Privacy Policy

Last updated: January 31, 2026

Introduction

Fresko ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SMS marketing platform at fresko.com (the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Password (stored in encrypted form)
  • SMS consent and preferences
  • Business name (during vetting process)

Payment Information

When you make a purchase, our payment processor Stripe collects:

  • Credit/debit card number
  • Billing address
  • Payment transaction history

Note: We do not store your full credit card number on our servers. All payment processing is handled securely by Stripe.

Contact Data

When you upload contacts to send SMS messages, we store:

  • Phone numbers
  • Names and any custom fields you provide
  • Group/list assignments

Message Data

We store information about your SMS campaigns:

  • Message content and templates
  • Delivery status and timestamps
  • Broadcast history and logs

Usage Information

We automatically collect:

  • IP address
  • Browser type and version
  • Pages visited and actions taken
  • Date and time of access

How We Use Your Information

We use the information we collect to:

  • Provide the Service: Send SMS messages on your behalf, manage your contacts and campaigns
  • Process payments: Complete transactions and send billing notifications
  • Communicate with you: Send service updates, security alerts, and support messages
  • Ensure compliance: Review content for carrier policy compliance (spam, prohibited content)
  • Improve the Service: Analyze usage patterns to enhance features and performance
  • Prevent abuse: Detect and prevent fraudulent or unauthorized use
  • Legal compliance: Fulfill legal obligations and respond to lawful requests

Information Disclosure

We share your information with the following parties:

Service Providers

Provider Purpose Data Shared
Twilio SMS delivery Phone numbers, message content
Stripe Payment processing Payment details, billing info
Render Cloud hosting All application data (encrypted)

Legal Requirements

We may disclose your information if required to:

  • Comply with a legal obligation or court order
  • Protect and defend our rights or property
  • Prevent fraud or abuse of the Service
  • Protect the safety of users or the public

Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit: All data transmitted between your browser and our servers uses TLS/SSL encryption (HTTPS)
  • Encryption at rest: Sensitive data is encrypted in our database
  • Password security: Passwords are hashed using industry-standard algorithms and never stored in plain text
  • Access controls: Employee access to user data is limited and logged
  • Secure infrastructure: Our servers are hosted on Render with enterprise-grade security
  • PCI compliance: Payment processing through Stripe is PCI-DSS compliant
  • Regular monitoring: We monitor for security threats and unauthorized access

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data: Retained until you delete your account
  • Message logs: Retained for 12 months for compliance and support purposes
  • Payment records: Retained as required by tax and accounting regulations
  • Deleted accounts: Data is permanently deleted within 30 days of account deletion

Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Update or correct inaccurate information
  • Deletion: Delete your account and all associated data from your Settings page
  • Export: Request an export of your data
  • Withdraw consent: Opt out of marketing communications at any time

To exercise these rights, visit your account settings or contact us at support@fresko.com.

SMS Communications

When you create an account and consent to SMS communications, we collect and store:

  • Your phone number
  • Your SMS consent status and timestamp
  • SMS opt-in/opt-out history
  • Message delivery records

We use this information to send you account alerts, service updates, order confirmations, and appointment reminders. We do not share your phone number with third parties for marketing purposes.

You can opt out of SMS messages at any time by replying STOP to any message or contacting us at support@fresko.com. For full details, see our SMS Terms & Conditions.

Cookies

We use essential cookies to maintain your login session and remember your preferences. We do not use tracking cookies or third-party advertising cookies.

Children's Privacy

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect information from children under 18. If we learn that we have collected personal information from a child under 18, we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the Service or sending you an email. Your continued use of the Service after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: support@fresko.com
Website: Support Page