Privacy Policy – Ultimate SMS Effective Date: 10-08-25 Last Updated: 10-08-25 Ultimate SMS (“we,” “our,” “us”) provides a cloud-based messaging platform to help businesses communicate with their customers via SMS, MMS, and other channels. We are committed to protecting the privacy of our users and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and relevant telecommunications and anti-spam regulations. By using our Services, you agree to the practices described in this Privacy Policy. 1. Information We Collect We may collect the following categories of information: a. Account & Billing Information Name, email address, phone number, company name, billing address, and payment details. b. Messaging Data SMS/MMS content, recipient phone numbers, delivery reports, and timestamps. Contact lists you upload to send messages. c. Technical & Usage Data IP addresses, browser type, operating system, access logs, and usage metrics. d. Consent & Compliance Data Opt-in/opt-out preferences of message recipients, including unsubscribe requests, as required by law and carrier policies. 2. Legal Basis for Processing (GDPR) We process personal data on the following legal bases: Contractual necessity – to provide you with the Services you requested. Legitimate interests – to improve our platform, prevent fraud, and ensure security. Consent – for marketing communications where required. Legal obligation – to comply with applicable laws. 3. How We Use Your Information We use your information to: Deliver SMS/MMS messages and process delivery reports. Operate, maintain, and improve our Services. Process payments and manage subscriptions. Provide customer support and account management. Ensure compliance with anti-spam, carrier, and telecommunications regulations. Detect, prevent, and address fraud or security issues. Send you important updates, security alerts, and service notifications. 4. How We Share Your Information We may share data with: SMS Gateway Providers – to route and deliver your messages. Payment Processors – to process transactions securely. Cloud Hosting & Security Providers – to store and protect your data. Regulatory Bodies – if required by law or lawful request. Business Partners – only with your consent or during a business acquisition/merger. We do not sell personal data to third parties. 5. Data Retention Message content and logs are stored only as long as necessary for operational, billing, or compliance purposes, and then securely deleted. Account and billing data are retained for legal and tax obligations. You may request deletion of your account and associated data (subject to legal requirements). 6. Data Security We implement industry-standard security measures including encryption, firewalls, access controls, and secure data storage. While we take reasonable steps to protect your information, no method of transmission or storage is completely secure. 7. Your Rights Depending on your jurisdiction, you may have the right to: Access, correct, or delete your personal data. Request data portability. Restrict or object to processing. Opt out of marketing communications. For California residents (CCPA): request disclosure of categories of personal information collected, request deletion, and opt out of data sales (we do not sell data). Requests can be submitted to [Insert Contact Email]. 8. SMS & Messaging Compliance You are responsible for obtaining proper consent from recipients before sending messages. We automatically process STOP, UNSUBSCRIBE, and similar keywords to honor opt-out requests. You must comply with all applicable laws (e.g., TCPA, CAN-SPAM, GDPR) and carrier rules when using our Services. Sending unsolicited or unlawful messages may result in suspension or termination of your account. 9. International Data Transfers If you are located outside [Insert Country], your information may be transferred to and processed in countries that may not have the same data protection laws as your jurisdiction. We ensure such transfers comply with GDPR through appropriate safeguards (e.g., Standard Contractual Clauses). 10. Cookies & Tracking Technologies We use cookies and similar technologies to: Authenticate users. Store preferences. Analyze site usage for improvements. You can manage cookies via your browser settings. 11. Changes to This Policy We may update this Privacy Policy periodically. The updated version will be posted on our website with a revised “Last Updated” date. 12. Contact Us For privacy-related questions or requests: Email: akasham67@gmail.com Address: House no: 42, Block - J, Road No - 12, 3 South, Dhaka 1219 Data Protection Officer (if applicable): Codeglen & Email: akasham67@gmail.com