Main St. App Privacy Policy (Marketing & Gmail Access)

Effective Date: March 3, 2026

1. MISSION AND SCOPE

At Main St., we believe local businesses are the heartbeat of the community. Our mission is to provide independent entrepreneurs with the visionary tools and high-level automation usually reserved for global conglomerates. This Privacy Policy describes how Main St. Marketing LLC ("Company," "we," "us," or "our") collects, uses, and protects information when you utilize our application, marketing automation tools, and integrated services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy.

2. DATA COLLECTION

To empower your business and automate your digital presence, we collect the following categories of information:

  • Account Information: Your name, business name, email address, phone number, login credentials (if applicable), and billing information.

  • User Content (Client Content): Marketing materials, job notes, "Before and After" photos, brand assets, templates, prompts/instructions, audience lists, and other content you upload, submit, post, transmit, or otherwise make available through the Service.

  • End-Customer Data (Marketing Data): Information about your customers and prospects (which may include names, email addresses, phone numbers, communication preferences, message history, and related campaign/engagement data) provided by you, imported by you, or collected/created through our review solicitation, lead generation, email marketing, SMS marketing, and analytics features.

  • Connected Account Data: Data from third-party platforms you authorize us to connect to and/or manage, including Google Business Profile, Facebook, Instagram, LinkedIn, Yelp, and similar services. This may include account identifiers, profile information, page insights, post performance, reviews, messages, and other data made available via those platforms and your permission settings.

  • Gmail OAuth Tokens and Email Metadata: If you connect Gmail/Google Workspace, we receive OAuth access tokens/refresh tokens and related authorization data to maintain the connection, plus limited email metadata and performance metrics (e.g., send status, bounce/complaint signals, open/click events when available) necessary to operate the Service and provide reporting.

  • Device/Usage Data: Log data and usage information such as IP address, browser type, device identifiers, pages/screens viewed, timestamps, and actions taken within the Service, for security, troubleshooting, and product improvement.

3. HOW WE USE INFORMATION

We use the information we collect to operate, provide, and improve the Service, including to:

  • Provide the Service and act as your marketing agent: Configure, automate, and manage your marketing workflows, online presence, and connected platform activities based on your settings and instructions.

  • Send emails on your behalf: If you connect Gmail/Google Workspace or other email services, we will send review solicitations, marketing campaigns, and transactional/service emails as directed by your account settings and inputs.

  • Send SMS or other messages on your behalf (if enabled): Execute campaigns and communications you configure, subject to your responsibilities described below.

  • Analytics and optimization: Measure campaign performance, deliver reporting dashboards, perform sentiment analysis, and conduct competitor monitoring and other insights to help you improve results.

  • Customer support and communications: Respond to inquiries, provide onboarding and account support, send service notices, and contact you about administrative or security matters.

  • Security and integrity: Detect, prevent, and investigate fraud, abuse, unauthorized access, policy violations, and security incidents.

  • Compliance: Comply with legal obligations and enforce our agreements.

4. GOOGLE API DISCLOSURE (LIMITED USE)

If you authorize access to Google services (including Gmail) via Google OAuth API Services:

  • Access Scope: We only request the specific permissions necessary to provide the features you enable (for example, sending email on your behalf).

  • No password storage: We do not store your Gmail/Google password.

  • Limited Use Compliance: Our use and transfer of information received from Google APIs will comply with the Google API Services User Data Policy, including the Limited Use requirements. This means we only use Google user data to provide and improve user-facing features that you request and we do not use Google user data for advertising or sell it.

  • Token handling: We store and use OAuth tokens as necessary to maintain the connection you authorize. You can revoke access at any time through your Google account security settings.

5. NO SALE OF DATA

Your trust is our most valuable asset. Main St. Marketing LLC does not sell, rent, or lease your personal information, your business data, or your customers' contact lists to third parties for their own marketing or advertising purposes—ever.

6. USER RESPONSIBILITY (CLIENT DATA, CONSENT, AND LAWFUL USE)

When Main St. Marketing LLC sends communications or processes End-Customer Data on your behalf:

  • You are the controller/owner of your customer data: You represent and agree that you have the right to provide End-Customer Data to us and to instruct us to process it for your marketing and business purposes.

  • Consent and compliance: You are solely responsible for obtaining, maintaining, and documenting any and all required consents and permissions (including opt-in/opt-out management) to contact your customers/prospects via email, SMS, phone, or other channels, in compliance with the TCPA, CAN-SPAM Act, and all other applicable laws and platform rules.

  • Content responsibility: You are solely responsible for the legality, accuracy, and non-infringing nature of the content, audience lists, and instructions you provide.

  • List hygiene and suppression: You are responsible for ensuring the lists you upload/import are lawfully obtained and that suppression lists, unsubscribe requests, and other opt-out signals are honored as required.

7. DATA SHARING AND THIRD PARTIES

We may share information with trusted third-party service providers (such as Stripe for payments or AWS for hosting) only to the extent necessary to operate the Service. All such providers are prohibited from using your information for any purpose other than providing these services to Main St. Marketing LLC.

8. LIMITATION OF LIABILITY AND INDEMNIFICATION (PROTECTIONS FOR MAIN ST.)

  • Service limitations: Main St. Marketing LLC provides tools and automation to support your marketing, reputation, and online presence, but we do not guarantee specific financial results, lead volume, conversion rates, or search engine rankings.

  • Third-party platforms and outages: We are not responsible for the availability, policies, acts/omissions, data practices, or security of third-party platforms (e.g., Google, Facebook, carriers, email providers) that you connect to or rely on. Third-party breaches, outages, API changes, deliverability issues, or policy enforcement actions may impact your use of the Service.

  • Data accuracy: We are not responsible for the accuracy of data retrieved from third-party platforms or provided by you or your end-customers.

  • Client misuse: You agree that you will not use the Service to send unlawful, deceptive, infringing, harassing, or unsolicited messages. You are responsible for your use of the Service and any actions taken under your account.

  • Indemnification: You agree to indemnify, defend, and hold harmless Main St. Marketing LLC and its officers, directors, employees, and contractors from and against any claims, complaints, investigations, damages, liabilities, penalties, costs, and expenses (including reasonable attorneys’ fees) arising out of or related to (i) your content, audience lists, or instructions; (ii) your violation of law (including TCPA/CAN-SPAM or privacy laws) or third-party rights; (iii) any allegation that communications sent on your behalf were unauthorized, unlawful, or “spam”; or (iv) your misuse of the Service.

  • Right to suspend/terminate: We reserve the right to suspend or terminate access to Gmail or social media integrations (or the Service) if we detect activity that violates applicable laws, the terms of connected platforms, or threatens the integrity or security of our Service.

9. DATA SECURITY

We implement industry-standard administrative, technical, and physical safeguards designed to protect information from unauthorized access, disclosure, alteration, or destruction. These measures may include encryption in transit, access controls, least-privilege practices, monitoring, and incident response procedures. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. SECURITY AND RETENTION

We retain your information for as long as your account is active or as needed to provide you services, comply with legal obligations, resolve disputes, and enforce agreements. Where appropriate, we may de-identify or aggregate information for analytics and product improvement.

10. CHANGES TO THIS POLICY

Main St. reserves the right to update this Privacy Policy to reflect changes in our practices or the regulatory landscape. We will notify you of any significant changes by posting the new policy on our website and updating the "Effective Date."

11. CONTACT US

For questions regarding this Privacy Policy or your data, please contact:
Main St. Support
Email: team@mainst.marketing
Website: https://mainstconsults.com