Privacy Policy
Last Updated: January 1, 2026
Your Privacy Matters
VIV Digital Marketing ("VIV," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the VIV Client Portal.
1. Information We Collect
1.1 Information You Provide
When you use the Portal, we collect information that you provide directly to us:
- Account Information: Email address, name, phone number, business address, company name
- Authentication Data: Login credentials (passwords are encrypted using bcrypt hashing and never stored in plain text)
- Service Requests: Descriptions, titles, priority levels, and types of requests you submit
- File Uploads: Documents, images, and other files you upload (automatically deleted after 30 days)
- Communications: Messages, comments, and replies you send through the Portal
1.2 Information We Collect Automatically
When you access the Portal, we automatically collect certain technical information:
- Authentication Tokens: JWT tokens for session management (expire after 24 hours)
- Login Activity: Login timestamps and IP addresses (for security and rate limiting purposes only)
- Error Logs: Technical error information to maintain and improve the Portal (does not include personal data)
- Browser Data: Information stored in your browser's local storage for session persistence
1.3 Third-Party Service Data
With your authorization, we access and display data from:
- Google Analytics 4: Website traffic, visitor statistics, and page performance metrics
- Google Ads: Advertising campaign performance, clicks, impressions, and spend data
- Monday.com: Project management and client relationship data
2. How We Use Your Information
We use the information we collect to:
- Provide Services: Authenticate your account, display your business information, and manage service requests
- Communication: Respond to your inquiries and provide customer support
- Analytics Display: Show you your website and advertising performance data
- Security: Protect against unauthorized access, fraud, and abuse through rate limiting and monitoring
- Service Improvement: Analyze usage patterns to improve Portal functionality and user experience
- Legal Compliance: Comply with applicable laws and respond to legal requests
3. Data Storage and Security
3.1 Where We Store Data
- Client Information: Stored in Monday.com (third-party CRM platform)
- Uploaded Files: Stored on secure servers with automatic 30-day deletion
- Session Tokens: Stored temporarily in your browser (24-hour expiration)
- Cache Data: Temporarily stored (1-24 hours) to improve performance
3.2 Security Measures
We implement industry-standard security measures to protect your information:
- Encryption: All passwords are encrypted using bcrypt hashing
- Secure Transmission: All data transmitted over HTTPS/SSL
- Access Controls: Restricted access to sensitive files and folders
- Rate Limiting: Protection against brute force attacks (5 login attempts per 15 minutes)
- Authentication: JWT token-based authentication with 24-hour expiration
- File Validation: Uploaded files are validated for type and size (max 20MB)
4. Data Retention
We retain your information for different periods depending on the type:
- Client Data: Retained for the duration of our business relationship and as required by law
- Uploaded Files: Automatically deleted after 30 days
- Authentication Tokens: Expire after 24 hours
- Rate Limit Data: Deleted after 15 minutes
- Cache Files: Deleted after 1-24 hours
- Error Logs: Retained indefinitely for technical support (contain no personal data)
5. Third-Party Services
The Portal integrates with the following third-party services, each with their own privacy policies:
5.1 Monday.com
We use Monday.com as our client relationship management platform. Your client data is stored on Monday.com's servers.
5.2 Google Analytics 4
We access your Google Analytics data to display website performance metrics in the Portal.
5.3 Google Ads API
We access your Google Ads data to display advertising performance metrics in the Portal.
6. Your Rights and Choices
Depending on your location, you may have certain rights regarding your personal information:
6.1 Access and Correction
You can view and update your information by logging into the Portal. For data stored in Monday.com, contact your account manager.
6.2 Data Deletion
To request deletion of your data, contact us at support@builtbyviv.com. Note that some data may be retained as required by law or for legitimate business purposes.
6.3 Opt-Out
You can stop using the Portal at any time. To deactivate your account, contact your account manager.
6.4 California Privacy Rights (CCPA)
California residents have additional rights under the California Consumer Privacy Act (CCPA), including:
- Right to know what personal information we collect
- Right to delete personal information
- Right to opt-out of the sale of personal information (note: we do not sell personal information)
- Right to non-discrimination for exercising CCPA rights
6.5 European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
7. Cookies and Tracking
The Portal uses the following browser storage mechanisms:
- Local Storage: Used to store authentication tokens and session data
- Session Management: Maintains your logged-in state for 24 hours or until you log out
- No Third-Party Cookies: We do not use third-party cookies or tracking pixels
8. Children's Privacy
The Portal is not intended for use by children under 18 years of age. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child, please contact us immediately.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make changes, we will:
- Update the "Last Updated" date at the top of this policy
- Notify you via email or through the Portal if changes are material
- Obtain your consent if required by applicable law
Your continued use of the Portal after changes take effect constitutes your acceptance of the revised Privacy Policy.
10. International Data Transfers
Your information may be transferred to and processed in the United States or other countries where our service providers operate. By using the Portal, you consent to such transfers. We ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.
11. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us:
VIV Digital Marketing
Email: support@builtbyviv.com
Phone: 888-748-1848
Website: builtbyviv.com
For GDPR-related inquiries:
Email: support@builtbyviv.com
12. Legal Basis for Processing (GDPR)
If you are in the EEA, our legal basis for collecting and using your personal information depends on the specific context:
- Contractual Necessity: Processing necessary to provide services you've requested
- Legitimate Interests: Processing necessary for our legitimate business interests (e.g., security, fraud prevention)
- Consent: You've given explicit consent for specific processing activities
- Legal Obligation: Processing necessary to comply with legal requirements
Important Notice
This Privacy Policy is provided for informational purposes. While we strive for accuracy and compliance, this document does not constitute legal advice. For specific legal questions, consult with a qualified attorney.