FiveStars ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service, which enables businesses to send review request messages to their customers via SMS and email.

By using FiveStars, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

We use the information we collect to:

• Provide, maintain, and improve our service
• Process and send review request messages (SMS and email) on behalf of businesses
• Authenticate users and manage accounts
• Generate AI-powered review replies using business context
• Monitor and analyze usage patterns and trends
• Detect, prevent, and address technical issues and security threats
• Comply with legal obligations and enforce our terms
• Send administrative communications and service updates

When businesses use FiveStars to send review request messages via SMS, we process phone numbers on their behalf:

• Consent: Phone numbers are only used when customers have provided explicit consent to the business
• Purpose: Phone numbers are used solely to send transactional review request messages
• Opt-Out: Customers can opt out at any time by replying "STOP" to any message
• No Marketing: We do not use phone numbers for marketing purposes or share them with third parties for marketing
• Storage: Phone numbers are stored securely and only retained as long as necessary for the service
• Carrier Compliance: We comply with TCPA, CAN-SPAM, and carrier requirements (A2P 10DLC, Toll-Free verification)

For more information about SMS consent and opt-out procedures, please visit our SMS Consent page.

We do not sell, trade, or rent your personal information to third parties. We may share information in the following circumstances:

• Service Providers: We use trusted third-party services (Twilio for SMS, Resend for email, Supabase for database, OpenAI for AI features) that process data on our behalf under strict confidentiality agreements
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred
• Legal Requirements: We may disclose information if required by law, court order, or government regulation
• Protection of Rights: We may disclose information to protect our rights, property, or safety, or that of our users
• With Your Consent: We may share information with your explicit consent

We implement industry-standard security measures to protect your information:

• Encryption of data in transit (HTTPS/TLS) and at rest
• Secure authentication and access controls
• Regular security audits and vulnerability assessments
• Limited access to personal information on a need-to-know basis
• Secure hosting infrastructure with reputable providers

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

You have the following rights regarding your personal information:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Opt-Out: Opt out of SMS messages by replying "STOP" or unsubscribing from emails
• Account Closure: Delete your account and associated data through account settings

To exercise these rights, please contact us at admin@getfivestars.xyz.

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will take steps to delete such information.

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.