Privacy Policy.

Who we are.

Pulseforge LLC ("Pulseforge," "we," "us," or "our") is an AI-driven marketing agency based in Manchester, New Hampshire. We provide lead generation, outreach, content publishing, voice setting, and reporting services to local service businesses through a system of fifteen named software agents.

This Privacy Policy explains how we handle information across three contexts: (a) visitors to our website at gopulseforge.com, (b) prospective customers we identify through public business directories on behalf of our clients, and (c) data accessed through third-party APIs — most notably Google APIs — when our clients have authorized us to manage their accounts.

Information we collect.

From website visitors

When you visit gopulseforge.com, we collect standard analytics data: IP address (anonymized after thirty days), browser type, referring URL, pages viewed, and time on site. If you submit our contact form, we also collect the name, email address, business name, and message you provide.

From clients

When you engage Pulseforge as a client, we collect business information (legal name, address, billing contact, payment method), authentication credentials necessary to operate the services you've authorized (OAuth tokens, API keys), and operational data generated by your account within our platform.

From prospects

On behalf of our clients, our Scout agent identifies businesses matching the client's Ideal Customer Profile using publicly available sources — search engine results (SerpAPI), business directories (Google Places), and professional networks. Information collected is limited to: business name, address, phone, website URL, publicly listed employees, and verified business email addresses (sourced via Hunter.io and Prospeo). We do not collect personal information from private accounts, scrape social profiles, or attempt to identify individuals beyond their professional business role.

How we use information.

We use the information described above for the following purposes:

• To deliver the agency services our clients have engaged us for
• To send transactional and operational communications to clients (reporting digests, billing, support)
• To conduct outreach to prospects on behalf of clients, in compliance with applicable email and communication regulations
• To maintain the security and integrity of our platform
• To improve our services through aggregated, anonymized analytics
• To comply with legal obligations

We do not sell information. We do not use information for advertising targeting outside the specific outreach services our clients have authorized.

Google API data handling.

Several Pulseforge agents access Google APIs on behalf of our clients. This section describes exactly how that access works and what limits apply.

Which APIs we use

• Google Business Profile API (Account Management, Business Information, Reviews) — used by our Vera agent to monitor reviews and by our Paige agent to publish posts to client business profiles
• Gmail API — used by our Riley agent to read and classify replies to outbound emails sent on behalf of clients
• Google Sheets API — used to export lead lists when a client prefers Sheets over CSV
• Google Places API — used by our Scout agent for prospect discovery

Authorization and consent

We only access Google account data when the account owner has explicitly authorized us via Google's OAuth consent flow. Each client grants access individually, and access is scoped to the minimum permissions necessary to deliver the services they've requested. Clients can revoke our access at any time through their Google account settings, after which we stop accessing the account and delete cached credentials within 24 hours.

What we do with the data

Pulseforge uses Google user data solely to provide the specific services authorized by the account owner. We do not transfer, sell, license, or share Google user data with third parties for advertising, analytics, marketing, or any purpose unrelated to delivering the authorized services.

Specifically:

• Reviews data accessed through the Google Business Profile API is used only to monitor for new reviews and surface them in client-facing reports. We do not store full review content beyond ninety days unless the client requests longer retention.
• Email data accessed through the Gmail API is read only for replies matching outbound campaigns we sent on behalf of the client. We classify the reply (warm, objection, unsubscribe, etc.) and store the classification, sender, subject, and timestamp. Full message bodies are not retained beyond the classification step.
• Business profile data (location, hours, posts, photos) is read only to deliver authorized monitoring and publishing services. Changes to a profile are made only when explicitly directed by the client.

What we do not do

We affirm the following limits without exception:

• We do not use Google user data to train machine learning models
• We do not allow humans to read Google user data, except (a) when a client explicitly authorizes us to review specific content, (b) when necessary to investigate a security incident or fix a bug affecting a small number of accounts, or (c) when legally required
• We do not retain Google user data after a client offboards from our platform — all stored data is deleted within thirty days of termination
• We do not combine Google user data with data from other sources to build profiles or enable third-party advertising

Compliance with Google's Limited Use requirements

Pulseforge's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Our handling of Google Business Profile data additionally adheres to Google's Business Profile API policy.

Third-party services.

We rely on the following service providers to operate our platform. Each receives only the data necessary for its function, governed by a data processing agreement where applicable:

• Brevo — transactional and outbound email delivery
• Twilio — SMS notifications
• Bland.ai — voice outreach calls to consenting prospects
• Hunter.io and Prospeo — verified business email enrichment
• SerpAPI — search result data for prospect discovery
• Railway and PostgreSQL — application hosting and database
• Stripe — payment processing
• Buffer — social media scheduling on behalf of clients
• Calendly — scheduling and booking on gopulseforge.com/contact
• GitHub — code hosting and version control
• Anthropic Claude API — language model inference for agent reasoning

When we share data.

We do not sell personal information. We share data only in the following circumstances:

• With service providers, as listed above, only as necessary to deliver our services
• With clients, for the prospects and operational data within their own account
• For legal compliance, when required by court order, subpoena, or other legal process
• In a business transaction, in the event Pulseforge is acquired or merges with another entity, with notice to clients before any data transfer

Data retention.

We retain different categories of data for different periods:

• Website analytics: thirteen months
• Contact form submissions: two years, or until you request deletion
• Client account data: for the duration of the engagement plus thirty days
• Prospect data: for the duration of the client engagement; deleted at offboarding
• Google API access tokens: deleted within twenty-four hours of revocation
• Operational logs: ninety days for detailed logs, two years for aggregated metrics

Security.

We use industry-standard security practices: encrypted database connections, encrypted credentials storage, environment-isolated API keys, and access control limited to authorized personnel. We are not a security-cleared organization and do not handle classified or regulated health information (HIPAA), payment card industry data (PCI), or any data category for which we lack appropriate compliance framework. Clients in industries requiring such handling should not provide that data through Pulseforge.

Your rights.

Depending on where you live, you may have the following rights regarding your personal information:

• Access — request a copy of the personal information we hold about you
• Correction — request that we correct inaccurate information
• Deletion — request that we delete your personal information, subject to legal retention obligations
• Opt-out — unsubscribe from any outreach we sent (every outreach email includes an unsubscribe link)
• Data portability — receive your data in a portable format

To exercise any of these rights, email jacob@gopulseforge.com. We will respond within thirty days.

Cookies and tracking.

gopulseforge.com uses minimal cookies: a session cookie for site functionality and a privacy-respecting analytics cookie. We do not use cross-site tracking pixels, third-party advertising cookies, or social media tracking beacons. You can disable cookies in your browser without breaking site functionality.

Children's privacy.

Pulseforge services are intended for business use by adults aged eighteen or older. We do not knowingly collect information from children under thirteen. If you believe a child has provided information to us, contact jacob@gopulseforge.com and we will delete it promptly.

Changes to this policy.

We may update this Privacy Policy from time to time. When we do, we'll revise the "Last updated" date at the top of this page. Material changes will be communicated to active clients via email at least thirty days before they take effect.

Contact us.

Questions about this policy, our practices, or your data? Get in touch:

Pulseforge LLC
Manchester, New Hampshire
jacob@gopulseforge.com