Privacy Policy

1. Overview

SiteMaxy SMS Bridge ("we", "us") is a HighLevel Marketplace integration that routes outbound SMS to a Sri Lankan SMS gateway. This policy explains what data we collect, how it is used, and how it is protected.

2. Data We Collect

Location Settings

When you configure the integration, we store per sub-account:

  • Your HighLevel Location ID
  • Your SMS gateway API key (stored encrypted at rest, never returned in responses)
  • Your approved sender ID
  • Your configuration preferences (country code, flash SMS flag)

Message Logs

For each outbound SMS we log:

  • Recipient phone number (normalized to international format)
  • Sender ID used
  • A short preview of the message body (first 60 characters)
  • Delivery status returned by the gateway
  • A message reference ID from the gateway
  • Timestamp and a test/live flag

Installation Events

We record sanitized installation and uninstallation events for operational purposes. No access tokens, refresh tokens, or credentials are stored in event logs.

3. How We Use Data

We use collected data solely to operate the SMS integration service:

  • Routing outbound SMS with the correct credentials for each sub-account
  • Displaying delivery status in the Logs view
  • Diagnosing delivery failures on request
  • Removing sub-account data automatically when the app is uninstalled

We do not sell, share, or use message content or contact data for any purpose beyond operating the service.

4. API Keys and Credentials

SMS gateway API keys are stored encrypted at rest. They are never returned in API responses, never logged in server output, and never displayed in the interface after saving. Only the internal server process reads them to authenticate outbound requests.

5. Third-Party Services

To deliver SMS, we transmit the recipient phone number, sender ID, and message content to the SMS gateway you configured for your sub-account. No other third-party services receive this data.

6. Data Retention

Sub-account settings are retained until the app is uninstalled, at which point they are automatically deleted. Message logs are retained for operational purposes and may be reviewed upon request.

7. Your Rights

You may request deletion of your sub-account data at any time by uninstalling the app from the HighLevel Marketplace or by emailing support@sitemaxy.com.

8. Contact

Privacy questions and data deletion requests: support@sitemaxy.com