S
SubAccountReportsPricing

Privacy Policy

Last updated: April 16, 2026

1. Who We Are

SubAccountReports ("SAR", "we", "us", "our") is a reporting and analytics platform for agencies using GoHighLevel (GHL). We are operated by IMME Services, INC. Our website is subaccountreports.com.

For questions about this policy, contact us at support@subaccountreports.com.

2. What Data We Collect

We collect the following categories of data:

Account Information

When you sign up, we collect your name, email address, and authentication credentials through our authentication provider, Clerk. We store your email, role, and workspace membership in our database.

GHL Data (via OAuth)

When you connect a GoHighLevel location, you authorize us via OAuth to access your GHL data. We access contact counts, lead sources, tags, pipeline stages, team member activity, appointments, payments, orders, invoices, and custom field definitions. This data is queried live from GHL's API and cached temporarily (up to 15 minutes) to improve performance. We do not permanently store your GHL contact data outside of caching.

Billing Information

Payment processing is handled entirely by Stripe. We do not store your credit card number, CVV, or full card details. We receive and store your Stripe customer ID, subscription status, and billing history metadata.

Usage Data

We collect information about how you use the platform, including pages visited, reports generated, features used, and last login timestamps. This helps us improve the product.

3. How We Use Your Data

  • To provide, maintain, and improve our reporting and analytics services
  • To generate reports and dashboards from your connected GHL locations
  • To send scheduled PDF reports to recipients you specify
  • To process payments and manage your subscription
  • To send transactional emails (account invitations, billing notifications)
  • To provide customer support
  • To detect and prevent fraud or abuse

4. Third-Party Services

We use the following third-party services that may process your data:

  • Clerk — Authentication and user management
  • Stripe — Payment processing and billing
  • GoHighLevel — Source of agency/client data via OAuth API
  • Neon — PostgreSQL database hosting
  • Vercel — Application hosting and deployment
  • Resend — Transactional and scheduled report emails
  • Inngest — Background job processing for scheduled reports

Each of these services has their own privacy policy. We encourage you to review them.

5. Data Retention

We retain your account data for as long as your account is active. GHL data is queried live and cached for up to 15 minutes — we do not maintain a persistent copy of your contacts or client data.

If you cancel your subscription, your account data is retained for 30 days in case you reactivate, then permanently deleted. You can request immediate deletion by contacting us.

Stripe retains payment records independently per their own data retention policies.

6. Data Security

We take reasonable measures to protect your data, including:

  • All data in transit is encrypted via TLS/HTTPS
  • Database connections are encrypted and access-controlled
  • GHL OAuth tokens are stored securely and refreshed automatically
  • API routes are authenticated and role-gated
  • Stripe webhook signatures are validated on every request
  • No secrets or API keys are exposed to client-side code

No system is 100% secure. If you discover a security vulnerability, please report it to support@subaccountreports.com.

7. Your Rights

You have the right to:

  • Access — Request a copy of the personal data we hold about you
  • Correction — Request correction of inaccurate data
  • Deletion — Request deletion of your account and associated data
  • Portability — Request your data in a machine-readable format
  • Disconnect — Revoke GHL OAuth access at any time from your GHL settings or our Settings page

To exercise any of these rights, email us at support@subaccountreports.com. We will respond within 30 days.

8. Cookies

We use essential cookies for authentication (managed by Clerk) and session management. We do not use advertising or tracking cookies. We do not sell your data to third parties.

9. Children's Privacy

SubAccountReports is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify registered users of material changes via email. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact

If you have questions or concerns about this privacy policy, contact us at:

IMME Services, INC.
Email: support@subaccountreports.com
Website: subaccountreports.com