Privacy Policy
Last updated: July 3, 2026
This Privacy Policy explains how Profit Catalyst, operated by Dave Dunham ("we," "us," or "our"), collects, uses, and shares information when you use the Profit Catalyst App and our websites (the "Service").
1. Information We Collect
- Account information: name, email address, and login credentials, managed through our authentication provider.
- Business data: gym profile details, member and customer records, campaign content, and analytics data you create or upload while using the Service.
- Payment information:payments are processed by Fluid Pay. Your card number is entered directly into the processor's secure form and tokenized. Full card numbers never touch our servers. We keep records of your plan, transaction amounts, and billing history.
- Usage data: log data, device and browser information, and how you interact with features, used to operate and improve the Service.
2. How We Use Information
- Provide, maintain, and improve the Service
- Process payments and manage your plan
- Generate campaign content and analytics you request
- Send transactional messages (receipts, account notices) and, with your consent, product updates
- Provide customer support
- Detect and prevent fraud and abuse
- Comply with legal obligations
3. Your Customers' Data
When you upload member or contact lists, you are the controller of that data and we process it on your instructions to provide the Service. You are responsible for obtaining any consents required to collect and message those contacts. We use your uploaded contact data only to deliver the features you use. We never sell it or use it to market to your members.
4. Sharing
We share information only with:
- Service providers that help us run the Service (hosting, authentication, payment processing, email delivery), bound by confidentiality obligations
- Integrations you connect, such as GoHighLevel, Salesforce, or Zapier: when you connect a CRM, we send the data you configure (for example, contacts and play events) to that platform
- Legal authorities when required by law or to protect our rights, users, or the public
- A successor entity in connection with a merger, acquisition, or sale of assets, with notice to you
We do not sell personal information.
5. Data Retention
We keep your data while your account is active. After account termination, we make your data available for export for 30 days, then delete or anonymize it within a commercially reasonable period, except where we must retain records for legal, tax, or accounting purposes.
6. Security
We use industry-standard safeguards: encrypted connections (TLS), encrypted storage, tokenized payments, and access controls. No system is 100% secure, so we cannot guarantee absolute security. Report security concerns to [email protected].
7. Your Rights
Depending on where you live, you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing. Email [email protected] and we will respond within 30 days. You can also update most account information directly in the app.
8. Cookies
We use cookies and similar technologies for authentication, session management, and product analytics. You can control cookies through your browser settings; disabling required cookies may break sign-in.
9. Children
The Service is for business use by adults. We do not knowingly collect personal information from anyone under 18.
10. Changes
We may update this policy from time to time. Material changes will be announced by email or in-app notice before they take effect.
11. Contact
Privacy questions or requests: [email protected].