SECURITY & DATA PROTECTION STATEMENT

1. OUR COMMITMENT

At GrowthForgeOS™, protecting customer data is a responsibility we take seriously.

GrowthForgeOS™ is designed to help businesses manage contacts, communications, marketing, sales processes, customer relationships, automations, websites, funnels, and operational workflows. Because these systems often contain important business and customer information, we strive to implement reasonable administrative, technical, and organizational safeguards designed to protect that data.

While no internet-connected system can guarantee absolute security, our goal is to maintain a secure, reliable, and trustworthy platform for our customers.

2. SHARED RESPONSIBILITY MODEL

Security is a shared responsibility.

GrowthForgeOS™ is responsible for maintaining the security of the platform and systems under our control.

Customers are responsible for how they use the platform, including:

• User access management

• Password security

• Customer data collection practices

• Consent management

• Regulatory compliance

• Third-party integrations they authorize

• Security of their own devices and networks

Strong security requires both parties to participate responsibly.

3. DATA HOSTING AND INFRASTRUCTURE

GrowthForgeOS™ is built upon third-party infrastructure providers that maintain enterprise-grade hosting and cloud environments.

Depending on the services being used, customer data may be stored, transmitted, or processed through infrastructure provided by:

• GoHighLevel

• LeadConnector

• Amazon Web Services (AWS)

• Google Cloud Platform

• Cloudflare

• Other approved infrastructure providers

These providers maintain their own security controls, monitoring systems, redundancy measures, and operational safeguards.

4. ACCESS CONTROLS

Access to customer information is restricted to authorized personnel with a legitimate business need.

Access controls may include:

• User authentication requirements

• Role-based permissions

• Account-level access restrictions

• Internal access controls

• Activity monitoring

• Administrative controls

We strive to limit access to customer information to only those individuals necessary to provide support, maintenance, service delivery, or platform operations.

5. PASSWORD SECURITY

Customers are responsible for maintaining the confidentiality of their account credentials.

We strongly recommend:

• Unique passwords

• Long passwords or passphrases

• Password managers

• Multi-factor authentication (MFA) whenever available

• Limiting account access to authorized users

Customers should immediately notify us if they suspect unauthorized access to their account.

6. DATA TRANSMISSION AND ENCRYPTION

Where supported by our infrastructure providers, data transmitted between users and the platform is protected using industry-standard encryption technologies such as HTTPS and Transport Layer Security (TLS).

Certain data may also be encrypted while stored by underlying service providers.

Encryption standards and implementation details may vary depending on the services, providers, integrations, and technologies involved.

7. THIRD-PARTY PROVIDERS

GrowthForgeOS™ integrates with and relies upon third-party service providers to deliver portions of the platform.

These providers may include:

• OpenAI

• Anthropic

• Google

• Meta

• Stripe

• Twilio

• Mailgun

• SendGrid

• Zoom

• Calendly

• Cloudflare

• AWS

• GoHighLevel

• LeadConnector

• Other approved vendors

Each provider maintains its own security practices, infrastructure, and policies.

While we carefully select vendors we believe are reputable, we cannot guarantee the security practices of third-party providers.

8. ARTIFICIAL INTELLIGENCE SERVICES

Some GrowthForgeOS™ features may utilize artificial intelligence technologies.

AI services may process prompts, content, customer inputs, and related information as necessary to provide requested functionality.

We strive to use providers that offer commercially reasonable security protections.

Customers should avoid submitting highly sensitive information into AI systems unless expressly authorized and appropriate safeguards are in place.

Additional information regarding AI usage is available in our AI Policy.

9. BACKUPS AND DATA RECOVERY

GrowthForgeOS™ and its infrastructure providers may maintain backups and recovery systems designed to reduce the risk of accidental data loss.

However:

• Backups are not guaranteed.

• Recovery is not guaranteed.

• Backup retention periods may vary.

• Deleted information may not always be recoverable.

Customers remain responsible for maintaining copies of any business-critical information they wish to preserve.

10. MONITORING AND INCIDENT RESPONSE

We strive to monitor platform operations and respond appropriately to suspected security incidents.

When a confirmed security incident affects customer data and notification is legally required, we will make reasonable efforts to notify affected customers in accordance with applicable laws and contractual obligations.

11. CUSTOMER RESPONSIBILITIES

Customers play a critical role in maintaining security.

Customers are responsible for:

• Protecting account credentials

• Maintaining secure devices

• Managing user access

• Removing former employees and contractors

• Reviewing third-party integrations

• Maintaining lawful consent practices

• Securing exported data

• Reviewing AI-generated content before use

Failure to follow basic security practices can significantly increase risk regardless of platform protections.

12. SENSITIVE INFORMATION

Unless expressly authorized in writing, customers should not use GrowthForgeOS™ to store or process:

• Social Security numbers

• Government identification numbers

• Passport numbers

• Protected health information (PHI)

• Biometric identifiers

• Sensitive financial account credentials

• Highly regulated information

GrowthForgeOS™ is not intended for HIPAA-regulated information unless covered by a separate written agreement.

13. COMPLIANCE

GrowthForgeOS™ strives to support customers in meeting business and operational needs.

However, customers remain solely responsible for determining whether GrowthForgeOS™ satisfies:

• Industry requirements

• Regulatory obligations

• Contractual obligations

• Internal security requirements

• Legal compliance requirements

Customers should conduct their own due diligence before storing regulated or sensitive information within the platform.

14. CONTINUOUS IMPROVEMENT

Security is not a one-time project.

We continually evaluate opportunities to improve platform security, operational practices, vendor relationships, infrastructure, and customer protections as technology and business needs evolve.

15. CONTACT INFORMATION

Questions regarding security or data protection may be directed to:

Wild RiverDog Development Group, LLC

14900 Avery Ranch Blvd., Suite C200

Austin, Texas 78717

[email protected]

16. CHANGES TO THIS STATEMENT

We reserve the right to modify or update this Security & Data Protection Statement at any time.

Updates become effective upon posting unless otherwise stated.

Continued use of GrowthForgeOS™ constitutes acceptance of any updated version.