At hexoscale llc (“hexoscale,” “we,” “our,” or “us”), your privacy and data security are a top priority. This Privacy Policy explains how we collect, use, store, and protect personal information, including communications and website activity, in accordance with applicable laws and A2P standards.
1. Information We Collect
Business Client Information: Name, email, phone number, company name, and address.
Lead Data Provided by You: Contact information (emails, phone numbers) for leads who have expressly consented to receive communications.
Usage Data: Website and platform activity, including engagement metrics, automated message logs, and service usage history.
Cookies and Tracking: Cookies and similar technologies are used to improve user experience, support website functionality, track analytics, and measure campaign effectiveness. Cookies may be first-party or third-party and include session data, preferences, and anonymized usage statistics. Users can manage cookie preferences via browser settings. No personally identifiable information is collected via cookies without consent.
2. How We Use Your Information
We use your data to:
Provide hexoscale services, including lead follow-up, appointment coordination, and communication management.
Send communications only to opted-in leads, including transactional, informational, or marketing messages when a separate marketing opt-in is provided.
Process STOP and HELP requests efficiently.
Monitor performance, improve services, and ensure compliance with TCPA, CAN-SPAM, CASL, GDPR/ePrivacy, and A2P 10DLC requirements.
We never sell or share lead information outside the scope of your contracted services.
3. SMS Opt-In and Messaging
Customers receive SMS messages only if they have explicitly opted in. Opt-in may be provided via website forms, booking confirmations, or other written or digital methods.
Messages may include:
Appointment confirmations and reminders
Updates on date, time, location, or assigned service provider
Marketing communications only with separate, explicit consent
Recipients may reply STOP to unsubscribe from all messages or HELP for instructions on managing preferences.
All opt-in and opt-out records are securely stored, including timestamp, IP address, and method of consent, for at least four (4) years to ensure compliance and audit readiness.
Message frequency is limited to what is reasonably required for appointment management or marketing purposes. No messages are sent without valid, verifiable consent.
All messaging is designed to comply with TCPA, CAN-SPAM, CASL, GDPR/ePrivacy, and carrier A2P 10DLC standards, including proper sender identification, content transparency, and opt-out mechanisms.
4. Consent & Proof
You are responsible for providing verifiable consent for all contacts you supply. Proof should include method, timestamp, IP address, and source. hexoscale stores these records securely for audit purposes.
Compliance includes, but is not limited to:
TCPA (U.S.)
CAN-SPAM (U.S.)
CASL (Canada)
GDPR / ePrivacy (EU)
Local laws where applicable
5. Data Protection & Security
hexoscale implements administrative, technical, and organizational safeguards to protect your data, including:
Encryption at rest and in transit
Access control limiting data to authorized personnel
Monitoring and auditing of platform access
Periodic security reviews
6. Opt-Out & Data Retention
Leads may unsubscribe at any time via STOP or email links. Assistance can be requested via HELP.
Opt-outs and consent records are processed promptly and retained for a minimum of four (4) years for compliance purposes.
7. International Compliance
For leads outside the U.S., hexoscale supports compliance with:
Canada: CASL
EU: GDPR & ePrivacy
Other regions: applicable local laws
hexoscale is not responsible for failure to comply with non-U.S. regulations.
8. Liability
hexoscale relies on clients to provide valid, opted-in contacts. hexoscale is not liable for messages sent to unconsented or invalid contacts, or for regulatory consequences arising from client non-compliance.
9. Changes to Privacy Policy
Updates to this policy will be reflected by a revised Effective Date.
10. Mobile info sharing statement
Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes. All other categories of information sharing are limited to what is necessary to deliver services, comply with legal obligations, or support platform functionality (such as messaging delivery providers and compliance vendors).
Text messaging originator opt-in data and consent will not be shared, sold, rented, or transferred to any third parties, affiliates, or partners under any circumstances.