Plain-English Summary: We collect your name, email, phone, and business information to run your account. We use Stripe (via GoHighLevel) to process payments — we never see or store your full credit card number. We don't sell your data. Ever.
Who We Are
This Privacy Policy applies to Awake Technologies Corporation ("we," "us," or "our"), the company behind the Bullish on Business Executive Information System (EIS) platform, accessible at bullishonbusiness.net.
We are committed to protecting your privacy and handling your personal information responsibly in accordance with applicable data protection laws, including the California Consumer Privacy Act (CCPA) and, where applicable, the General Data Protection Regulation (GDPR).
Awake Technologies Corporation
Bullish on Business EIS
bullishonbusiness.net
bullishonbusiness.com
support@bullishonbusiness.com
Information We Collect
We collect information you provide directly to us, as well as information generated by your use of the platform.
Information you provide:
- Account Information: First name, last name, email address, phone number, and password (stored as a secure hash — we never store plaintext passwords).
- Business Information: Company name, industry, business stage, revenue range, employee count, company goals, value proposition, market segments, and other business profile data you enter during onboarding and within platform modules.
- Payment Information: Name and billing details submitted during checkout. See Section 3 for full details on how payment data is handled.
- Profile & Preferences: Job title, key result areas, major definite purpose, and other personal growth data you enter into the platform.
- Communications: Any messages or support requests you send us.
Information collected automatically:
- Usage Data: Pages visited, features used, session duration, and actions taken within the platform (e.g., modules accessed, sessions created).
- Activity Log: Certain critical actions — such as accepting legal agreements and accessing sensitive features — are recorded in an immutable activity log for legal and audit purposes.
- Session Data: Login timestamps, session identifiers stored in secure, HTTP-only cookies, and last login date.
- Device & Connection Info: IP address, browser type, and operating system, used for security and troubleshooting only.
Payment Data & Processing
We do not store your credit card information. All payment processing is handled by Stripe and GoHighLevel (Course Creator 360). Your card details are transmitted directly to Stripe's secure servers and are never stored on our platform.
When you purchase a subscription through our order form:
- Your payment is processed by Stripe, Inc., a PCI-DSS Level 1 certified payment processor.
- Your order form submission is managed by GoHighLevel / Course Creator 360, which triggers automatic account provisioning on our platform.
- We receive only your name, email address, phone number, and selected plan — never your card number, CVV, or billing address.
- Stripe may collect and store your payment method details subject to Stripe's Privacy Policy.
Subscription billing: Your subscription renews automatically on a monthly basis. You may cancel at any time by contacting us at support@bullishonbusiness.com. Cancellation takes effect at the end of your current billing period.
Refund policy: All purchases are subject to our standard refund policy. Please contact us within 7 days of your initial purchase if you are unsatisfied.
How We Use Your Information
We use the information we collect to:
- Provide the Platform: Create and manage your account, deliver the features and modules included in your subscription plan, and personalize your experience.
- Process Payments & Billing: Set up your subscription, confirm payment, and manage your account status.
- Onboarding & Support: Send welcome emails, password-set links, onboarding guidance, and respond to support requests.
- Platform Communications: Send service-related notifications such as session reminders, account alerts, and critical performance notifications generated by your EIS configuration.
- AI-Powered Features: Use your business profile data to generate personalized insights, diagnostic results, action plans, and Daily Spark content through our AI advisor features. Your data is sent to OpenAI's API for this purpose and is subject to OpenAI's Privacy Policy.
- Security & Integrity: Detect, prevent, and address fraud, unauthorized access, and other harmful activity.
- Legal Compliance: Maintain immutable activity logs for legal protection, agreement enforcement, and audit purposes.
- Platform Improvement: Analyze aggregate usage patterns to improve features, performance, and user experience.
We do not use your personal information for third-party advertising or sell it to data brokers.
How We Share Your Information
We do not sell your personal information. We share your information only in the following limited circumstances:
- Service Providers: We share data with third-party vendors who help us operate the platform, including:
- Stripe — payment processing
- GoHighLevel / Course Creator 360 — order form and CRM management
- OpenAI — AI-powered advisor, content generation, and diagnostic features
- Google — OAuth authentication and Google Drive backup (for Enterprise/Consultant plans)
- QuickBooks Online (Intuit) — financial data integration (if you connect your QuickBooks account)
- Clio — legal matter data integration (if you connect your Clio account)
- Social Media Platforms — LinkedIn, Facebook, Instagram (for Daily Spark auto-posting, only when you authorize it)
- Consultants & Advisors: If you are assigned a consultant through the platform, that consultant may access your business profile, session notes, and module progress as part of the advisory relationship.
- Legal Requirements: We may disclose your information if required by law, court order, or governmental authority.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, with notice provided to you.
- With Your Consent: We may share your information for any other purpose with your explicit consent.
Data Storage & Security
Your data is stored in a PostgreSQL database hosted on Supabase in production, with TLS encryption in transit and encryption at rest. We implement the following security measures:
- Passwords: Stored only as bcrypt hashes (salted, 12 rounds). We never store or transmit plaintext passwords.
- Sessions: Managed via secure, HTTP-only cookies with PostgreSQL-backed session storage. Sessions expire automatically and are extended on activity.
- Role-Based Access Control: Six distinct permission levels ensure users can only access data they are authorized to see.
- Business-Scoped Data Isolation: All business data is scoped to your organization — other companies cannot access your data.
- Row Level Security (RLS): Enabled on all 45 database tables (Enterprise and Consultant plans).
- Immutable Audit Logs: Critical actions are recorded in an append-only log that cannot be modified or deleted.
- TLS Encryption: All data transmitted between your browser and our servers is encrypted via TLS.
- Automated Backups: Daily automated backups to Google Drive (Enterprise and Consultant plans).
While we implement industry-standard security measures, no system is completely immune to security risks. We encourage you to use a strong, unique password and to contact us immediately if you suspect unauthorized access to your account.
Cookies & Session Data
We use cookies strictly to operate the platform. We do not use advertising or tracking cookies.
- Session Cookie: A single, HTTP-only, secure cookie is set when you log in. It stores only a session identifier — no personal data. It expires after 7 days of inactivity or when you log out.
- No Third-Party Tracking: We do not use Google Analytics, Facebook Pixel, or any behavioral advertising cookies on the platform.
- Social Media Auto-Posting: If you connect LinkedIn, Facebook, or Instagram for Daily Spark posting, those platforms may set their own cookies during the OAuth connection process, subject to their respective privacy policies.
Your Rights & Choices
Depending on your location, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you.
- Correction: Request correction of inaccurate or incomplete information. You can update most profile information directly within the platform.
- Deletion: Request deletion of your account and associated personal data. Note: certain data may be retained where required by law or for legitimate business purposes (e.g., billing records, immutable audit logs).
- Portability: Request your data in a structured, machine-readable format.
- Opt-Out of Communications: You may opt out of non-essential emails by contacting us. Note: service-related emails (e.g., security alerts, password resets) cannot be opted out of while your account is active.
- California Residents (CCPA): You have the right to know what personal information we collect, the right to delete it, and the right to opt out of its sale (we do not sell personal information).
- EEA/UK Residents (GDPR): You have additional rights including the right to object to processing and the right to lodge a complaint with your local supervisory authority.
To exercise any of these rights, contact us at support@bullishonbusiness.com. We will respond within 30 days.
Data Retention
We retain your personal information for as long as your account is active and as needed to provide you with the platform. Specifically:
- Account Data: Retained for the duration of your subscription and for up to 2 years after account closure, unless you request deletion.
- Business & EIS Data: Retained while your account is active. Deleted upon account closure unless a longer retention period is required.
- Billing Records: Retained for 7 years as required by financial and tax regulations.
- Activity Logs: Retained indefinitely as part of our immutable legal protection system.
- Password Reset Tokens: Automatically expire within 48 hours and are marked as used upon redemption.
- Session Data: Automatically expires after 7 days of inactivity.
Children's Privacy
The Bullish on Business EIS platform is intended for business owners, executives, and professionals aged 18 and older. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete it promptly.
If you believe we have inadvertently collected information from a child, please contact us at support@bullishonbusiness.com.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Notify active platform users via email or an in-platform notice
- Where required by law, obtain your consent before applying material changes
Your continued use of the platform after the effective date of any update constitutes your acceptance of the revised Privacy Policy. We encourage you to review this policy periodically.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please reach out:
Questions About Your Privacy?
We're here to help. Contact our team directly:
Awake Technologies Corporation
Email: support@bullishonbusiness.com
Platform: www.bullishonbusiness.net
We respond to all privacy requests within 30 days.