of marketing campaigns and deliver targeted ads Up to 2 years

5.3 Third-Party Cookies

We use cookies from third-party services including:

  • Google Analytics for website analytics
  • Facebook Pixel for advertising
  • LinkedIn Insight Tag for B2B marketing
  • Hotjar for heatmaps and user recordings (if enabled)

5.4 Managing Cookies

You can control cookies through:

  • Browser Settings: Most browsers allow you to refuse cookies or delete them
  • Cookie Consent Tool: Use our cookie preference center to opt in/out of non-essential cookies
  • Opt-Out Tools: Network Advertising Initiative (NAI) and Digital Advertising Alliance (DAA) opt-out pages
  • Do Not Track: We honor browser DNT signals for analytics cookies

Note About Essential Cookies

Disabling essential cookies may prevent you from using certain features of the platform. These cookies are necessary for security, authentication, and basic functionality.

6. Your Privacy Rights

You have certain rights regarding your personal information. The specific rights available to you depend on your location.

Access

Request a copy of the personal information we hold about you

Correction

Request correction of inaccurate or incomplete personal information

Deletion

Request deletion of your personal information (subject to legal exceptions)

Portability

Receive your data in a structured, machine-readable format

Object

Object to processing based on legitimate interests or for direct marketing

Restriction

Request restriction of processing in certain circumstances

Withdraw Consent

Withdraw consent for processing where consent was the legal basis

Opt-Out

Opt out of marketing communications at any time via unsubscribe links

6.1 How to Exercise Your Rights

To exercise any of these rights:

  • Email: [email protected]
  • Account Settings: Many actions can be performed directly in your account
  • Support Portal: Submit a privacy request through our support system

We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

6.2 GDPR Rights (EU/EEA Users)

Additional GDPR Protections

If you are in the EU/EEA, you have additional rights including the right to lodge a complaint with your local data protection authority. Our EU representative can be contacted at [email protected]

6.3 CCPA Rights (California Users)

California residents have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect, use, and disclose
  • Right to request deletion of personal information
  • Right to opt-out of sale (though we don't sell data)
  • Right to non-discrimination for exercising CCPA rights

To submit a CCPA request, email us at [email protected] or call 1-800-XXX-XXXX

7. Data Security

7.1 Security Measures

We implement comprehensive security measures to protect your information:

Technical Security

  • Encryption: TLS/SSL encryption for data in transit, AES-256 encryption for data at rest
  • Access Controls: Role-based access control (RBAC) and principle of least privilege
  • Authentication: Multi-factor authentication (MFA) available for all accounts
  • Network Security: Firewalls, intrusion detection/prevention systems, DDoS protection
  • Monitoring: 24/7 security monitoring and logging
  • Vulnerability Management: Regular security testing and penetration testing

Organizational Security

  • Background checks for employees with data access
  • Regular security training for all staff
  • Confidentiality agreements with employees and contractors
  • Incident response plan and security team
  • Annual third-party security audits

Physical Security

  • Data centers with 24/7 physical security
  • Biometric access controls
  • Video surveillance and security personnel
  • Redundant power and cooling systems

7.2 Data Backup and Recovery

We perform regular automated backups of all data to ensure business continuity and disaster recovery. Backups are encrypted and stored in geographically distributed locations.

7.3 Security Certifications

Compliance & Certifications

We maintain industry-standard security certifications including SOC 2 Type II, ISO 27001, and comply with PCI DSS for payment processing. Regular audits ensure continued compliance.

7.4 Your Role in Security

You also play a role in keeping your data secure:

  • Use strong, unique passwords for your account
  • Enable two-factor authentication (2FA)
  • Keep your login credentials confidential
  • Log out of shared or public computers
  • Report suspicious activity immediately
  • Keep your software and browsers up to date

7.5 Data Breach Response

In the unlikely event of a data breach affecting your information, we will:

  • Investigate and contain the breach immediately
  • Notify affected users within 72 hours (as required by GDPR)
  • Provide details about what data was affected
  • Offer guidance on protective measures you can take
  • Report to relevant authorities as required by law

8. Data Retention

8.1 How Long We Keep Your Data

We retain personal information for as long as necessary to provide our services and comply with legal obligations:

Data Type Retention Period Reason
Account Information Duration of account + 90 days Service delivery, account recovery
Billing Records 7 years after last transaction Legal/tax requirements
Customer Data (CRM) Until deletion or account closure + 30 days Service delivery, backup retention
Support Communications 3 years after resolution Quality assurance, legal defense
Marketing Data Until opt-out or 2 years of inactivity Respect for communication preferences
Usage Logs 90 days (security logs: 1 year) Security, troubleshooting

8.2 Account Closure

When you close your account:

  • Active data is deleted within 30 days
  • Backups are purged within 90 days
  • Some data may be retained longer for legal/compliance reasons
  • Aggregated, anonymized data may be retained indefinitely

8.3 Legal Holds

We may retain data longer than normal retention periods if required by law, legal process, or to establish, exercise, or defend legal claims.

9. Children's Privacy

Age Restriction

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at [email protected]. We will delete such information from our systems.

Special Note for Educational Institutions

If you are an educational institution using our platform for students, you are responsible for obtaining appropriate parental consents and complying with COPPA, FERPA, and other applicable education privacy laws.

10. International Data Transfers

10.1 Where Your Data is Processed

Innovate iHub operates globally, and your information may be processed in countries other than your own, including the United States. These countries may have different data protection laws than your country.

10.2 Safeguards for International Transfers

We implement appropriate safeguards for international data transfers:

  • Standard Contractual Clauses (SCCs): EU-approved data transfer agreements
  • Adequacy Decisions: Transfers to countries deemed adequate by the EU Commission
  • Data Processing Agreements: Contractual protections with all data processors
  • Privacy Shield Principles: Adherence to recognized data protection frameworks

10.3 EU-U.S. and Swiss-U.S. Data Transfers

For transfers from the EU/EEA and Switzerland to the United States, we rely on Standard Contractual Clauses and implement additional technical and organizational measures to ensure data protection.

10.4 Data Localization Options

Enterprise customers may request data localization options to store data within specific geographic regions. Contact our sales team for more information.

11. Changes to This Privacy Policy

11.1 Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

11.2 How We Notify You

When we make material changes to this Privacy Policy, we will:

  • Update the "Last Updated" date at the top of this policy
  • Send an email notification to your registered email address
  • Display a prominent notice on our website and platform
  • Require re-acceptance for significant changes affecting your rights

11.3 Your Options

If you disagree with changes to the Privacy Policy, you may close your account. Your continued use of our services after changes take effect constitutes acceptance of the updated policy.

11.4 Version History

Previous versions of this Privacy Policy are available upon request by contacting [email protected]

12. Contact Information

12.1 Privacy Questions

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Privacy Contact

Email: [email protected]
Data Protection Officer: [email protected]
Phone: [Your Phone Number]
Mail: Innovate iHub - Privacy Department
[Your Business Address]

12.2 Regional Representatives

EU Representative: [email protected]

UK Representative: [email protected]

12.3 Supervisory Authorities

If you are located in the EU/EEA or UK, you have the right to lodge a complaint with your local data protection authority if you believe we have not addressed your concerns adequately.

12.4 Response Time

We aim to respond to all privacy inquiries within 5 business days and will provide a substantive response within 30 days (or as required by applicable law).

Additional Privacy Information

California "Shine the Light" Law

California residents may request information about our disclosure of personal information to third parties for their direct marketing purposes. As we do not share personal information with third parties for their direct marketing purposes, we are exempt from this requirement.

Nevada Privacy Rights

Nevada residents have the right to opt out of the sale of certain covered information. We do not sell covered information as defined under Nevada law. If you have questions, contact us at [email protected]

Automated Decision-Making

We may use automated systems to analyze your usage patterns and provide personalized recommendations. You have the right to object to automated decision-making that has legal or similarly significant effects. Contact us to exercise this right.

Third-Party Links

Our services may contain links to third-party websites, plugins, and applications. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

Have Privacy Questions?

Our privacy team is here to help answer any questions about how we protect and use your data.

Contact Privacy Team