Privacy Policy

Effective Date: March 13, 2026  |  Last Updated: March 13, 2026

This Privacy Policy describes how Maximus Software LLC ("Maximus," "we," "us," or "our"), a Pennsylvania limited liability company, collects, uses, discloses, and protects your personal information when you access or use our AI-powered marketing platform available at maximus.software (the "Service"). This policy applies to all users of the Service, including visitors, registered users, and clients ("you" or "your").

By accessing or using the Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the Service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Name, email address, and password (or passkey credentials)
• Company or business name
• Phone number (if provided)
• Profile information and avatar preferences
• Authentication data from social login providers (Google, Facebook, Apple) if used

1.2 Business Information (Onboarding)

During our onboarding process, we collect business-specific information to build your knowledge graph and generate a tailored marketing plan. This includes:

• Your website domain and business description
• Industry, target audience, and geographic focus
• Business goals, competitive landscape, and marketing budget
• Brand voice, messaging preferences, and content guidelines
• Existing marketing presence and performance data

1.3 Connected Third-Party Account Data

When you connect third-party accounts through OAuth authorization, we receive access tokens and data from those platforms. You explicitly authorize each connection and can revoke access at any time. Connected services may include:

• Google Services: Search Console (search performance data), Google Analytics (website traffic and engagement data), Google Ads (campaign and keyword data), Google Business Profile (local business listing data), Gmail (email sending on your behalf), and YouTube (video publishing)
• Social Media Platforms: Facebook, Instagram, LinkedIn, TikTok, and X (Twitter) for content publishing, engagement tracking, and advertising campaign management
• CRM Systems: HubSpot, Salesforce, Zoho, Pipedrive, and others for customer relationship data synchronization
• Email Providers: Gmail and Microsoft Outlook for sending marketing emails on your behalf from your own accounts
• Content Management Systems: WordPress, Shopify, Webflow, and others for content deployment

1.4 Website Crawl Data

When you provide your website domain, our system crawls and analyzes your publicly available website content, including page structure, meta tags, schema markup, images, performance metrics, and technical SEO elements. This data is used exclusively to provide our auditing, optimization, and marketing services.

1.5 Usage and Interaction Data

• Pages viewed, features used, and actions taken within the Service
• Chat conversations with our AI assistant (Maximus)
• Marketing plan approvals, rejections, and modifications
• Content created, edited, or published through the Service
• Device information, browser type, IP address, and access timestamps

1.6 Payment Information

Payment processing is handled by Stripe, Inc. We do not store your credit card numbers or bank account details on our servers. Stripe collects and processes your payment information in accordance with their own privacy policy. We receive and store transaction records, subscription status, and billing history.

1.7 Communication Data

If you contact us for support, provide feedback, or communicate with us through any channel, we collect the content of those communications along with your contact details.

2. How We Use Your Information

We use the information we collect to:

2.1 Provide and Operate the Service

• Create and manage your account
• Build your business knowledge graph from onboarding data
• Generate and execute AI-driven marketing plans
• Perform website audits and technical SEO analysis
• Create, schedule, and publish content across connected platforms
• Manage advertising campaigns on your behalf
• Send emails and communications from your connected email accounts
• Provide AI-powered chat assistance and recommendations
• Generate performance reports and analytics dashboards

2.2 AI Processing

Our Service uses artificial intelligence to analyze your data, generate marketing strategies, create content, and execute marketing actions. Your business information, website data, and connected account data are processed by AI systems to deliver personalized marketing services. We use Anthropic's Claude as our AI provider. Your data sent to Anthropic for processing is subject to Anthropic's data usage policies. We do not use your data to train AI models.

2.3 Improve and Develop the Service

• Analyze usage patterns to improve features and user experience
• Debug issues and maintain service reliability
• Develop new features and capabilities

2.4 Communications

• Send service-related notifications (agent activity updates, plan approvals needed, task completions)
• Provide customer support
• Send promotional communications (with your consent; you may opt out at any time)

2.5 Legal and Safety

• Comply with applicable laws and regulations
• Enforce our Terms of Service
• Protect the rights, safety, and security of our users and the Service
• Detect and prevent fraud, abuse, and security incidents

3. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

3.1 Third-Party Service Providers

We share data with third-party service providers who perform services on our behalf, subject to confidentiality obligations:

• Anthropic — AI processing for content generation, marketing plan creation, and chat assistance
• Stripe — Payment processing and subscription management
• Amazon Web Services (AWS) — Cloud infrastructure and file storage
• Twilio — SMS notifications (if enabled)
• Apple Push Notification Service / Firebase Cloud Messaging — Push notifications (if enabled)
• Moz — Domain authority and backlink analysis
• Apollo.io — B2B contact discovery for sales outreach features

3.2 Connected Platforms (At Your Direction)

When you connect third-party accounts (Google, Meta, LinkedIn, TikTok, X, CRM systems, etc.), we transmit data to those platforms as necessary to perform the marketing actions you have authorized. This includes publishing content, managing ad campaigns, sending emails, and retrieving performance data. These transmissions occur only through the OAuth connections you explicitly authorize and can revoke at any time.

3.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal process, including subpoenas, court orders, or government requests. We may also disclose information when we believe in good faith that disclosure is necessary to protect our rights, your safety or the safety of others, investigate fraud, or respond to a government request.

3.4 Business Transfers

If Maximus is involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on the Service of any change in ownership or uses of your personal information.

4. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure OAuth 2.0 token storage with encryption for all third-party connections
• Role-based access controls and authentication (including passkey/WebAuthn support)
• Regular security assessments and monitoring
• Secure cloud infrastructure hosted on AWS

While we strive to protect your information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. If you close your account, we will delete or anonymize your personal information within 90 days, except where we are required to retain it for legal, accounting, or regulatory purposes.

Third-party OAuth tokens are stored only while your account is active and the connection is authorized. When you disconnect a third-party account or close your Maximus account, associated tokens are deleted.

Website crawl data, marketing plans, and content created through the Service are retained for the duration of your subscription. Aggregated, anonymized data that cannot be used to identify you may be retained indefinitely for analytics and service improvement purposes.

6. Your Rights and Choices

6.1 Account Information

You may update, correct, or delete your account information at any time through your account settings. You may also request account deletion by contacting us at the email address below.

6.2 Connected Accounts

You may disconnect any third-party account at any time through the integrations settings in your dashboard. Disconnecting an account immediately revokes our access to that platform and deletes the associated OAuth tokens.

6.3 Notification Preferences

You may manage your notification preferences (email, SMS, push, in-app) through the notification settings in your account. You may opt out of promotional communications at any time.

6.4 Data Access and Portability

You have the right to request a copy of the personal information we hold about you in a structured, commonly used, and machine-readable format. Contact us to submit a data access or portability request.

6.5 Deletion

You have the right to request deletion of your personal information, subject to certain exceptions required by law. We will process deletion requests within 30 days.

6.6 Do Not Track

Our Service does not currently respond to "Do Not Track" browser signals. However, you can manage your cookie and tracking preferences through your browser settings.

7. Cookies and Analytics

We use the following cookies and tracking technologies:

• Essential Cookies: Required for authentication, session management, and core functionality of the Service.
• Google Analytics 4: We use Google Analytics to understand how users interact with the Service. Google Analytics collects information such as pages visited, session duration, and general location data. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.
• Microsoft Clarity: We may use Microsoft Clarity to understand user interactions through session recordings and heatmaps. Clarity does not collect personally identifiable information.

8. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe we may have collected information from a child, please contact us.

9. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction. By using the Service, you consent to the transfer of your information to the United States and other countries as described in this Privacy Policy.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You may request information about the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You may request that we delete your personal information, subject to certain exceptions.
• Right to Opt-Out: We do not sell your personal information. If this changes, we will provide a "Do Not Sell My Personal Information" link.
• Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise your CCPA rights, contact us at the email address below. We will respond to verifiable consumer requests within 45 days.

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following additional rights under the General Data Protection Regulation (GDPR):

• Legal Basis: We process your personal data based on: (a) your consent, (b) the necessity to perform our contract with you, (c) our legitimate business interests, or (d) compliance with legal obligations.
• Right of Access: You may request access to the personal data we hold about you.
• Right to Rectification: You may request correction of inaccurate personal data.
• Right to Erasure: You may request deletion of your personal data.
• Right to Restrict Processing: You may request that we restrict processing of your personal data.
• Right to Data Portability: You may request a copy of your data in a structured, machine-readable format.
• Right to Object: You may object to processing based on legitimate interests or for direct marketing.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time.

To exercise these rights, contact us at the email address below. You also have the right to lodge a complaint with your local data protection authority.

12. Third-Party Links

The Service may contain links to third-party websites or services that are not owned or controlled by Maximus. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through the Service.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a prominent notice on the Service prior to the change becoming effective. Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Maximus Software LLC
Doylestown, Pennsylvania
Email: privacy@maximus.software
Website: maximus.software

Terms of Service  |  Return to Maximus