Privacy Policy
TextMarketing.io Effective Date: July 1, 2026 Last Updated: July 1, 2026
IMPORTANT NOTICE: This Privacy Policy describes how TextMarketing.io collects, uses, stores, and protects information in connection with the TextMarketing.io platform. Please read this policy carefully. By using the platform, you agree to the practices described herein. This document should be reviewed by qualified legal counsel before publication.
1. Introduction and Scope
TextMarketing.io, LLC ("TextMarketing.io," "we," "us," or "our") is committed to protecting the privacy and security of information entrusted to us. This Privacy Policy applies to:
- Tenant Data: Information collected from businesses ("Tenants") that register for and use the TextMarketing.io platform;
- Contact Data: Personal information about end-user consumers ("Contacts" or "Recipients") that Tenants upload to the platform as part of their contact lists;
- Recipient Interaction Data: Information collected when recipients interact with offer pages delivered through the ViewYourOffers.com portal.
This policy does not apply to the privacy practices of Tenants themselves. Tenants are independent data controllers responsible for their own privacy practices with respect to their customers. TextMarketing.io acts as a data processor with respect to Contact Data uploaded by Tenants.
2. Information We Collect
2.1 Information Tenants Provide Directly
When a business registers for and uses the TextMarketing.io platform, we collect the following categories of information:
| Category | Specific Data Points | Purpose |
|---|---|---|
| Account Identity | First name, last name, work email address, password (hashed) | Account creation and authentication |
| Business Information | Legal business name, business phone, website URL, street address, city, state, ZIP code | 10DLC registration, compliance verification |
| Tax and Regulatory | Employer Identification Number (EIN), business type (LLC, Corporation, etc.) | Carrier brand registration, regulatory compliance |
| Platform Configuration | Subdomain slug, primary and secondary brand colors, logo URL | Customizing the ViewYourOffers.com portal |
| Industry and Tier | Industry classification, pricing tier | Determining applicable compliance requirements and pricing |
| Billing Information | Payment card details (processed and stored by Stripe; we do not store raw card numbers), billing address | Processing payments for platform usage |
| Usage Preferences | Estimated monthly send volume, how you heard about us, referral source, UTM parameters | Platform optimization, attribution tracking |
| Communications | Support emails, feedback submissions | Providing customer support |
2.2 Contact Data Uploaded by Tenants
Tenants upload contact lists containing personal information about their own customers. This data is processed by TextMarketing.io solely on behalf of and under the instruction of the Tenant. The types of Contact Data we process include:
- Phone numbers (normalized to E.164 format; stored in hashed form for 2FA verification);
- First and last names;
- Email addresses (when provided);
- Date of birth (when provided, used for age verification);
- Custom fields as defined by the Tenant during CSV import.
TextMarketing.io does not own, sell, rent, or use Contact Data for any purpose other than providing services to the Tenant that uploaded it. Contact Data is not used for TextMarketing.io's own marketing purposes and is not shared with third parties for marketing purposes.
2.3 Recipient Interaction Data
When a recipient clicks a link in an SMS message and accesses the ViewYourOffers.com portal, we collect:
- The unique token included in the link (used to identify the associated campaign and offer);
- The last four digits of the recipient's phone number (entered during 2FA verification; used only for identity verification and not stored in plain text);
- Device type and browser information (used for analytics and fraud detection);
- Timestamp of access, 2FA attempt, and offer redemption;
- Opt-out events (when a recipient replies STOP or opts out through the portal).
2.4 Automatically Collected Technical Data
When Tenants and recipients use the platform and portal, we automatically collect:
- IP addresses (used for security monitoring and fraud detection; not linked to marketing profiles);
- Browser type and version;
- Operating system;
- Referring URLs;
- Pages viewed and features used within the platform;
- Session duration and interaction patterns.
This data is collected through standard web server logs and analytics tools and is used to maintain platform security, diagnose technical issues, and improve the platform.
3. How We Use Information
3.1 Tenant Account Information
We use Tenant account information for the following purposes:
- Creating and managing your account;
- Registering your brand and campaign use cases with The Campaign Registry (TCR) for 10DLC compliance;
- Processing payments and generating invoices;
- Providing customer support and responding to inquiries;
- Sending transactional communications (account notifications, campaign approval/rejection emails, billing receipts);
- Enforcing these Terms of Service and our compliance policies;
- Detecting, investigating, and preventing fraud, abuse, and violations of applicable law;
- Improving and developing the platform.
3.2 Contact Data
We use Contact Data exclusively to:
- Facilitate the transmission of SMS campaigns on behalf of the Tenant that uploaded the data;
- Generate unique tokens for secure offer delivery;
- Compute and store hashed phone number identifiers for 2FA verification;
- Process opt-out requests and maintain suppression lists;
- Provide Tenants with delivery and engagement analytics.
We do not use Contact Data for TextMarketing.io's own marketing, profiling, or advertising purposes.
3.3 Recipient Interaction Data
We use recipient interaction data to:
- Verify recipient identity during the 2FA process;
- Track offer views, redemptions, and opt-outs for Tenant analytics;
- Detect and prevent fraudulent token use;
- Maintain compliance audit trails.
4. 10DLC and Mobile Messaging Specific Disclosures
In accordance with requirements established by major U.S. wireless carriers and The Campaign Registry (TCR) for 10-Digit Long Code (10DLC) messaging programs, TextMarketing.io makes the following specific disclosures:
Mobile information (including phone numbers and SMS consent) collected by TextMarketing.io or provided by Tenants through the platform will not be shared with third parties or affiliates for marketing or promotional purposes.
No mobile information will be shared with third parties for any purpose except as expressly required to deliver the services described in this Privacy Policy (such as transmission through carrier networks) or as required by applicable law.
SMS opt-in and consent data is not sold, rented, or transferred to any third party.
These commitments apply to all data processed through the TextMarketing.io platform, including Contact Data uploaded by Tenants and recipient interaction data collected through ViewYourOffers.com.
5. Information Sharing and Disclosure
TextMarketing.io does not sell, rent, or trade personal information. We share information only in the following limited circumstances:
5.1 Service Providers
We share information with trusted third-party service providers who assist us in operating the platform. These providers are contractually bound to use information only as directed by TextMarketing.io and in accordance with this Privacy Policy. Our key service providers include:
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database hosting and authentication | Tenant account data, Contact Data, event logs |
| Stripe | Payment processing | Billing information, usage data |
| SMS Carriers (AT&T, Verizon, T-Mobile, etc.) | Message delivery | Phone numbers, message content |
| The Campaign Registry (TCR) | 10DLC brand and campaign registration | Business name, EIN, industry, campaign use case |
| Email delivery provider | Transactional email | Tenant email address, notification content |
5.2 Legal Requirements
We may disclose information when required to do so by law, regulation, court order, subpoena, or other legal process, or when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of TextMarketing.io, our Tenants, recipients, or the public.
5.3 Enforcement and Fraud Prevention
We may share information with law enforcement, regulatory agencies, or other parties when we believe it is necessary to investigate, prevent, or take action regarding illegal activity, suspected fraud, violations of our Terms of Service, or threats to the safety of any person.
5.4 Business Transfers
In the event of a merger, acquisition, sale of assets, or other business transfer, information may be transferred to the acquiring entity, subject to the same privacy protections described in this policy. We will provide notice of any such transfer.
5.5 With Your Consent
We may share information for any other purpose with your explicit consent.
6. Data Retention
We retain information for as long as necessary to provide the services, comply with legal obligations, resolve disputes, and enforce our agreements. The following retention schedule applies:
| Data Category | Retention Period | Reason |
|---|---|---|
| Tenant account information | Duration of account + 3 years after termination | Legal compliance, dispute resolution |
| Contact Data (uploaded lists) | Duration of account + 90 days after termination | Service delivery; deleted upon account closure |
| Campaign content and message logs | 3 years from campaign send date | TCPA compliance, audit trail |
| Token and redemption records | 3 years from creation date | Compliance audit trail |
| Opt-out records | Indefinite (permanent suppression) | TCPA compliance requires permanent opt-out records |
| Billing and invoice records | 7 years | Tax and financial compliance |
| Security and access logs | 1 year | Security monitoring |
| Hashed phone numbers (2FA) | Duration of associated token + 90 days | Security and fraud prevention |
Upon account termination, TextMarketing.io will delete or anonymize Contact Data within 90 days, except where retention is required by law or for ongoing legal proceedings.
7. Data Security
TextMarketing.io implements industry-standard technical and organizational security measures to protect information against unauthorized access, disclosure, alteration, or destruction. Our security practices include:
Encryption. All data is encrypted in transit using TLS 1.2 or higher. Sensitive data at rest is encrypted using AES-256 encryption.
Phone Number Hashing. Recipient phone numbers used for 2FA verification are stored as SHA-256 cryptographic hashes. The plain-text phone number is never stored in our database after the hashing operation.
Row-Level Security. Our database employs row-level security (RLS) policies that ensure each Tenant can only access their own data. Cross-tenant data access is architecturally prevented.
Access Controls. Access to production systems is restricted to authorized personnel on a need-to-know basis. All administrative access is logged and audited.
Secure API Design. The ViewYourOffers.com portal accesses the database exclusively through SECURITY DEFINER RPC functions with limited, read-only scope. Direct database access from the portal is not permitted.
Vendor Security. Our infrastructure providers (Supabase, Stripe) maintain SOC 2 Type II compliance and implement their own comprehensive security programs.
Despite these measures, no security system is impenetrable. In the event of a data breach that affects your information, we will notify you as required by applicable law.
8. Opt-Out Rights and Contact Preferences
8.1 Recipient Opt-Outs
Recipients of SMS messages sent through the platform may opt out at any time by replying STOP, UNSUBSCRIBE, CANCEL, END, or QUIT to any message. Opt-out requests are processed immediately and result in permanent suppression of that phone number from future campaigns by the relevant Tenant. Opted-out numbers are added to a suppression list that is enforced at the platform level.
8.2 Tenant Communications
Tenants may opt out of non-essential marketing communications from TextMarketing.io by clicking the unsubscribe link in any marketing email or by contacting us at privacy@textmarketing.io. Tenants cannot opt out of transactional communications (such as account notifications, billing receipts, and campaign approval/rejection emails) while maintaining an active account.
9. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
Right to Know. You have the right to request information about the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business or commercial purpose for collecting it, and the categories of third parties with whom we share it.
Right to Delete. You have the right to request deletion of personal information we have collected about you, subject to certain exceptions.
Right to Correct. You have the right to request correction of inaccurate personal information.
Right to Opt Out of Sale. TextMarketing.io does not sell personal information. If this practice changes, we will provide notice and the right to opt out.
Right to Non-Discrimination. You have the right not to be discriminated against for exercising your privacy rights.
To exercise your California privacy rights, please contact us at privacy@textmarketing.io with the subject line "California Privacy Rights Request." We will respond within 45 days as required by law.
10. European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) or equivalent legislation:
Legal Basis for Processing. We process Tenant account information on the basis of contract performance and legitimate interests. We process Contact Data on the basis of the Tenant's instructions as data controller.
Your Rights. You have the right to access, rectify, erase, restrict processing of, and port your personal data. You also have the right to object to processing and to lodge a complaint with your local data protection authority.
Data Transfers. TextMarketing.io is based in the United States. If you are located in the EEA, your data may be transferred to and processed in the United States. We implement appropriate safeguards for such transfers in accordance with applicable law.
To exercise your GDPR rights, contact us at privacy@textmarketing.io.
11. Children's Privacy
The TextMarketing.io platform is intended for use by businesses and is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.
With respect to age-gated offers delivered through ViewYourOffers.com, the platform requires recipients to confirm they are 21 years of age or older before accessing age-restricted content. This confirmation is logged as part of the compliance audit trail.
12. Cookies and Tracking Technologies
The TextMarketing.io platform and ViewYourOffers.com portal use cookies and similar tracking technologies for the following purposes:
- Essential cookies: Required for platform functionality, including authentication sessions and security tokens. These cannot be disabled.
- Analytics cookies: Used to understand how the platform is used and to improve its features. These can be disabled without affecting core functionality.
- Preference cookies: Used to remember your settings and preferences.
We do not use third-party advertising cookies or cross-site tracking technologies for behavioral advertising purposes.
13. Third-Party Links
The platform may contain links to third-party websites or services. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will provide notice of material changes by email or by posting a notice on the platform at least 30 days before the changes take effect. Your continued use of the platform after the effective date of any update constitutes your acceptance of the revised policy.
15. Contact Us
For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:
TextMarketing.io, LLC Privacy Inquiries: privacy@textmarketing.io General Support: support@textmarketing.io
For data deletion requests or to exercise your privacy rights, email privacy@textmarketing.io with the subject line "Privacy Rights Request" and include your account email address and the specific right you wish to exercise.
This Privacy Policy was last updated on July 1, 2026.
ATTORNEY REVIEW NOTICE: This document is a draft prepared for informational purposes. It has not been reviewed by licensed legal counsel. TextMarketing.io strongly recommends that this document be reviewed and approved by a qualified attorney licensed in your jurisdiction — particularly one with expertise in TCPA, CCPA, and telecommunications law — before it is published or relied upon.