Privacy Policy

1. Introduction

HighStake Systems, LLC ("Company," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website, use our platform, or engage with our services (collectively, the "Services").

This policy applies to all users of our Services, including business contacts identified through publicly available data sources. By using our Services, you consent to the practices described in this policy. If you do not agree with this policy, please do not use our Services.

2. Information We Collect

2.1 Information You Provide Directly

• Account registration information (name, email address, company name, phone number)
• Payment and billing information (processed securely via Stripe, Inc.)
• Communications you send to us (emails, support requests, feedback)
• Preferences and settings you configure within the platform

2.2 Information Collected Automatically

• Device and browser information (IP address, browser type, operating system)
• Usage data (pages visited, features used, time spent on the platform)
• Email engagement data (opens, clicks, bounces) via tracking pixels and link tracking
• Geolocation data (derived from IP address, at the city level)
• Cookies and similar tracking technologies (see Section 7)

2.3 Information from Public Sources

We collect business information from publicly available sources, including but not limited to Google Maps, public business directories, state business registrations, and publicly accessible websites. This information may include business names, addresses, phone numbers, websites, operating hours, customer reviews, and other publicly listed business details. This data is used exclusively for B2B commercial intelligence and is not used to build consumer profiles.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide, maintain, and improve our platform and analytics services
• Lead Scoring and AI Analysis: To generate business intelligence scores, conversion predictions, and market insights using machine learning models
• Commercial Outreach: To send relevant B2B commercial communications about services that may benefit your business operations
• Payment Processing: To process transactions and manage billing through our payment processor (Stripe)
• Analytics and Reporting: To generate engagement reports, performance dashboards, and usage statistics
• Compliance: To comply with legal obligations, enforce our terms, and prevent fraud
• Product Improvement: To understand usage patterns and improve our algorithms and user experience

4. Legal Basis for Processing

We process personal information under the following legal bases:

• Contractual Necessity: Processing necessary for the performance of our agreement with you
• Legitimate Interest: Processing necessary for our legitimate business interests, including B2B marketing, fraud prevention, and service improvement, balanced against your rights and freedoms
• Consent: Where you have given explicit consent for specific processing activities
• Legal Obligation: Processing necessary to comply with applicable laws and regulations

5. Information Sharing and Disclosure

We do not sell your personal information. We may share information with:

• Service Providers: Third-party vendors who assist in operating our Services, including:
  • Stripe, Inc. — Payment processing
  • Twilio SendGrid — Email delivery
  • Google Cloud Platform — Infrastructure and AI/ML services
  • Anthropic — AI-powered text generation
  • Mapbox — Geospatial visualization
• Legal Requirements: When required by law, regulation, legal process, or enforceable governmental request
• Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets
• Protection of Rights: When necessary to protect the rights, property, or safety of HighStake Systems, our users, or the public

6. Email Communications and CAN-SPAM Compliance

Our commercial email communications comply with the CAN-SPAM Act (15 U.S.C. § 7701 et seq.). All commercial emails sent through our platform:

• Contain accurate header information and a non-deceptive subject line
• Are clearly identified as commercial communications
• Include our valid physical postal address (Austin, TX)
• Include a clear and conspicuous unsubscribe mechanism
• Honor unsubscribe requests within 10 business days
• Include a List-Unsubscribe header compliant with RFC 8058 for one-click unsubscription

You may opt out of receiving commercial emails at any time by clicking the "Unsubscribe" link in any email, by visiting our unsubscribe page, or by contacting us directly. Once you unsubscribe, your record is permanently suppressed from all future outreach campaigns.

7. Cookies and Tracking Technologies

We use the following tracking technologies:

• Essential Cookies: Required for platform functionality and security
• Analytics Cookies: Used to understand usage patterns and improve the Services
• Tracking Pixels: 1×1 transparent images embedded in emails to measure open rates and engagement
• Link Tracking: Redirect links in emails used to measure click-through rates

You can control cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Services. Email tracking pixels can be blocked by disabling remote image loading in your email client.

8. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law. Business intelligence data derived from public sources is retained for the duration of our commercial relationship with the associated business entity. Upon request or unsubscription, contact-level data is suppressed from active processing but may be retained in anonymized or aggregated form for analytical purposes.

9. Data Security

We implement commercially reasonable administrative, technical, and physical safeguards to protect your information, including:

• Encryption of data in transit (TLS 1.2+) and at rest
• Access controls and authentication mechanisms
• Regular security assessments and monitoring
• Secure payment processing through PCI-DSS compliant providers (Stripe)

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

10. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete personal information
• Deletion: Request deletion of your personal information, subject to legal retention requirements
• Opt-Out: Opt out of commercial communications and certain data processing activities
• Portability: Request a machine-readable copy of your personal information
• Non-Discrimination: Exercise your privacy rights without discriminatory treatment

To exercise any of these rights, please contact us at privacy@highstake.systems. We will respond to verified requests within 30 days.

11. Texas Privacy Considerations

As a Texas-based company, we comply with the Texas Data Privacy and Security Act (TDPSA) where applicable. Texas residents may have additional rights under state law, including the right to know what personal data is being processed, the right to delete personal data, the right to correct inaccuracies, and the right to opt out of the sale of personal data or targeted advertising. We do not sell personal data as defined under the TDPSA.

12. Children's Privacy

Our Services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

13. International Data Transfers

Our Services are primarily operated from the United States. If you access the Services from outside the United States, your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Services, you consent to such transfers.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Services, via email, or by posting a notice on our website. The "Last updated" date at the top of this policy indicates when the most recent revisions were made. Your continued use of the Services after the effective date of any changes constitutes acceptance of the updated policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: