Privacy

Last Updated: April 28, 2026

FLO Hospitality Solutions, Inc., a California corporation, respects your privacy. This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information when you access or use our websites, products, programs, services, content, communities, software-supported services, events, coaching, consulting, training, downloads, templates, digital materials, email communications, SMS communications, and related offerings.

For purposes of this Privacy Policy, “Company,” “we,” “us,” and “our” refer to FLO Hospitality Solutions, Inc. “You,” “your,” “client,” “customer,” “member,” or “user” refer to any person or business that accesses our websites, purchases or uses our products or services, participates in our programs, joins our communities, attends our events, submits information to us, or otherwise interacts with us.

This Privacy Policy applies to joshkopel.com, restaurantscalingsystem.com, rsscommandcenter.com, and any other website, landing page, checkout page, client portal, community, software environment, download page, course platform, webinar page, event page, or related digital property owned, operated, or controlled by us, whether now existing or created in the future.

This Privacy Policy should be read together with our Terms and Conditions and Disclaimer. By using our websites, products, programs, services, communities, software-supported services, or materials, you agree to the collection, use, disclosure, and handling of information as described in this Privacy Policy.

If you do not agree with this Privacy Policy, you should not access or use our websites, products, programs, services, communities, software-supported services, or materials.

1. Scope of This Privacy Policy

This Privacy Policy applies to personal information we collect through:

Our websites and landing pages
Restaurant Scaling System
Restaurant Scaling System Core
RSS Continuity
RSS Command Center
Restaurant Marketing Masterclass
AI Intensive
Gift Card Gameplan
The Cash Campaign
Million Dollar Restaurant
FULL COMP podcast-related pages and communications
Webinars, workshops, trainings, challenges, and events
Coaching, consulting, and support services
Email, SMS, phone, and direct-message communications
Forms, surveys, questionnaires, applications, and checkout pages
Client portals, communities, groups, and software-supported services
Downloads, templates, prompts, scripts, SOPs, checklists, and other digital products
Any other interaction you have with us

This Privacy Policy does not apply to third-party websites, platforms, applications, or services that we do not own or control, even if they are linked from our websites or used in connection with our services.

2. Business Use

Our products and services are intended for business owners, operators, professionals, managers, entrepreneurs, and individuals acting in a business or professional capacity.

When you provide information on behalf of a restaurant, company, partnership, corporation, limited liability company, or other entity, you represent that you have authority to provide that information and that your use of our products and services is appropriate for that entity.

You are responsible for ensuring that any information you submit to us, including customer data, employee data, sales data, business records, contact lists, marketing data, or other materials, is collected, shared, and submitted in compliance with applicable law.

3. Categories of Personal Information We Collect

Depending on how you interact with us, we may collect the following categories of personal information.

3.1 Identifiers

We may collect your name, business name, email address, phone number, mailing address, billing address, social media handle, account username, IP address, device identifiers, cookie identifiers, advertising identifiers, and similar identifiers.

3.2 Contact and Account Information

We may collect information you provide when you create an account, register for a program, join a community, book a call, request support, download a resource, subscribe to a newsletter, attend an event, complete a form, or purchase a product or service.

This may include your name, business name, job title, email address, phone number, business address, website, social media profiles, login information, preferences, and account history.

3.3 Commercial and Transaction Information

We may collect information about products or services you purchase, consider, access, download, or use, including order history, checkout details, subscription status, payment plan details, billing records, invoices, refund requests, cancellation requests, chargeback information, customer support history, and program participation.

Payment information may be collected and processed by third-party payment processors such as Stripe, PayPal, or other providers. We generally do not store full credit card numbers.

3.4 Program, Coaching, and Client Information

If you enroll in a program, coaching offer, consulting engagement, workshop, training, software-supported service, or community, we may collect information you provide as part of that relationship.

This may include questionnaires, applications, intake forms, business goals, menus, P&Ls, sales reports, payroll summaries, labor reports, marketing emails, campaign results, screenshots, transcripts, call notes, implementation updates, business plans, team information, vendor information, operational documents, and other materials you submit.

3.5 RSS Command Center and Software-Related Information

If you use RSS Command Center or related software-supported services, we may collect or access information associated with your account, including CRM data, contact lists, customer records, leads, forms, funnels, websites, calendars, pipelines, phone numbers, email campaigns, SMS campaigns, automations, workflows, call tracking information, reputation data, analytics, messages, account settings, usage data, troubleshooting data, and related information.

You are responsible for ensuring that any customer, employee, vendor, or third-party information you upload, import, connect, or process through RSS Command Center was collected and provided lawfully.

With respect to personal information that you upload, import, or process through RSS Command Center about your own customers, employees, leads, vendors, or contacts, you are the controller or business, and we act as a processor or service provider on your behalf, in accordance with our Terms and Conditions and any applicable Data Processing Addendum.

Customers requiring a Data Processing Addendum may request one by emailing josh@joshkopel.com with the subject line “DPA Request.”

3.6 Communications

We may collect information from your communications with us, including emails, SMS messages, phone calls, direct messages, social media messages, support tickets, form submissions, survey responses, reviews, testimonials, community posts, comments, Zoom chats, call recordings, transcripts, and other communications.

3.7 Audio, Video, and Image Information

If you attend calls, webinars, workshops, office hours, hot seats, group coaching sessions, events, podcast interviews, or other recorded sessions, we may collect your name, voice, image, likeness, comments, questions, chat messages, shared screen, business information, submitted materials, and participation.

We record calls, workshops, webinars, trainings, events, and similar sessions only with notice and subject to the recording and media release provisions in our Terms and Conditions. California is an all-party consent state for certain recordings. If you do not consent to being recorded, you should not participate in recorded sessions, and you may contact us about alternative access where available.

3.8 Internet, Device, and Usage Information

We may collect information about your device and interaction with our websites, emails, ads, landing pages, portals, communities, and software-supported services.

This may include IP address, browser type, device type, operating system, referring URLs, pages viewed, links clicked, forms started or submitted, content downloaded, email opens, email clicks, SMS interactions, session data, cookie identifiers, advertising identifiers, approximate location, and usage activity.

3.9 Marketing, Preference, and Behavioral Information

We may collect information about your interests, preferences, engagement, purchases, downloads, webinar registrations, event attendance, content interactions, advertising interactions, referral source, and communication preferences.

3.10 Social Media and Third-Party Platform Information

If you interact with us through social media or third-party platforms, we may collect information available from those platforms, including your profile name, handle, profile image, comments, messages, engagement, and any information you choose to share.

3.11 Sensitive Personal Information

We do not intentionally seek to collect sensitive personal information unless it is necessary to provide services, process payments, maintain records, comply with law, protect rights, or support your requested services.

Sensitive personal information may include information such as Social Security number, driver’s license number, state identification card number, passport number, account login combined with password or credentials, financial account information, precise geolocation, racial or ethnic origin, religious or philosophical beliefs, union membership, genetic data, biometric data, health information, sex life or sexual orientation information, contents of certain communications where we are not the intended recipient, and other categories treated as sensitive under applicable law.

In the ordinary course of our business, we generally do not need most categories of sensitive personal information. You should not submit sensitive personal information, health information, payment card numbers, government identification numbers, employee personal data, customer personal data, payroll records, or regulated information unless it is necessary for the services and you have the legal right to provide it.

4. Sources of Personal Information

We may collect personal information from the following sources:

Directly from you
From your business, team members, employees, contractors, or authorized representatives
From forms, applications, questionnaires, surveys, checkout pages, and account registrations
From purchases, payment processors, billing systems, and subscriptions
From coaching calls, workshops, webinars, events, communities, and support interactions
From RSS Command Center and related software-supported services
From email, SMS, phone, social media, and messaging communications
From cookies, pixels, analytics tools, advertising tools, and similar technologies
From third-party platforms and service providers
From publicly available sources, including business websites, social media profiles, review sites, and public directories
From referrals, partners, clients, vendors, podcast guests, or other third parties

5. How We Use Personal Information

We may use personal information for the following business and commercial purposes:

5.1 To Provide Products and Services

We use information to deliver products, programs, coaching, consulting, software-supported services, digital products, downloads, workshops, events, communities, support, and related services.

5.2 To Process Purchases and Payments

We use information to process payments, manage billing, issue receipts, maintain transaction records, process refunds, manage payment plans, manage subscriptions, respond to chargebacks, and enforce payment obligations.

5.3 To Manage Accounts and Access

We use information to create accounts, verify identity, provide logins, manage access, troubleshoot issues, support users, provide customer service, and maintain program or software access.

5.4 To Provide Coaching, Consulting, Training, and Support

We use information to review your business, provide recommendations, analyze materials, prepare for calls, deliver coaching, provide implementation support, respond to questions, create reports, provide feedback, and support your participation in our programs.

5.5 To Operate RSS Command Center

We use information to set up, maintain, troubleshoot, support, and improve RSS Command Center and related software-supported services, including templates, automations, workflows, CRM features, funnels, forms, email tools, SMS tools, calendars, pipelines, analytics, and related services.

5.6 To Communicate With You

We use information to send transactional, administrative, service-related, billing, legal, support, reminder, marketing, promotional, and educational communications by email, SMS, phone, direct message, or other channels.

5.7 To Market and Advertise

We use information to send newsletters, offers, event invitations, webinar reminders, product announcements, promotional campaigns, retargeting ads, personalized content, and other marketing communications.

5.8 To Personalize and Improve Our Services

We use information to understand user behavior, improve websites, content, programs, offers, workflows, automations, emails, SMS messages, ads, products, services, and customer experience.

5.9 To Use AI and Automation Tools

We may use information with artificial intelligence, transcription, automation, summarization, workflow, and productivity tools to provide services, draft content, summarize calls, analyze business materials, create recommendations, troubleshoot software, improve workflows, and support our operations.

5.10 To Document Testimonials, Case Studies, and Results

Where permitted, we may use information to document testimonials, case studies, client stories, success examples, screenshots, marketing claims, and results, subject to our Terms and Conditions, Disclaimer, agreements, permissions, and applicable law.

5.11 To Protect Rights, Safety, and Security

We use information to detect, prevent, and respond to fraud, misuse, unauthorized access, security incidents, chargebacks, intellectual property violations, harassment, abuse, illegal activity, or violations of our Terms and Conditions.

5.12 To Comply With Legal Obligations

We use information to comply with applicable laws, regulations, tax obligations, accounting obligations, legal process, subpoenas, court orders, government requests, and regulatory requirements.

5.13 For Internal Business Purposes

We use information for recordkeeping, audits, analytics, reporting, legal review, quality control, training, business planning, dispute resolution, contract enforcement, and administrative purposes.

6. How We Disclose Personal Information

We may disclose personal information to the following categories of recipients.

6.1 Service Providers and Contractors

We may disclose information to service providers, contractors, vendors, processors, and other third parties who help us operate our business, provide services, process payments, host websites, deliver email and SMS messages, run ads, provide analytics, manage software, process data, provide AI tools, provide transcription, host recordings, manage communities, provide customer support, and perform other business functions.

6.2 Payment Processors

We may disclose payment and billing information to payment processors, banks, card networks, fraud prevention providers, accounting providers, and related financial service providers.

6.3 Software and Technology Providers

We may disclose information to software and technology providers, including GoHighLevel, Stripe, PayPal, WordPress, Kajabi, ClickFunnels, Zoom, Otter.ai, ChatGPT/OpenAI, Claude, Google Workspace, YouTube, Vimeo, Wistia, Meta, LinkedIn, Calendly, AddEvent, WhatsApp, Asana, NotebookLM, Zapier, Make, analytics providers, advertising platforms, email providers, SMS providers, hosting providers, and related tools.

6.4 Advertising, Analytics, and Marketing Partners

We may disclose information to advertising networks, analytics providers, retargeting platforms, social media platforms, and marketing tools to measure performance, deliver ads, personalize content, track conversions, analyze engagement, and improve campaigns.

Certain disclosures for cross-context behavioral advertising may be considered “sharing” under California privacy law.

6.5 Professional Advisors

We may disclose information to attorneys, accountants, tax advisors, bookkeepers, insurers, auditors, consultants, and other professional advisors.

6.6 Business Transfers

We may disclose information in connection with a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, change of control, due diligence process, or similar business transaction.

6.7 Legal, Safety, and Enforcement Purposes

We may disclose information when we believe it is necessary or appropriate to comply with law, legal process, court orders, subpoenas, government requests, regulatory requirements, enforce our Terms and Conditions, protect our rights, protect users, prevent fraud, respond to chargebacks, investigate misconduct, or protect the safety and security of our business, users, clients, or others.

6.8 With Your Direction or Consent

We may disclose information when you direct us to do so, authorize us to do so, request that we share information, or otherwise consent.

7. Cookies, Pixels, Analytics, and Tracking Technologies

We and our third-party providers may use cookies, pixels, tags, scripts, SDKs, local storage, analytics tools, tracking links, and similar technologies.

These technologies may help us:

Operate websites and landing pages
Remember preferences
Process purchases
Understand user behavior
Measure website and campaign performance
Track conversions
Analyze email opens and clicks
Retarget visitors with ads
Deliver personalized content
Improve products and services
Detect fraud and security issues

Third-party tools may include Google Analytics, Google Ads, Meta Pixel, LinkedIn Insight Tag, GoHighLevel tracking tools, email tracking tools, SMS tracking tools, analytics providers, advertising networks, and similar tools.

Where required by law, we will request consent before using non-essential cookies or similar technologies, including analytics, advertising, retargeting, and marketing cookies. Where required, users may accept, reject, or manage non-essential cookie categories through a cookie consent mechanism.

Cookie categories may include strictly necessary cookies, functional cookies, analytics cookies, and marketing or advertising cookies. Strictly necessary cookies may be required for website functionality and may not be disabled through our consent tool.

You may also control cookies through your browser settings. Some browsers or extensions may allow you to block or delete cookies. Blocking cookies may affect website functionality.

We do not currently respond to Do Not Track browser signals. However, where required by law, we will honor legally recognized browser-based opt-out preference signals such as Global Privacy Control if they apply to our data practices and technical systems.

We may maintain or link to a separate cookie notice or cookie banner that identifies categories of cookies, purposes, providers, and retention periods where required by law.

8. Email Communications

If you provide your email address, we may send transactional, administrative, service-related, billing, legal, educational, marketing, and promotional emails.

Transactional emails may include purchase confirmations, receipts, login details, billing notices, program updates, support responses, cancellation confirmations, legal notices, and other service-related messages.

Marketing emails may include newsletters, offers, event invitations, webinar reminders, product announcements, educational content, and promotional campaigns.

You may unsubscribe from marketing emails by clicking the unsubscribe link in the email or contacting us at josh@joshkopel.com. You may still receive transactional, billing, legal, or service-related emails even if you opt out of marketing emails.

9. SMS, Phone, and Mobile Communications

If you provide your phone number, we may send transactional, administrative, service-related, appointment reminder, support, billing, educational, marketing, and promotional SMS or mobile messages where permitted by law.

Message frequency may vary. Message and data rates may apply. Consent to receive marketing text messages is not a condition of purchase unless expressly permitted by applicable law and clearly disclosed.

You may opt out of SMS marketing by replying STOP to a message or using any other opt-out method we make available. You may receive a confirmation message after opting out. You may request help by replying HELP where supported.

Mobile carriers are not liable for delayed or undelivered messages.

Opting out of marketing SMS messages does not necessarily opt you out of transactional, administrative, billing, legal, or service-related communications.

If you provide a phone number for RSS Command Center or any software-supported service, you are responsible for ensuring that you have the right to use that number and that your own SMS, call, and customer communication practices comply with applicable law.

10. Artificial Intelligence, Automation, and Transcription Tools

We may use AI, automation, transcription, summarization, workflow, and productivity tools to support our business and provide services.

These tools may include ChatGPT/OpenAI, Claude, NotebookLM, Otter.ai, GoHighLevel AI, Zapier, Make, Google Workspace, and similar tools.

Information submitted to us, including client materials, call recordings, transcripts, forms, questionnaires, business documents, marketing assets, or support requests, may be processed by these tools to provide services, generate summaries, draft materials, analyze information, support implementation, troubleshoot issues, improve workflows, and operate our business.

Where commercially reasonable, we use business, enterprise, API, or similar service configurations designed to limit or prevent third-party AI providers from using identifiable client data to train their general models. However, provider practices and settings may vary, and your use of third-party tools may be subject to their own terms and privacy policies.

You should not submit confidential, regulated, health, payroll, HR, employee, customer, payment, financial account, government identification, or sensitive personal information unless it is necessary for the services and you have the legal right to provide it.

AI-generated and automated outputs may be inaccurate, incomplete, or unsuitable. You are responsible for reviewing and approving any output before using it.

We do not use AI or automated processing to make decisions that produce legal or similarly significant effects about you unless we provide any notice, rights, or opt-out mechanisms required by applicable law.

11. RSS Command Center and Client Data

RSS Command Center may process business, customer, lead, contact, marketing, communication, and software usage data.

If you use RSS Command Center, you are responsible for:

Lawfully collecting and uploading contact data
Obtaining required consents
Honoring opt-outs and unsubscribe requests
Maintaining accurate customer and lead records
Reviewing emails, SMS messages, workflows, automations, funnels, forms, and campaigns before use
Complying with privacy, email, SMS, advertising, telemarketing, consumer protection, employment, and other applicable laws
Maintaining your own backups and exports where needed

We may access RSS Command Center accounts and related data to set up accounts, provide templates, support workflows, troubleshoot issues, improve services, provide coaching, manage billing, maintain security, and enforce our Terms and Conditions.

Customers requiring a Data Processing Addendum may request one by emailing josh@joshkopel.com with the subject line “DPA Request.”

RSS Command Center depends on third-party providers, including GoHighLevel and related tools. Your use of RSS Command Center may also be subject to third-party privacy policies and terms.

12. Client-Submitted Business Materials

You may submit menus, P&Ls, sales reports, payroll summaries, labor reports, marketing emails, screenshots, transcripts, call recordings, customer data, employee information, campaign results, business plans, operational documents, and other business materials.

We use these materials to provide coaching, consulting, training, analysis, recommendations, templates, workflows, software setup, support, reporting, and related services.

You are responsible for removing or redacting unnecessary sensitive information before submitting materials to us. This includes employee personal information, customer personal information, payroll details, health information, financial account numbers, tax identification numbers, payment card information, and confidential third-party information.

We may use anonymized, aggregated, or de-identified information, examples, patterns, insights, or lessons from client work for internal training, product improvement, education, marketing, and future products, provided we do not intentionally identify you or your business without permission.

13. Testimonials, Reviews, and Case Studies

If you provide a testimonial, review, comment, success story, social media post, email, text message, form response, Zoom chat, community post, screenshot, or other feedback, we may use it for marketing, advertising, educational, promotional, and business purposes, subject to our Terms and Conditions, Disclaimer, permissions, and applicable law.

We may edit testimonials for length, grammar, spelling, formatting, or clarity, provided we do not materially change the meaning.

If testimonials, endorsements, or case studies involve material connections, compensation, discounts, free access, complimentary coaching, or other consideration, we will disclose those connections where required by law.

If we present specific revenue, profit, sales, or numerical results, we may retain documentation provided by the client to substantiate those results.

14. Sale or Sharing of Personal Information

We do not sell personal information in the traditional sense of exchanging personal information for money.

However, some privacy laws define “sale” or “sharing” broadly. For example, disclosures to advertising, analytics, or retargeting partners may be considered “sharing” or a “sale” under certain laws, including California privacy law, depending on the circumstances.

In the preceding 12 months, we have not sold personal information for money. We may have shared identifiers, internet or electronic network activity information, commercial information, and inferences with advertising, analytics, and retargeting partners for cross-context behavioral advertising and related marketing purposes, depending on your interaction with our websites and tools.

Where required by law, you may have the right to opt out of the sale or sharing of personal information, including sharing for cross-context behavioral advertising.

You may submit an opt-out request by contacting us at josh@joshkopel.com with the subject line “Privacy Request” or by using any opt-out mechanism we make available.

Where required, we will honor legally recognized browser-based opt-out preference signals such as Global Privacy Control.

15. Sensitive Personal Information

We use and disclose sensitive personal information only for purposes permitted by applicable law, including providing requested services, processing payments, maintaining records, securing accounts, preventing fraud, complying with legal obligations, protecting rights, and supporting our business relationship with you.

We do not use or disclose sensitive personal information for the purpose of inferring characteristics about you.

Where applicable law gives you the right to limit the use or disclosure of sensitive personal information, and where our practices trigger that right, you may submit a request by contacting us at josh@joshkopel.com with the subject line “Privacy Request.”

16. Financial Incentive Notice

We may offer free downloads, guides, checklists, cheat sheets, templates, trainings, webinars, resources, discounts, bonuses, or similar incentives in exchange for personal information such as your name, email address, phone number, business name, or other information you choose to provide.

Examples may include free resources such as guides, cheat sheets, templates, training materials, or other lead magnets made available in exchange for joining our email list, SMS list, webinar list, or marketing communications.

Under certain privacy laws, including California law, these offerings may be considered a financial incentive or price or service difference because they involve providing access to content, resources, or benefits in exchange for personal information.

The material terms of these incentives are provided at the point where you sign up. Participation is voluntary. You may withdraw from the incentive at any time by unsubscribing from marketing emails, opting out of SMS where applicable, or contacting us at josh@joshkopel.com with the subject line “Privacy Request.”

The value of your personal information is reasonably related to the value of the free resource, discount, bonus, training, or other benefit provided, plus the value we receive from being able to contact you about relevant products, services, content, and offers. We estimate this value in good faith based on factors such as the cost of creating and delivering the resource, the value of the content provided, the expense of marketing and technology systems, and the potential value of maintaining an ongoing business relationship with you.

You may opt out of marketing communications at any time. Withdrawing from marketing communications will not affect any purchase you already made, but it may affect your ability to receive future free resources, bonuses, discounts, reminders, or promotional communications.

17. Data Retention

We retain personal information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

The criteria we use to determine retention periods include:

The nature of the information
The purpose for which it was collected
The length of our relationship with you
Whether you have an active account, program, subscription, or service
Legal, tax, accounting, and recordkeeping requirements
Contractual obligations
Payment, billing, refund, and chargeback needs
Dispute resolution and enforcement needs
Security, fraud prevention, and abuse prevention needs
Whether retention is needed to protect our rights or comply with law

Examples of retention practices may include:

Account, purchase, billing, and tax records may be retained for up to 7 years or longer if required for legal, accounting, tax, contract, or dispute purposes.
Client materials may be retained while services are active and for up to 7 years afterward, unless a longer period is reasonably necessary for legal, product improvement, recordkeeping, support, dispute, or legitimate business purposes.
Marketing contact information may be retained until you unsubscribe, request deletion, or we determine it is no longer needed, subject to legal exceptions.
SMS consent and opt-out records may be retained for at least 4 years or longer if needed to demonstrate compliance.
Analytics, cookie, advertising, and usage data may be retained according to provider settings, legal requirements, and our business needs.
Legal, security, dispute, and enforcement records may be retained as long as reasonably necessary to protect our rights and comply with law.

For users located in the European Economic Area, the United Kingdom, or jurisdictions with similar retention requirements, we retain personal information only for as long as reasonably necessary for the specific processing purposes described in this Privacy Policy, including the specific periods or criteria listed above, unless a longer period is required or permitted by law.

We do not retain personal information longer than reasonably necessary for the disclosed purposes, subject to legal, contractual, and operational requirements.

18. Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information.

These safeguards may include encryption in transit using TLS or similar technologies, encryption at rest where supported by our systems and vendors, access controls, role-based permissions, password protections, multi-factor authentication for administrative accounts where available, vendor risk review, secure third-party platforms, monitoring, and internal procedures designed to reduce unauthorized access, misuse, loss, or disclosure.

However, no method of transmission, storage, website operation, software platform, email, SMS, or internet communication is completely secure. We cannot guarantee absolute security.

You are responsible for protecting your own account credentials, passwords, devices, software access, and systems. You should notify us promptly if you believe your account or information has been compromised.

In the event of a personal data breach, we will notify affected individuals and applicable regulators as required by law.

19. Children’s Privacy

Our websites, products, programs, services, communities, software-supported services, and materials are not intended for children under 13 years of age.

We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13 without appropriate parental consent, we will take reasonable steps to delete that information.

If you believe a child under 13 has provided personal information to us, contact us at josh@joshkopel.com.

19.1 California Minors

If you are a California resident under 18 and have posted content or information on our websites, communities, or services, you may request removal of content or information that you posted by contacting us at josh@joshkopel.comwith the subject line “Minor Content Removal Request.”

Please note that removal may not ensure complete or comprehensive deletion where the content has been copied, reposted, archived, anonymized, or where we are legally permitted or required to retain it.

20. Your Privacy Choices

Depending on where you live and how you interact with us, you may have certain privacy choices or rights.

You may:

Unsubscribe from marketing emails
Opt out of SMS marketing
Disable or block cookies through browser settings
Use legally recognized browser-based opt-out preference signals where applicable
Request access to certain personal information
Request correction of inaccurate personal information
Request deletion of certain personal information
Request information about how we use or disclose personal information
Opt out of certain sale or sharing of personal information where applicable
Limit certain uses of sensitive personal information where applicable
Appeal certain privacy request decisions where required by applicable law

To submit a privacy request, contact us at josh@joshkopel.com with the subject line “Privacy Request.”

We may need to verify your identity before responding to certain requests.

21. California Privacy Notice

This section applies to California residents to the extent the California Consumer Privacy Act, as amended by the California Privacy Rights Act, applies to us.

California privacy law may provide California residents with rights to know, access, delete, correct, opt out of sale or sharing, limit certain uses and disclosures of sensitive personal information, and not be discriminated against for exercising privacy rights.

21.1 Categories of Personal Information Collected in the Preceding 12 Months

In the preceding 12 months, we collected the following categories of personal information, depending on how users interacted with us:

Identifiers
Customer records information
Commercial information
Internet or electronic network activity information
Approximate geolocation information
Audio, electronic, visual, or similar information
Professional or employment-related information
Inferences drawn from information to create preferences or profiles
Sensitive personal information, only as needed for permitted purposes

21.2 Categories of Personal Information Sold or Shared in the Preceding 12 Months

In the preceding 12 months, we did not sell personal information for money.

Depending on your interaction with our websites, ads, and marketing tools, we may have shared identifiers, internet or electronic network activity information, commercial information, and inferences with advertising, analytics, and retargeting partners for cross-context behavioral advertising and related marketing purposes.

We do not knowingly sell or share personal information of consumers under 16 years of age.

21.3 Sources of Personal Information

We collect personal information from the sources described in Section 4 of this Privacy Policy.

21.4 Purposes for Collection, Use, and Disclosure

We collect, use, and disclose personal information for the business and commercial purposes described in Sections 5 and 6 of this Privacy Policy.

21.5 Categories of Third Parties to Whom We Disclose Information

We may disclose personal information to the categories of recipients described in Section 6 of this Privacy Policy, including service providers, contractors, payment processors, software providers, advertising and analytics partners, professional advisors, legal authorities, and parties involved in business transfers.

21.6 Sensitive Personal Information

We do not use or disclose sensitive personal information for the purpose of inferring characteristics about you.

21.7 California Privacy Rights

Subject to legal limitations and exceptions, California residents may have the right to:

Know what personal information we collect, use, disclose, sell, or share
Access personal information we maintain about them
Delete certain personal information
Correct inaccurate personal information
Opt out of the sale or sharing of personal information
Limit certain uses and disclosures of sensitive personal information
Not be discriminated against for exercising privacy rights

21.8 How to Submit a California Privacy Request

You may submit a California privacy request by emailing josh@joshkopel.com with the subject line “Privacy Request.”

Please include your name, email address, relationship to us, the nature of your request, and enough information for us to verify and respond to your request.

21.9 Verification

We may verify your request by asking for information that allows us to reasonably confirm your identity or authority to act on behalf of another person.

We will only use verification information for verification purposes, security, fraud prevention, or legal compliance.

21.10 Authorized Agents

You may designate an authorized agent to submit a request on your behalf where permitted by law. We may require proof that you authorized the agent to act on your behalf and may also require you to verify your identity directly with us.

21.11 Response Timing

We will respond to verifiable privacy requests within the time required by applicable law. If we need additional time, we will notify you as required by law.

21.12 Non-Discrimination

We will not discriminate against you for exercising privacy rights. We will not deny goods or services, charge a different price, provide a different level or quality of service, or suggest that you may receive a different price or quality of service because you exercised your privacy rights, except as permitted by law.

22. California Shine the Light Notice

California Civil Code Section 1798.83 permits California residents to request certain information regarding our disclosure of personal information to third parties for those third parties’ direct marketing purposes.

We do not disclose personal information to third parties for their own direct marketing purposes unless you consent or unless an exception applies.

California residents who would like to make a Shine the Light request may contact us at josh@joshkopel.com with the subject line “Shine the Light Request.”

23. Financial Incentive Notice for California Residents

24. Nevada Privacy Rights

Nevada residents may have the right to opt out of certain sales of covered information under Nevada law.

We do not currently sell covered information as defined under Nevada law. Nevada residents may submit an opt-out request by emailing josh@joshkopel.com with the subject line “Nevada Privacy Request.”

25. Other U.S. State Privacy Rights

Residents of certain U.S. states may have privacy rights under applicable state privacy laws, including laws in Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Tennessee, Indiana, Delaware, New Hampshire, New Jersey, Maryland, Minnesota, Rhode Island, and other states that have enacted or may enact comprehensive privacy laws.

Depending on your state and whether the applicable law applies to us, you may have rights to:

Confirm whether we process your personal information
Access personal information we maintain about you
Correct inaccurate personal information
Delete certain personal information
Obtain a copy of certain personal information in a portable format
Opt out of targeted advertising
Opt out of the sale of personal information
Opt out of certain profiling or automated decision-making that produces legal or similarly significant effects
Limit or restrict certain processing of sensitive information where applicable
Appeal a privacy request decision where required by law

To submit a state privacy request, contact us at josh@joshkopel.com with the subject line “Privacy Request.”

Please include your name, email address, state of residence, relationship to us, the nature of your request, and enough information for us to verify and respond to your request.

If your state provides a right to appeal our decision, you may appeal by replying to our decision email or contacting us at josh@joshkopel.com with the subject line “Privacy Appeal.”

We will respond to applicable state privacy requests and appeals within the time required by applicable law.

26. International Users

Our business is operated in the United States. If you access our websites, products, programs, services, communities, software-supported services, or materials from outside the United States, you understand that your information may be collected, transferred to, stored in, and processed in the United States and other countries where our service providers operate.

The privacy laws of the United States may differ from those in your location.

Where applicable law gives you rights regarding your personal information, you may contact us at josh@joshkopel.comwith the subject line “Privacy Request.”

27. European Economic Area, United Kingdom, and Similar Privacy Rights

This section applies to individuals located in the European Economic Area, the United Kingdom, Switzerland, or another jurisdiction with similar privacy laws, to the extent those laws apply to our processing of your personal information.

27.1 Controller and Processor Roles

For personal information we collect directly from you for our own business purposes, such as website use, purchases, program enrollment, marketing, billing, support, account management, legal compliance, and business operations, FLO Hospitality Solutions, Inc. is generally the controller.

For personal information that you upload, import, or process through RSS Command Center about your own customers, employees, leads, vendors, or contacts, you are generally the controller, and we act as a processor on your behalf, in accordance with our Terms and Conditions and any applicable Data Processing Addendum.

Customers requiring a Data Processing Addendum may request one by emailing josh@joshkopel.com with the subject line “DPA Request.”

27.2 Legal Bases for Processing

Where GDPR, UK GDPR, or similar law applies, we rely on the following legal bases:

Contract performance: to provide products, programs, services, coaching, consulting, software access, communities, downloads, events, account access, customer support, billing, payment processing, and other services you request.
Consent: to send certain marketing communications, use certain non-essential cookies, process certain optional information, or take other actions where consent is required.
Legitimate interests: to operate and improve our business, analyze usage, personalize content, prevent fraud, secure our systems, enforce our Terms and Conditions, respond to inquiries, maintain records, develop products, and market relevant products and services, provided those interests are not overridden by your rights and freedoms.
Legal obligations: to comply with tax, accounting, consumer protection, privacy, data protection, legal process, regulatory, and other legal obligations.
Protection of rights and safety: to protect our rights, users, clients, business, systems, and others from fraud, misuse, legal claims, security incidents, or harmful activity.

27.3 International Transfers

We are located in the United States, and many of our service providers are located in the United States or other countries outside your jurisdiction.

When we transfer personal information from the European Economic Area, the United Kingdom, Switzerland, or similar jurisdictions to countries that may not provide the same level of data protection, we rely on lawful transfer mechanisms where required. These may include Standard Contractual Clauses, the UK International Data Transfer Addendum, adequacy decisions, the EU-U.S. Data Privacy Framework or UK Extension where applicable, data processing agreements, your consent, contract necessity, or other lawful transfer mechanisms permitted by applicable law.

You may contact us at josh@joshkopel.com with the subject line “International Transfer Request” for more information about applicable transfer mechanisms.

27.4 Data Retention for EEA, UK, and Similar Jurisdictions

We retain personal information only for as long as reasonably necessary for the processing purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Specific retention periods or criteria include:

Account, purchase, billing, and tax records may be retained for up to 7 years or longer if required for legal, accounting, tax, contract, or dispute purposes.
Client materials may be retained while services are active and for up to 7 years afterward, unless a longer period is reasonably necessary for legal, product improvement, recordkeeping, support, dispute, or legitimate business purposes.
Marketing contact information may be retained until you unsubscribe, withdraw consent, request deletion, or we determine it is no longer needed, subject to legal exceptions.
SMS consent and opt-out records may be retained for at least 4 years or longer if needed to demonstrate compliance.
Analytics, cookie, advertising, and usage data may be retained according to provider settings, legal requirements, consent settings, and our business needs.
Legal, security, dispute, and enforcement records may be retained as long as reasonably necessary to protect our rights and comply with law.

27.5 Your Rights

Subject to legal limitations and exceptions, you may have the right to:

Access personal information we process about you
Correct inaccurate or incomplete personal information
Delete personal information
Restrict processing
Object to processing based on legitimate interests or direct marketing
Withdraw consent where processing is based on consent
Request data portability
Lodge a complaint with a supervisory authority
Not be subject to a decision based solely on automated processing, including profiling, that produces legal or similarly significant effects, unless permitted by law

We do not use solely automated decision-making that produces legal or similarly significant effects about you unless we provide any notice, rights, or safeguards required by applicable law.

To exercise rights, contact us at josh@joshkopel.com with the subject line “Privacy Request.”

27.6 Supervisory Authority Complaints

If you are located in the European Economic Area, you may lodge a complaint with the data protection authority in your country of residence, place of work, or place of the alleged infringement.

If you are located in the United Kingdom, you may contact the UK Information Commissioner’s Office or the applicable supervisory authority.

We encourage you to contact us first so we can try to resolve your concern.

27.7 EU and UK Representative

If Article 27 of the GDPR or UK GDPR requires us to designate a representative in the European Union or United Kingdom, we will do so and will identify that representative here or in a separate notice.

At this time, we have not designated an EU or UK representative. Based on our current understanding of our data flows and business operations, we do not believe we are required to designate one. If our processing activities change or if we determine that Article 27 applies, we will update this Privacy Policy and provide representative contact details as required.

28. Third-Party Links and Websites

Our websites, emails, programs, communities, software-supported services, or materials may contain links to third-party websites, tools, platforms, or resources.

We are not responsible for the privacy practices, content, terms, security, or policies of third-party websites or services. You should review the privacy policies of any third-party websites or services you use.

29. Changes to This Privacy Policy

We may update this Privacy Policy at any time. When we do, we will update the “Last Updated” date above.

Changes are effective when posted unless otherwise stated. Your continued use of our websites, products, programs, services, communities, software-supported services, or materials after an updated Privacy Policy is posted means you accept the updated Privacy Policy.

If we make material changes, we may provide additional notice where required by law.

30. Contact Information

If you have questions about this Privacy Policy or want to submit a privacy request, contact us at:

FLO Hospitality Solutions, Inc.
Attn: Joshua Kopel
6647 Thrasher Place
Carlsbad, CA 92011
Email: josh@joshkopel.com

For privacy requests, email josh@joshkopel.com with the subject line “Privacy Request.”

For legal notices, email josh@joshkopel.com with the subject line “Legal Notice.”

For Data Processing Addendum requests, email josh@joshkopel.com with the subject line “DPA Request.”

CONTACT US

FLO Hospitality Solutions, INC. welcomes your questions or comments regarding the Privacy Policy:

FLO Hospitality Solutions, INC

6647 Thrasher Place, Carlsbad, CA 92011

Email Address:
josh@joshkopel.com

Effective as of:
January 1, 2021