1. Overview
Infinite Reach is a product of Never Ending Solutions LLC ("Company", "we", "our", "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Infinite Reach platform ("Service").
By creating an account or using the Service, you agree to the collection and use of information in accordance with this policy. This Privacy Policy is incorporated into and subject to our Terms of Service.
2. Information We Collect
Account Information: When you register, we collect your name, email address, organization name, and billing information.
Usage Data: We automatically collect information about how you interact with our platform, including features accessed, searches performed, pages viewed, and timestamps.
Site Intelligence Data: Our platform processes publicly available website data including domain information, technology stacks, contact details, and business information found on public web pages.
Technical Data: We collect device type, browser type, operating system, IP address, and general location (city/region level) derived from IP addresses.
- Name, email address, company name, and organization details
- Billing and payment information (processed securely via Square; we do not store full card numbers)
- Log data, IP addresses, browser type, and device information
- Feature usage metrics, search queries, and analytics
- Publicly available business data from website crawling
- Terms of Service acceptance timestamp
3. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:
- Contract performance: Processing necessary to provide the Service, manage your account, and process payments (Articles 6(1)(b) GDPR)
- Legitimate interests: Improving our Service, preventing fraud, ensuring security, and conducting aggregate analytics (Article 6(1)(f) GDPR)
- Legal obligation: Complying with applicable laws, regulations, and lawful requests (Article 6(1)(c) GDPR)
- Consent: Where required, such as for non-essential cookies or marketing communications, we obtain your explicit consent (Article 6(1)(a) GDPR). You may withdraw consent at any time
4. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Infinite Reach platform
- Process transactions and manage your subscription
- Send administrative communications (account updates, security alerts, billing notices)
- Improve our platform features, performance, and user experience
- Detect, prevent, and address technical issues, fraud, and security threats
- Generate aggregate, de-identified analytics (never sold to third parties)
- Enforce our Terms of Service and protect our legal rights
- Respond to your support requests and inquiries
We do not use your personal data for automated decision-making or profiling that produces legal effects concerning you.
5. Information Sharing and Disclosure
We do not sell, rent, or trade your personal information to third parties. We do not share your information for third-party advertising purposes. We may share information only in these limited circumstances:
- Service providers: Payment processing (Square, Inc.), cloud infrastructure, and email delivery providers who assist in operating our platform under contractual data protection obligations
- Legal requirements: When required by law, subpoena, court order, or government regulation, or to protect the rights, property, or safety of our users or the public
- Business transfers: In connection with a merger, acquisition, reorganization, or sale of assets, in which case you will be notified of any changes to how your data is handled
- With your consent: When you explicitly authorize sharing for a specific purpose
6. Cookies and Tracking
We use essential cookies to maintain your session and authentication state. We do not use third-party advertising trackers or cross-site tracking technologies.
- Strictly necessary cookies: Required for login, session management, and CSRF protection. These cannot be disabled
- Preference cookies: Remember your display settings, theme preferences, and filters
- First-party analytics: Usage analytics collected directly by us to improve the platform. No data is shared with third-party analytics services
You can manage cookie preferences through your browser settings. Disabling strictly necessary cookies may prevent you from using the Service.
7. Data Security
We implement industry-standard administrative, technical, and physical security measures to protect your data:
- TLS/SSL encryption for all data in transit
- Encrypted storage for sensitive credentials, API keys, and passwords (bcrypt hashing)
- Regular security audits and vulnerability assessments
- Role-based access controls and the principle of least privilege
- CSRF protection on all form submissions
- Secure session management with automatic timeouts
- Database connection encryption and parameterized queries to prevent injection
While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.
8. Data Breach Notification
In the event of a data breach that compromises your personal information, we will:
- Notify affected users via email within 72 hours of becoming aware of the breach, consistent with GDPR requirements
- Notify relevant supervisory authorities as required by applicable law
- Provide details of the breach, including the nature of the data affected, the likely consequences, and the measures taken to address it
- Take immediate steps to contain and remediate the breach
9. International Data Transfers
The Service is operated from the United States. If you access the Service from outside the United States, your personal data will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction.
For transfers from the EEA, UK, or Switzerland, we rely on:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequate safeguards as required under applicable data protection laws
By using the Service, you consent to the transfer of your information to the United States and other jurisdictions where we or our service providers operate.
10. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Update or correct inaccurate or incomplete information
- Deletion: Request deletion of your account and associated data ("right to be forgotten")
- Data portability: Request your data in a structured, machine-readable format
- Restriction: Request that we limit processing of your data in certain circumstances
- Objection: Object to processing based on legitimate interests
- Withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior processing
- Opt-out: Unsubscribe from non-essential communications at any time
To exercise any of these rights, contact us at info@neverendingsolutions.com. We will respond within 30 days (or within the timeframe required by applicable law). We may request identity verification before processing your request.
11. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
- Right to Know: You may request the categories and specific pieces of personal information we have collected, the sources of collection, the business purpose, and the categories of third parties with whom we share it
- Right to Delete: You may request deletion of your personal information, subject to certain exceptions
- Right to Correct: You may request correction of inaccurate personal information
- Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising. No opt-out is necessary
- Non-Discrimination: We will not discriminate against you for exercising your privacy rights
To submit a request, email info@neverendingsolutions.com with "California Privacy Request" in the subject line.
12. Children's Privacy
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18 (or under 16 in the EEA). If we become aware that we have inadvertently collected personal data from a child, we will take steps to delete such information promptly.
If you believe that a child has provided us with personal information, please contact us at info@neverendingsolutions.com.
13. Data Retention
We retain your personal data only as long as necessary to fulfill the purposes described in this Privacy Policy:
- Active accounts: Data is retained for the duration of your active subscription
- After termination: Account data is retained for up to 90 days to facilitate reactivation or data export, after which it is permanently and irreversibly deleted
- Billing records: Transaction records may be retained for up to 7 years to comply with tax and accounting obligations
- Aggregate analytics: Anonymized, de-identified aggregate data may be retained indefinitely and cannot be linked back to you
- Legal holds: Data may be retained longer if required by a legal obligation, dispute, or ongoing investigation
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Material changes will be communicated via email or a prominent notice on the platform at least 30 days before they take effect.
We encourage you to review this Privacy Policy periodically. The "Last updated" date at the top of this page indicates when the policy was last revised.
15. Contact Us
If you have questions about this Privacy Policy, wish to exercise your data rights, or have a privacy concern, please contact us:
If you are in the EEA and believe your data protection rights have not been adequately addressed, you have the right to lodge a complaint with your local supervisory authority.