SynergyFlow — Privacy Policy

Last updated: November 5, 2025

Effective date: November 5, 2025

1) Who we are

SynergyFlow (“SynergyFlow,” “we,” “us,” or “our”) is a CRM and automation service

operated by Synergy Business Integration Solutions LLC (“Synergy Business IS”). Our

platform is built on GoHighLevel (“HighLevel”), which provides CRM infrastructure,

messaging, and AI-powered features that we configure for our customers.

Contact: [email protected] • (202) 821-6664

Mailing address: Ward 5, Washington, DC 20018

2) Scope

This Privacy Policy explains how we collect, use, share, and protect information when you

visit mysynergyflow.com, sign up for or use the SynergyFlow service, or interact with our

communications and support (collectively, the “Services”).

3) Information we collect

Account & profile. Name, email, phone, company details, role, password, and settings.

Billing. Payments are processed by our payment processor (e.g., Stripe). We do not store full

card numbers.

Service data (customer content). Your uploaded/imported contacts, messages, media,

pipelines, automations, templates, tasks, and related metadata processed through

SynergyFlow/HighLevel under your instructions.

Communications. Support requests, call/SMS/chat logs (including opt-ins and opt-outs),

and feedback.

AI inputs/outputs. Prompts, instructions, and outputs generated through AI features (chat

assistants, content tools, voice agents) provided via HighLevel and its AI subprocessors.

Device/usage. IP address, device identifiers, browser type, pages/screens viewed, clicks,

referring URLs, timestamps, crash logs, and cookie data.

4) Cookies & tracking

We and our service providers use cookies, local storage, pixels, and similar technologies for

authentication, security, preferences, analytics, and performance. You can manage cookies

in your browser and within any consent banner we provide.

5) How we use information

- Provide, configure, and secure the Services and your account.

- Carry out your instructions to process Service Data (contacts, messages, automations).

- Deliver AI features (e.g., content drafting, summaries, assistants, voice agents) via

HighLevel. AI outputs may be inaccurate or inappropriate; see our Terms for acceptable use.

- Communicate about service notices, updates, and marketing (you can opt out of

marketing).

- Monitor performance, analyze usage, and improve the Services.

- Detect, investigate, and prevent fraud, abuse, and security incidents; comply with legal

obligations.

- Create aggregated or de-identified insights that cannot reasonably identify you.

6) Data roles

- For Website/Account Data, we are a controller.

- For Service Data that you upload or generate in the platform (including contact lists and

messages), you are the controller and we act as a processor (through HighLevel as a subprocessor)

under your instructions.

7) Sharing & disclosure

We share information with:

- Service providers (hosting, infrastructure, analytics, email/SMS, support, security),

including HighLevel for CRM/AI features and Stripe for payments, under agreements

requiring appropriate safeguards.

- Affiliates/partners for integrations and co-marketing (per your choices).

- Legal/safety recipients when required by law or to protect rights, safety, and property.

We may share aggregated/de-identified data that cannot reasonably identify you.

8) AI provider statements

We configure HighLevel’s AI features, which rely on AI subprocessors to provide responses.

According to HighLevel, personal information is not used to train generalized public AI

models and is processed only to provide and improve the contracted services. We instruct

providers to restrict use to our purposes and to apply appropriate security.

9) Messaging compliance

You must have valid consent to send SMS, email, and calls through the Services. We honor

and log STOP/HELP responses and opt-out requests. You are responsible for complying

with applicable laws (e.g., TCPA, CAN-SPAM) and carrier rules; see our Terms for details.

10) International transfers

Your information may be processed outside your state or country. Where required, we

implement appropriate safeguards for such transfers.

11) Security

We use reasonable administrative, technical, and physical safeguards appropriate to the

risk. No method is 100% secure; protect your credentials and notify us of suspected issues.

12) Retention

We retain information as long as necessary for the purposes above, to comply with legal

obligations, and to resolve disputes. We then delete or de-identify it. You may request

deletion of Service Data, subject to legal/contractual limits and backups.

13) Your rights

Subject to applicable law, you may request access, correction, deletion, portability, or

restriction of processing, and manage marketing preferences. Contact us to exercise rights.

14) Children & minors

The Services are intended only for individuals 18 years of age or older. We do not

knowingly collect personal information from anyone under 18. If we learn that we have

collected such information, we will delete it and may disable the associated account.

15) Changes

We may update this Policy. We’ll post the new “Last updated” date and, where legally

required, notify you before material changes take effect.

Contact

[email protected] • (202) 821-6664 • Ward 5, Washington, DC 20018