PRIVACY PROTOCOL.

Fresh Franchise Solutions ("FFS") operates as a data processor for franchise networks. We adhere to strict data sovereignty and security protocols. This document outlines our handling of PII (Personally Identifiable Information) within our infrastructure.

1. Data Collection & Ingestion

We collect data primarily through direct API integrations with CRM providers (e.g., Club Ready, Mindbody). This includes:

• Lead Contact Information (Name, Phone, Email)
• Transaction History & Membership Status
• Communication Logs (SMS, Call Recordings)
• System Metadata (IP Address, Device Fingerprints)

2. Data Usage & Processing

Data is processed solely for the purpose of executing sales workflows. We do not sell, rent, or monetize lead data. Processing activities include:

• Automated Lead Qualification & Scoring
• Outbound Communication (SMS/Voice) via Twilio/HighLevel
• Performance Analytics & Reporting

3. Infrastructure Security

Our infrastructure is hosted on AWS (US-East-1) with strict access controls. Security measures include:

• AES-256 Encryption at Rest
• TLS 1.3 Encryption in Transit
• Role-Based Access Control (RBAC) for Staff
• Regular Penetration Testing & Audits

4. Data Retention & Deletion

We retain data for the duration of the active client agreement. Upon termination, all client data is purged from our active databases within 30 days. Clients may request an immediate data export or deletion via [email protected].