Privacy Policy

01

Who we are

HeldSway is an affiliate-management platform owned and operated by Leaping Logic LLC, a creative agency for smart businesses, established in 2017 and headquartered at Massena, New York, USA, with a branch office in Dhaka, Bangladesh. References to "we", "us", or "our" mean Leaping Logic LLC trading as HeldSway.

This Privacy Policy applies to the HeldSway marketing site at heldsway.com and to the HeldSway platform at app.heldsway.com and related subdomains.

02

Information we collect

We collect three categories of information:

Information you give us

• Account information — name, email, password (hashed), business name, billing address, payment method (processed and stored by our payment provider, never directly by HeldSway).
• Affiliate-program data — affiliates you onboard, their contact and tax information (W9 / W8) collected on your behalf, commission rules you configure, and payout records.
• Communications — messages you send via the contact form, support tickets, and emails.

Information collected automatically

• Usage data — pages viewed, features used, timestamps, and referrer (where you came from).
• Device & connection data — IP address, browser type and version, operating system, device type, language preference.
• Cookies and similar technologies — see our Cookie Policy for the full list.

Information from third parties

• Integration data — when you connect Shopify, WooCommerce, Stripe, Paddle, Braintree, PayPal, RentMy, or any other supported integration, we receive the data you authorise (typically order, conversion, and refund events).
• Analytics — we use Google Analytics 4 to understand site usage. Google may set cookies and process IP addresses according to its own privacy policy.

03

How we use your information

We use the information described above to:

• Provide, maintain, and improve the HeldSway service.
• Process payments, issue invoices, and run scheduled affiliate payouts.
• Authenticate your account, prevent fraud, and enforce our Acceptable Use Policy.
• Send transactional communications (account notices, payout receipts, security alerts) and, where you have opted in, our monthly newsletter.
• Comply with legal obligations including tax (W9 / 1099), anti-fraud, and accounting requirements.
• Investigate and respond to support requests.

We do not sell your personal information. We do not share it for cross-context behavioural advertising.

04

When we share information

We share information only in the limited cases below:

Service providers

Vendors who help us operate the service (hosting, email delivery, analytics, payment processing, customer support tooling). They process data only on our instructions and are bound by confidentiality. The current sub-processor list is available on request via the contact form.

Integration partners

When you connect a third-party platform (e.g. Shopify, Stripe), we exchange the data necessary to provide the integration. Each partner has its own privacy policy.

Legal compliance

When required by law, court order, or to protect the rights, property, or safety of HeldSway, our customers, or the public.

Business transfers

If HeldSway or substantially all of its assets are acquired, your information may be transferred to the acquiring entity. We will notify you and describe your choices before that happens.

05

How long we keep your information

We retain account information for as long as your account is active. After cancellation we keep records as required by applicable law (typically tax, accounting, and audit requirements) and our internal retention schedule, then delete or anonymise the data.

You can request earlier deletion at any time via the contact form; we will honour the request unless we are legally required to keep specific records.

06

Security

We use a combination of technical and organisational safeguards to protect your information, including encryption in transit (HTTPS / TLS), encryption at rest for sensitive fields (payment-method tokens, tax form contents), least-privilege access control for our team, and regular security reviews.

No system is perfectly secure. If we discover a security incident affecting your data, we will notify you and the appropriate authorities within the timeframes required by applicable law.

07

Your rights

Depending on where you live, you may have the right to:

• Access the personal information we hold about you.
• Correct information that is inaccurate or incomplete.
• Delete your account and associated personal information (subject to legal retention requirements).
• Port your data — receive an export of your data in a structured, machine-readable format.
• Restrict or object to certain processing.
• Withdraw consent for any processing based on your consent.

To exercise any of these rights, use the contact form. EU and UK customers should also see our GDPR statement for the legal bases of processing and information about our EU representative.

08

International transfers

Leaping Logic LLC operates from the United States with a branch office in Bangladesh. Some of our service providers and integration partners may process data in other jurisdictions. When we transfer personal information across borders, we do so under appropriate safeguards (such as Standard Contractual Clauses for EU/UK transfers) as required by applicable law.

09

Children's privacy

HeldSway is not directed to children under 13 (or under 16 in jurisdictions where that is the relevant age). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it promptly.

10

Cookies

We use cookies and similar technologies as described in our Cookie Policy, which forms part of this Privacy Policy.

11

Changes to this policy

We may update this Privacy Policy as the service evolves or as required by law. The "Last updated" and "Effective" dates above tell you when the current version took effect. Material changes will be communicated by email and via an in-app notice at least 30 days before they take effect.