Privacy Policy

Effective Date: February 2026

This Privacy Policy ("Policy") describes how RSL/A ("Company," "we," "us," or "our") collects, uses, shares, and protects your personal information when you visit our website at rsla.io (the "Site"), engage our services, or interact with us through any channel, including email, SMS, social media, or third-party platforms.

We operate primarily in the United States and Canada and serve clients internationally. This Policy is designed to comply with applicable privacy laws including the California Consumer Privacy Act (CCPA/CPRA), the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), and other applicable data protection regulations worldwide.

By using our Site, engaging our services, or providing us with your personal information, you acknowledge that you have read and understood this Policy and consent to the collection, use, and disclosure of your information as described herein.

1. Information We Collect

1.1 Information You Provide Directly

When you use our Site, submit inquiries, book a call, subscribe to our newsletter, engage our services, or communicate with us, you may voluntarily provide:

  • Contact Information: Name, email address, phone number, mailing address, company name, job title.
  • Payment and Billing Information: Credit or debit card details, billing address, and transaction records, processed securely through third-party payment processors (we do not store full card numbers on our servers).
  • Business Information: Industry, marketing goals, budget, website URLs, brand assets, login credentials for platforms you grant us access to.
  • Communications: Content of emails, SMS messages, chat messages, phone calls, and any files or documents you share with us.
  • Newsletter and Marketing Preferences: Email address and communication preferences when you subscribe to our mailing list or opt in to marketing communications.
  • User-Generated Content: Testimonials, reviews, feedback, or other content you submit to us or authorize us to use.

1.2 Information Collected Automatically

When you visit our Site, certain information is collected automatically through cookies, pixels, and similar tracking technologies:

  • Device and Browser Information: IP address, browser type and version, operating system, device type, screen resolution, and language preferences.
  • Usage Data: Pages visited, time spent on each page, referring URL, links clicked, scroll depth, and navigation paths.
  • Location Data: Approximate geographic location derived from your IP address.
  • Cookies and Tracking Technologies: We use first-party and third-party cookies, web beacons, and pixels. See Section 10 (Cookie Policy) for full details.

1.3 Information from Third Parties

We may receive information about you from third-party sources, including:

  • Analytics providers (such as Google Analytics)
  • Advertising platforms (such as Google Ads and Meta)
  • CRM and marketing automation platforms
  • Publicly available sources (business directories, social media profiles, public records)
  • Referral partners or other clients who provide your contact information with your knowledge

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, manage, and deliver the services you engage us for.
  • Communication: To respond to inquiries, send project updates, schedule calls, and provide customer support.
  • Billing and Payments: To process transactions, issue invoices, and maintain financial records.
  • Marketing: To send promotional emails, newsletters, and marketing materials. You can opt out at any time.
  • SMS and Text Messaging: To send appointment reminders, service updates, and promotional messages (with your express consent).
  • Analytics and Improvement: To analyze Site usage, measure campaign performance, and improve our services.
  • AI Processing: To use artificial intelligence tools to generate content, analyze data, build automations, and optimize deliverables on your behalf.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, and enforceable governmental requests.
  • Security: To detect, prevent, and address fraud, abuse, security risks, and technical issues.

3. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.

We may share your information in the following circumstances:

  • Service Providers and Vendors: We share information with third-party platforms and tools that help us deliver our services.
  • AI and Machine Learning Providers: Information may be processed by AI service providers (such as Anthropic and OpenAI).
  • Payment Processors: Payment information is transmitted directly to our payment processor (Stripe).
  • Analytics Providers: We share usage data with analytics services (such as Google Analytics).
  • Legal Requirements: We may disclose your information if required by law.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.
  • With Your Consent: We may share your information for any other purpose with your explicit consent.

4. Artificial Intelligence and Automation

We use artificial intelligence ("AI") and machine learning tools as a core part of how we deliver services. This includes content generation, data analysis, workflow automation, chatbot interactions, and campaign optimization.

AI providers we use include, but are not limited to, Anthropic (Claude) and OpenAI (ChatGPT). Your information may be processed through these platforms to fulfill the services you have engaged us for.

We take reasonable steps to limit the personal information shared with AI providers to what is necessary for the task at hand.

AI-generated outputs are reviewed by our team before delivery. We do not guarantee that AI-generated content is free from errors.

5. Third-Party Services and Platforms

We use the following third-party services to operate our business and deliver services:

  • Stripe — Payment processing and billing
  • GoHighLevel — CRM, SMS messaging, email marketing, booking, and automation
  • Kit (ConvertKit) — Email newsletter and subscriber management
  • Google Analytics — Website analytics and usage tracking
  • Google Ads — Advertising and conversion tracking
  • Meta (Facebook/Instagram) — Advertising and conversion tracking
  • Vercel — Website hosting and deployment
  • Sanity — Content management system
  • Anthropic (Claude) — AI content generation, data analysis, and automation
  • OpenAI (ChatGPT) — AI content generation, data analysis, and automation
  • Notion — Project management and internal documentation
  • GitHub — Code hosting and version control
  • Supabase — Database and backend services
  • Calendly / GHL Calendar — Appointment scheduling
  • Instagram Messaging API (Meta) — Automated DM responses to followers who interact with our Instagram content. Collects Instagram user IDs, message content, and email addresses voluntarily provided through DM conversations.

Instagram DM Automation

We operate an automated messaging system that sends direct messages to Instagram users who interact with our content (such as commenting a keyword on a post or replying to a story). When you interact with our Instagram account in this way, we may collect your Instagram user ID, username, message content, and any information you voluntarily provide in the DM conversation (such as your email address). This data is stored securely and used solely to deliver the requested resource and track engagement with our content. You can request deletion of your data at any time by contacting team@rsla.io.

6. SMS and Text Messaging

By providing your phone number and opting in to receive text messages from RSL/A, you expressly consent to receive recurring SMS and MMS messages. Consent is not a condition of purchasing any goods or services. You can opt out at any time by replying STOP. Reply HELP for assistance. Your mobile phone number and SMS consent data will not be shared with or sold to third parties for marketing purposes.

7. Data Retention

  • Client Data: Retained for the duration of the business relationship and for up to 3 years after.
  • Billing Records: Retained for up to 7 years as required by tax and accounting regulations.
  • Marketing Data: Retained until you opt out or request deletion.
  • Website Analytics: Retained according to the data retention settings of the analytics provider.
  • SMS Consent Records: Retained for as long as you remain opted in, plus a reasonable period afterward.

8. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your personal information, including HTTPS/TLS encryption, PCI-DSS compliant payment processing via Stripe, access controls, and regular review of data handling practices.

9. Children's Privacy

Our Site and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. Contact us at team@rsla.io if you believe a child has provided us with personal information.

10. Cookie Policy

We use strictly necessary cookies, performance and analytics cookies, functional cookies, and marketing and advertising cookies. Non-essential cookies require your affirmative consent before they are placed on your device. You can manage cookies through our cookie consent banner or your browser settings.

11. Your Privacy Rights

11.1 Rights for All Users

Access, correction, deletion, opt-out of marketing, and withdrawal of consent.

11.2 California Residents (CCPA/CPRA)

Right to know, right to delete, right to correct, right to opt-out of sale or sharing, right to non-discrimination, and right to limit use of sensitive personal information. We do not sell your personal information.

11.3 Canadian Residents (PIPEDA)

Right to know, access, correct, withdraw consent, and file complaints with the Office of the Privacy Commissioner of Canada.

11.4 European Economic Area, UK, and Other International Users

Data portability, restriction of processing, right to object, and right to lodge a complaint with your local data protection authority.

12. Do Not Track Signals

Our Site does not currently respond to DNT browser signals, but we respect your cookie preferences as set through our cookie consent banner.

13. Third-Party Links

Our Site may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will update the "Effective Date" at the top of this page when we make material changes.

15. Contact Us

RSL/A — Privacy Inquiries: team@rsla.io

Last updated: February 2026