Privacy Policy

Pivotal Business Strategies ("we," "our," or "us") operates Pivotal Activities ("the Service") at pivotalactivities.com. This Privacy Policy describes how we collect, use, and protect information about you when you use the Service. By using Pivotal Activities you agree to the collection and use of information in accordance with this policy.

Account information

When you register, we collect your name, email address, and password credentials. Account authentication is handled by Clerk, Inc. We do not store raw passwords.

Business and scheduling data

Data you enter into the Service — including contact names, email addresses, appointment details, notes, and custom field values — is stored in our database and associated with your account.

Calendar integration tokens

If you connect Google Calendar or Microsoft Outlook, we store OAuth access and refresh tokens to enable calendar sync on your behalf. Tokens are encrypted at rest using AES-256-GCM before storage.

Billing information

Payment details are collected and stored by Stripe, Inc. We receive only a Stripe customer identifier and subscription status — we never see or store full card numbers.

Usage data

We may collect standard server logs including IP addresses, browser type, pages visited, and timestamps for the purpose of operating and improving the Service.

• To provide, operate, and maintain the Service.
• To send transactional emails — appointment confirmations, reminders, and weekly digests — that you have enabled in Settings.
• To push appointment events to your connected Google Calendar or Microsoft Outlook calendar.
• To process payments and manage your subscription through Stripe.
• To respond to support requests and communicate with you about your account.
• To detect, prevent, and address technical issues or misuse.

We do not sell your personal data to third parties or use it for advertising.

The Service relies on the following third-party processors, each governed by their own privacy policy:

We use industry-standard security practices to protect your data, including encrypted connections (TLS/HTTPS), encrypted storage of sensitive tokens (AES-256-GCM), and access controls on our database. No method of transmission over the Internet or method of electronic storage is 100% secure, however, and we cannot guarantee absolute security.

We retain your data for as long as your account is active or as needed to provide the Service. If you cancel your subscription and request account deletion, we will delete your personal data and scheduling records within 30 days, except where retention is required by law (e.g., billing records).

Depending on your jurisdiction, you may have the right to:

• Access — request a copy of the personal data we hold about you.
• Correction — request that we correct inaccurate or incomplete data.
• Deletion — request that we delete your personal data.
• Portability — request an export of your data in a machine-readable format.
• Objection — object to certain types of processing.

To exercise any of these rights, contact us at support@pivotalactivities.com.

The Service uses cookies and similar technologies for session management and authentication (provided by Clerk). We do not use advertising or tracking cookies. You can instruct your browser to refuse cookies, but certain parts of the Service may not function correctly without them.

The Service is not directed to children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal data, please contact us and we will promptly delete it.

We may update this Privacy Policy from time to time. When we do, we will revise the effective date at the top of this page. For significant changes, we will notify you by email or by a notice within the Service. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

If you have questions about this Privacy Policy or how we handle your data, contact us at: