Privacy Policy

Privacy policy for thePulse.net

Last updated: April 17, 2025

thePulse, Inc. ("we", "us", or "our") operates thePulse.net (the "Service"). This Privacy Policy explains what information we collect, how we use it, who we share it with, and what rights you have over it. By using the Service you agree to the practices described here.

1. Information We Collect

1.1 Information You Provide Directly

  • Account registration: name, email address, and password when you create an account.
  • Profile & organization data: company name, billing address, phone number, and any other details you add to your profile or organization.
  • Payment information: billing details submitted when paying invoices. Full card numbers are processed directly by our payment processor and are never stored on our servers.
  • Communications: messages, support requests, or feedback you send to us.
  • Website audit submissions: URLs and domain names you submit to the Pulse Check audit tool.

1.2 Information Collected Automatically

  • Usage data: pages visited, features used, timestamps, session duration, and clickstream data.
  • Device & browser data: IP address, browser type and version, operating system, and screen resolution.
  • Cookies & local storage: session tokens for authentication, theme preference, and other functional settings. See Section 6 for details.
  • Log data: server logs that may include your IP address, request path, and HTTP status codes, retained for security and diagnostic purposes.

1.3 Information from Third Parties

If you sign in via a third-party identity provider (e.g., Google or Microsoft), we receive the profile information that provider shares with us, such as your name, email address, and profile picture, subject to that provider's privacy settings.

2. How We Use Your Information

We use the information we collect to:

  • Create and manage your account and authenticate your sessions.
  • Deliver and improve the features of the Service, including the client portal, project management tools, invoicing, and the Pulse Check audit tool.
  • Process payments and send billing confirmations and receipts.
  • Send transactional emails (e.g., invoice notifications, password resets, project status updates).
  • Respond to support requests and communicate with you about the Service.
  • Monitor for security threats, detect abuse, and enforce our Terms of Use.
  • Analyse aggregate, anonymized usage trends to improve performance and user experience.
  • Comply with applicable legal obligations.

We do not sell your personal information to third parties, nor do we use it for behavioural advertising.

3. Legal Bases for Processing (where applicable)

Where privacy law requires a lawful basis for processing, we rely on the following:

  • Contract performance: processing necessary to deliver the Service you have agreed to receive.
  • Legitimate interests: security monitoring, fraud prevention, and service improvement, balanced against your rights.
  • Legal obligation: compliance with tax, financial reporting, and other legal requirements.
  • Consent: for any processing not covered above, such as optional marketing emails, which you may withdraw at any time.

4. How We Share Your Information

We share your information only in the following circumstances:

  • Service providers: trusted vendors who help us operate the Service (e.g., cloud hosting, payment processing, transactional email delivery). They are contractually bound to use your data only as directed by us.
  • Within your organization: if your account is associated with a client organization on thePulse.net, authorized members of that organization may see shared project and billing data.
  • Legal requirements: if required by law, court order, or to protect the rights and safety of thePulse, Inc., its users, or the public.
  • Business transfers: in the event of a merger, acquisition, or sale of assets, your data may be transferred to the successor entity, who will be bound by this policy.

5. Data Retention

We retain personal data for as long as your account is active or as needed to provide the Service. Account and billing records are retained for a minimum of seven years to meet financial and legal obligations. You may request deletion of your account at any time (see Section 8); certain records may be retained in anonymized or aggregated form after deletion.

6. Cookies and Local Storage

The Service uses the following client-side storage mechanisms:

  • Authentication cookies: secure, HTTP-only session cookies required for login. These are essential and cannot be disabled while using the Service.
  • Preference storage: localStorage entries (e.g., pulse-theme) that store your UI preferences such as light/dark mode. No personal data is stored here.

We do not use third-party tracking cookies or advertising cookies.

7. Security

We apply industry-standard security measures including TLS encryption for data in transit, hashed and salted password storage, role-based access controls, and regular security reviews. While we take reasonable precautions, no system is completely secure. If you believe your account has been compromised, please contact us immediately at support@thepulse.net.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: request a copy of the personal data we hold about you.
  • Correction: request correction of inaccurate or incomplete data.
  • Deletion: request deletion of your account and associated personal data.
  • Portability: request an export of your data in a machine-readable format.
  • Objection / restriction: object to or request restriction of certain processing activities.
  • Withdraw consent: where processing is based on consent, withdraw it at any time without affecting prior processing.

To exercise any of these rights, contact us at privacy@thepulse.net. We will respond within 30 days. You may also manage your account data directly from the Account section of the Service.

9. Children's Privacy

The Service is intended for users aged 18 and older. We do not knowingly collect personal data from children under 18. If we become aware that we have inadvertently collected such data, we will delete it promptly. Please contact us at privacy@thepulse.net if you believe a minor has provided us with personal information.

10. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties and encourage you to review their privacy policies before sharing any personal information.

11. Florida Resident Rights and Disclosures

11.1 Data Breach Notification (FIPA § 501.171)

thePulse, Inc. is subject to the Florida Information Protection Act. In the event of a security breach affecting unencrypted personal information of Florida residents, we will notify affected individuals within 30 days of discovery, or sooner where practicable. If we act as a data processor on behalf of a controller (e.g., a client organization), we will notify that controller within 10 days of discovery so they can fulfil their own notification obligations. Notifications will be delivered by email to your registered address and, where required, to the Florida Department of Legal Affairs.

11.2 Florida Digital Bill of Rights (FDBR)

Florida residents have the following rights with respect to their personal data processed by thePulse, Inc.:

  • Right to know: you may request confirmation of whether we are processing your personal data and obtain access to it.
  • Right to deletion: you may request deletion of your personal data, subject to legal retention obligations.
  • Right to correction: you may request correction of inaccurate personal data.
  • Right to portability: you may request a copy of your data in a portable, machine-readable format.
  • Right to opt out: if we were ever to sell personal data or use it for targeted advertising or profiling for decisions with legal or similarly significant effects, you would have the right to opt out. As stated in Section 2, we do not currently engage in these activities.

To exercise any of these rights, please contact us at privacy@thepulse.net. We will respond within 45 days; a single 45-day extension may apply where reasonably necessary.

11.3 Sensitive Data

We do not intentionally collect sensitive categories of data as defined under the FDBR (including biometric identifiers, precise geolocation, health data, or financial account data beyond what is strictly necessary for payment processing). If a future feature requires collection of any sensitive data, we will obtain your express opt-in consent before doing so and update this policy accordingly.

11.4 Children and Age Verification (Florida HB 3)

The Service is intended exclusively for users aged 18 and older. We do not knowingly permit minors to create accounts. Consistent with Florida's age-verification requirements, if we have reason to believe an account is held by a person under 18, we will take steps to verify age and may suspend or terminate the account pending verification. We do not collect data from minors knowingly, and we do not operate social-media-style features subject to Florida's minor-protection mandates. If you believe a minor has registered, please contact us immediately at privacy@thepulse.net.

11.5 Dormant Accounts and Unclaimed Property (Florida Chapter 717)

If your account holds a credit balance (e.g., an overpayment or unused prepaid amount) and your account is inactive for five (5) consecutive years, that balance may be classified as unclaimed property under Florida law and reported to the Florida Department of Financial Services. We will make reasonable efforts to contact you before any such reporting occurs.

11.6 Secure Data Disposal (FIPA § 501.171(8))

When personal data is no longer required for the business or legal purpose for which it was collected, we dispose of it securely using industry-standard methods (e.g., cryptographic erasure for cloud-stored data, secure wipe for any physical media). Upon account deletion, personal data is removed from active systems within 30 days; residual copies in backups are purged on a rolling schedule not exceeding 90 days.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email or by posting a notice on the Service at least 14 days before the changes take effect. The "Last updated" date at the top of this page will always reflect the most recent revision. Continued use of the Service after changes take effect constitutes your acceptance of the revised policy.

13. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy, please contact us:

thePulse, Inc. — Privacy
privacy@thepulse.net
thepulse.net/About

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please reload the page.