Privacy Policy
Last updated: May 26, 2026
C-Arrow Marketing Solutions ("C-Arrow," "we," "us," or "our") respects your privacy. This policy explains what information we collect through our website at c-arrowmarketing.com and through our client services platform, how we use it, who we share it with, and your choices regarding that information.
Information We Collect
When you interact with our website or services, we may collect:
- Contact information you provide through our forms: name, email address, phone number, and business name.
- Business information: company details, website URLs, industry, service needs, billing details.
- Quiz responses from our service recommender: industry, business challenges, involvement preferences, and website needs.
- Usage data collected automatically: pages visited, time on site, browser type, device type, IP address, and referring URL.
- Google Places data if you use our business search feature: business name, address, and business category (provided by Google's Places API).
- Payment information processed securely through our payment processors. We do not store full card numbers.
- Communications: messages, feedback, and correspondence with us.
How We Use Your Information
We use the information we collect to:
- Provide personalized service recommendations based on your quiz answers.
- Provide and maintain our website design, marketing automation, and CRM services.
- Process transactions and send related billing communications.
- Follow up with you about our services when you submit a form.
- Improve our website and understand how visitors interact with it.
- Send you information about our services if you've opted in to communications.
- Respond to inquiries and provide customer support.
- Comply with legal obligations.
How We Store Your Information
Form submissions and CRM records are stored in our customer relationship and marketing automation systems. Operational records (clients, invoices, payments, sync state) are stored in our internal platform on Supabase. We use industry-standard security measures: TLS encryption in transit, encryption at rest, limited internal access, and audit logging on sensitive operations. We do not sell, rent, or share your personal information with third parties for their marketing purposes.
Third-Party Platform Integrations
When you connect a third-party platform to our services (including QuickBooks Online, Stripe, HubSpot, and other CRM or marketing automation systems), we access only the data necessary to provide our services: customer records, invoices, payments, products, and related sync metadata. We store the minimum metadata required for reconciliation between systems.
You can disconnect any integration at any time through your account settings. Disconnection revokes our access and triggers deletion of stored authentication credentials within 30 days. Synced operational records (invoices, payments, customer records) are retained per the Data Retention section below for tax and audit purposes.
Use of any third-party platform connected through our services is also subject to that platform's own Terms of Service and Privacy Policy.
Subprocessors We Use
We rely on the following service providers to operate our website and services. Each is bound by data-processing terms appropriate to its role:
- Supabase — application database, authentication, and file storage.
- Vercel — application hosting and content delivery.
- Stripe — payment processing and subscription billing.
- Intuit / QuickBooks Online — accounting sync (when connected).
- HubSpot — CRM, marketing forms, and contact records.
- Marketing automation and CRM platforms — used for client communications, automation workflows, and per-client subaccount operations.
- Google Workspace — email and team collaboration.
- Google Maps Platform (Places API) — business search functionality.
- Google Fonts — typography.
- GSAP (GreenSock) — website animations.
- Cloudflare — DNS, edge caching, and security.
- Hostinger — virtual private server hosting for select workloads.
Data Retention
We retain personal and business data for the duration of our service relationship plus up to seven (7) years for tax, accounting, and audit purposes, after which we delete or anonymize the data unless a longer retention period is required by law. You may request earlier deletion of data not required for legal or accounting compliance at any time. Authentication credentials from disconnected third-party integrations are deleted within 30 days of disconnection.
SMS Messaging
When you provide your phone number and consent through our website forms or service agreements:
- You agree to receive SMS messages from C-Arrow Marketing.
- Message types include appointment confirmations, service updates, billing reminders, and review requests.
- Message frequency varies based on your engagement with our services.
- Message and data rates may apply based on your carrier.
- You can opt out at any time by replying STOP to any message.
- Reply HELP for assistance or contact us at [email protected].
Cookies
Our website may use cookies and similar technologies to remember preferences, understand site usage, and improve user experience. You can control cookies through your browser settings. Disabling cookies may limit some website functionality.
Your Choices and Rights
You have the right to:
- Access — request copies of the personal information we hold about you.
- Correct — request correction of inaccurate or incomplete information.
- Delete — request deletion of your information, subject to legal and accounting retention requirements.
- Opt out — unsubscribe from marketing communications at any time.
- Portability — receive your data in a structured, commonly used format.
To exercise any of these rights, contact us at [email protected].
California Privacy Rights
California residents have additional rights under the CCPA, including the right to know what personal information is collected, the right to delete personal information, and the right to opt out of the sale of personal information. We do not sell personal information.
Client Data
When providing services to our clients, we act as a data processor on behalf of those clients. Client customer data is stored securely on our platform. Clients retain ownership of their customer data, and we do not use client customer data for our own marketing.
Children's Privacy
Our website and services are not directed at children under 13. We do not knowingly collect personal information from children under 13.
Changes to This Policy
We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date.
Contact Us
If you have questions about this privacy policy or your personal information, contact us:
C-Arrow Marketing Solutions
Twin Falls, Idaho
[email protected]