Privacy Policy — ClickVSG
Last updated: 2025
Who we are: VSG Group LLC (“ClickVSG,” “we,” “us,” or “our”) is a marketing and AI-automation agency based in Cleveland, Ohio.
This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our websites, use our services, contact us, or interact with our AI chatbots/voicebots and automations.
Quick summary: We use your information to answer inquiries, book consultations, provide and improve services, measure performance, and comply with the law. We don’t sell personal information. You can request access, deletion, corrections, and marketing opt-outs at any time.
1) Scope
This Policy applies to:
Website visitors (e.g., contact forms, chat widgets, analytics).
Leads and customers (e.g., strategy calls, proposals, onboarding).
End users who interact with client-deployed AI chat/voice solutions that we build or manage.
Job applicants and vendors.
It does not cover third-party sites or platforms we don’t control (e.g., Google, Facebook, review platforms). Their privacy practices govern your data there.
2) Information we collect
A. You provide directly
Contact & business details: name, company, email, phone, role, service interests, meeting notes.
Messages & uploads: form entries, chat transcripts, voicemail and call recordings (if enabled), support requests.
Billing & contracts: addresses, purchase records, signatures (payments are processed by third-party providers—we don’t store full payment card numbers).
B. Collected automatically
Device/usage data: IP address, browser type, pages viewed, referring/exit pages, timestamps, approximate location, clicks and conversions.
Cookies/SDKs/pixels: to keep you logged in, remember preferences, measure performance, and attribute leads. See Cookies below.
C. From third parties
Lead sources & platforms: ad networks, analytics, call tracking, CRM, calendar, telephony/SMS providers, review platforms, and Google Business Profile.
Public & partner data: business listings, websites, and public reviews.
Sensitive data: We do not seek to collect sensitive personal information. If your use case involves health or other regulated data, we configure HIPAA-aware workflows upon request and contract.
3) How we use information (purposes)
Provide services: respond to inquiries, schedule calls, deliver projects, manage accounts.
AI chat/voice experiences: answer FAQs, qualify leads, book appointments, route to humans.
Automation: confirmations, reminders, missed-call text back, review requests, and status updates.
Improve & secure: diagnostics, debugging, analytics, A/B testing, fraud prevention, abuse detection.
Marketing (consent/opt-out): email/SMS updates about features, content, and offers.
Compliance: contracts, taxes, audits, legal requests, and dispute resolution.
Automated decision-making & profiling: Our bots may ask screening questions to qualify/rout leads (e.g., location, urgency). Humans can review or override upon request.
4) Legal bases (GDPR/UK)
Where applicable, we rely on:
Contract (to deliver requested services),
Legitimate interests (to secure and improve our services, measure performance, and grow the business),
Consent (cookies, email/SMS marketing, call recording),
Legal obligations (tax, accounting, compliance).
You may withdraw consent or object to processing where we rely on legitimate interests.
5) How we share information
We share personal information with:
Service providers/processors (hosting, CRM, analytics, call tracking/recording, telephony/SMS, email, calendars, form/chat tools, payment processors).
AI/LLM infrastructure providers used to power chat/voice (configured with guardrails and data handling restrictions).
Client accounts (where we operate as a processor and need to sync leads, bookings, transcripts, and review workflows).
Professional advisors and legal authorities as required by law.
We do not sell personal information. We may share limited data for cross-context behavioral advertising only with your consent and provide opt-out mechanisms.
6) Cookies, pixels, and tracking
We use:
Essential cookies (security, forms, preferences),
Analytics (traffic, performance, conversions),
Attribution/ads (UTMs, campaign performance),
Functionality (chat widgets, calendar booking).
You can manage preferences via our Cookie Preference link (if enabled) or your browser settings. Some features may not work without cookies.
Do Not Track: We honor “Global Privacy Control” (GPC) signals where required.
7) Data retention
We keep personal information only as long as necessary for the purposes above:
Leads & contact forms: 24 months from last interaction (or sooner upon request).
Chat transcripts & AI interactions: 12 months (configurable per client).
Call recordings/voicemails (if enabled): 6–12 months (configurable).
Contracts & billing: as required by law (typically 7 years).
We may anonymize data for statistics and product improvement.
8) Security
We use industry-standard safeguards: encryption in transit (TLS), access controls, least-privilege permissions, audit logs, and vendor due diligence. No system is 100% secure; please contact us immediately if you suspect unauthorized activity.
9) Your privacy choices & rights
Depending on your location, you may have the right to:
Access and port your data,
Correct inaccuracies,
Delete your data,
Restrict or object to processing,
Opt out of targeted ads, profiling, or sale/share of personal information,
Withdraw consent (e.g., marketing, recordings).
Submit requests at [email protected] or via our Privacy Request form. We will verify your identity before responding. If we refuse, you may appeal by replying “Appeal” to our decision email. You can also contact your local data protection authority.
Marketing opt-out: Use unsubscribe links in emails, reply STOP to SMS, or email us.
10) Regional disclosures
California (CCPA/CPRA):
We don’t sell personal information.
We may “share” limited data for cross-context advertising with consent; you can opt out.
You have the rights listed above, plus the right to limit use of sensitive personal information (which we generally do not collect).
Do Not Sell or Share My Personal Information link available where required.
Virginia/Colorado/Connecticut/Utah: Similar rights to access, delete, correct, and opt out of targeted advertising and profiling.
EEA/UK/Switzerland (GDPR): You may contact us to exercise rights or lodge a complaint with your authority. Where we transfer data outside your region, we use appropriate safeguards (e.g., SCCs).
11) Children
Our services are not directed to children under 13 (or the age required by local law). We do not knowingly collect data from children. If you believe a child provided data, contact us to remove it.
12) Service-specific notes
AI chatbots & voicebots
We store chat transcripts and, if enabled, call recordings to improve service quality, provide handoff to staff, and maintain records.
We configure data retention, redaction, and fallback-to-human settings with each client.
If you interact with a client’s bot on their site or phone line, your data may be shared with that client’s CRM and communication tools.
“Smart” websites & SEO
We use performance and diagnostic data (e.g., Core Web Vitals) to optimize speed, accessibility, and conversions.
We implement structured data (schema) to qualify for rich results and voice/AI answers.
Automation & workflows
With consent, we send SMS/email confirmations, reminders, and review requests.
You can opt out at any time via links or by replying STOP (SMS).
Lead generation & ads
We use UTM parameters, pixels, and call tracking to measure campaigns.
We don’t share PII with ad platforms unless you’ve given consent and it is allowed by platform policies.
Reputation management
We help request, monitor, and respond to reviews. Public reviews are governed by each platform’s policies.
Google Business Profile
We may request manager access to optimize your listing, posts, services, and Q&A.
We track calls, website clicks, and direction requests via GBP Insights and UTMs.
13) International transfers
If you access our services from outside the United States, your information may be processed in the U.S. and other countries. We use appropriate safeguards for cross-border transfers where required.
14) Third-party links and integrations
Our site and deliverables may link to external sites or embed third-party tools. Their privacy policies govern those services.
15) Changes to this Policy
We may update this Policy to reflect changes in laws or our practices. We’ll post the new date above. If changes are material, we’ll provide additional notice (e.g., banner or email).
16) Contact us
VSG Group LLC
Cleveland, Ohio, USA
Email: [email protected]
For data rights requests: [email protected] (subject: “Privacy Request”)
If you prefer mail, please email us for a mailing address.
17) Additional notices (telemarketing/SMS)
By providing your phone number and opting in, you consent to receive SMS/text messages and calls (including automated or prerecorded messages) related to your inquiry or services. Message and data rates may apply. You can opt out at any time by replying STOP.
18) Data Processing Addendum (business clients)
If you are a business client seeking a DPA (including SCCs), contact [email protected]. We’ll provide our standard DPA and list of subprocessors on request.
19) Your responsibilities (clients)
If you use our services with your customers’ data, you are responsible for:
Providing your own privacy notice,
Obtaining necessary consents,
Configuring retention and permissions, and
Honoring data subject requests in your systems.