Legal

Privacy Policy

How Here to Scale collects, uses, shares, and protects information when you use our website, our free Report Card, and our client services.

Effective June 16, 2026·Terms of Service

1. Introduction

This Privacy Policy explains how Here to Scale, Inc. ("Here to Scale," "we," "us," or "our") handles personal information in connection with our website at heretoscale.com, our free online marketing "Report Card," our client portal, and the marketing and growth services we provide (together, the "Services").

By using the Services, you acknowledge that you have read and understood this Policy. If you do not agree with it, please do not use the Services. This Policy is incorporated into and supplements our Terms of Service.

2. Who We Are

Here to Scale, Inc. is a marketing and growth agency that helps personal brands and businesses improve their online presence. We offer a free, automated Report Card that evaluates a business's public online presence, and we deliver paid engagements (project work and monthly retainers) to clients through our portal.

For the purposes of applicable data-protection laws, Here to Scale acts as a "controller" (or "business") of the personal information described in this Policy, except where we process client-provided data on a client's behalf, in which case we act as a "processor" (or "service provider") under our engagement agreement with that client.

3. Information We Collect

Information you provide to us

  • Contact and account details: your name, email address, business or brand name, and (if you choose to provide it) phone number and role.
  • Intake and questionnaire responses: information you submit through our funnel and onboarding forms, such as your audience, goals, revenue stage, budget range, timeline, priorities, and the website and social-media handles you ask us to evaluate.
  • Engagement and project information: assets, brand materials, credentials you choose to share, briefs, approvals, notes, and communications you exchange with us.
  • Payment information: when you purchase services, payment is processed by our payment processor (Stripe). We receive limited billing details (such as a confirmation, the last four digits of a card, and billing status) but do not collect or store full payment-card numbers on our systems.
  • Communications: the content of emails, messages, and other correspondence you send us.

Information we collect automatically

  • Device and usage data: IP address, browser type, device and operating-system information, pages viewed, referring URLs, and timestamps.
  • Cookies and similar technologies: identifiers used to keep you signed in, secure the site, remember preferences, and understand how the Services are used (see Section 7).

Information from public sources and third parties

  • Public online presence: to generate a Report Card, we collect and analyze publicly available information about the website and social or other online profiles you submit — for example, public posts, profile details, engagement metrics, and other publicly visible signals.
  • Enrichment and analytics providers: we may supplement this with data from third-party providers that supply website, SEO, social, and audience analytics.

4. How We Use Information

We use personal information to:

  • Generate, deliver, and explain your Report Card and other analyses;
  • Provide, operate, maintain, and improve the Services and the client portal;
  • Communicate with you — including sending your Report Card, magic-link sign-in emails, proposals, plans, invoices, service updates, and support responses;
  • Prepare proposals and quotes, manage engagements, deliver project work, and process payments and recurring billing;
  • Personalize recommendations and tailor our services to your goals;
  • Protect the security and integrity of the Services, prevent fraud and abuse, and enforce our Terms; and
  • Comply with legal obligations and exercise or defend legal claims.

Where required by law, we rely on the following legal bases: performance of a contract with you; your consent; our legitimate interests in operating and improving the Services; and compliance with legal obligations.

5. The Report Card & Automated Analysis

The Report Card is produced using automated processing, including artificial-intelligence models, applied to the public information described in Section 3 and the details you submit. Grades, scores, and recommendations are generated programmatically and are provided for informational purposes only.

Automated outputs may be incomplete or inaccurate and do not constitute professional, legal, financial, or marketing advice. We do not use the Report Card to make decisions that produce legal or similarly significant effects about you without human involvement. You can ask us about how a Report Card was produced, or request a human review, by contacting us at privacy@heretoscale.com.

You should only submit websites, handles, and profiles that are public and that you own or are otherwise authorized to request an evaluation of.

6. How We Share Information

We do not sell your personal information. We share information only as described below:

Service providers (subprocessors)

We share information with vendors who process it on our behalf to run the Services, under contracts that limit their use of the information. These currently include providers for:

  • Cloud hosting and application infrastructure;
  • Database, authentication, and file storage;
  • Payment processing (Stripe);
  • Artificial-intelligence model processing used to analyze and generate reports;
  • Website, SEO, social, and audience data collection and enrichment;
  • Transactional email delivery;
  • Product analytics and error monitoring;
  • Bot detection and security; and
  • Internal operations, project management, and scheduling tools.

Other disclosures

  • Legal and safety: when we believe disclosure is required by law, regulation, legal process, or governmental request, or is necessary to protect the rights, property, or safety of Here to Scale, our clients, or others.
  • Business transfers: in connection with a merger, acquisition, financing, reorganization, or sale of assets, in which case information may be transferred as a business asset (subject to this Policy).
  • With your direction or consent: when you ask us to share information or otherwise consent.

7. Cookies & Analytics

We use cookies and similar technologies that are strictly necessary to operate the Services (for example, to keep you signed in, secure forms, and protect against abuse), as well as analytics technologies that help us understand and improve how the Services are used.

Analytics & session-analytics providers

Across our website and application we use the following providers:

  • Google Analytics (Google LLC) — aggregate traffic and usage analytics (pages viewed, sources, and trends).
  • Microsoft Clarity (Microsoft Corporation) — product and session analytics, including session replay and heatmaps that record interactions such as clicks, scrolls, mouse movement, and navigation, to help us diagnose problems and improve usability. We configure Clarity to mask sensitive input fields, and recordings are used only to improve the Services.

You can review or change your cookie choices at any time via the “Cookie Settings” link in our website footer. Where required by law (for example, in the EEA and the UK), we ask for your consent before enabling analytics or marketing cookies, and you can decline or customize them.

Most browsers let you refuse or delete cookies; however, disabling strictly necessary cookies may prevent parts of the Services (such as signing in) from working.

Our forms and sign-in flows are protected by Cloudflare Turnstile to prevent automated abuse; the Cloudflare Privacy Policy and Terms of Service apply.

8. Data Retention

We retain personal information for as long as needed to provide the Services, maintain our business records, resolve disputes, and comply with our legal obligations. Lead and prospect records are kept while there is an active or prospective relationship and for a reasonable period afterward.

When a lead or client record is deleted from our admin tools, it is moved to a recoverable "trash" state and then permanently deleted after 30 days. We may retain limited records (such as billing, contract, and audit-log information) for longer where required for legal, accounting, or security purposes.

9. Security

We use administrative, technical, and organizational safeguards designed to protect personal information, including encryption in transit, access controls, and least-privilege practices. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential.

10. Your Privacy Choices & Rights

Depending on where you live, you may have rights regarding your personal information, including the right to access, correct, delete, or receive a copy of it, and to opt out of certain processing.

U.S. state privacy rights (including California)

Residents of California and other states with comprehensive privacy laws may request access to, correction of, or deletion of their personal information, and may request information about our processing. We do not sell personal information and do not "share" it for cross-context behavioral advertising as those terms are defined under California law. We will not discriminate against you for exercising your rights.

EEA / UK rights

If you are in the European Economic Area or the United Kingdom, you may have rights to access, rectify, erase, restrict, or object to processing, and to data portability, as well as the right to lodge a complaint with your supervisory authority.

To exercise any of these rights, email us at privacy@heretoscale.com. We will verify your request and respond within the timeframe required by applicable law. You may use an authorized agent where the law permits.

11. Third-Party Platforms & Links

The Services may reference or link to third-party websites and platforms (such as social networks and our payment processor's checkout). Their handling of your information is governed by their own privacy policies, not this one. We encourage you to review them.

12. Children's Privacy

The Services are intended for businesses and individuals aged 18 and over and are not directed to children. We do not knowingly collect personal information from children under 16. If you believe a child has provided us personal information, contact us at privacy@heretoscale.com and we will delete it.

13. International Users & Data Location

Here to Scale is based in the United States, and our service providers may process information in the United States and other countries. If you access the Services from outside the United States, you understand that your information may be transferred to, stored, and processed in the United States, where data-protection laws may differ from those in your jurisdiction. Where required, we use appropriate safeguards for such transfers.

14. Changes to This Policy

We may update this Policy from time to time. When we do, we will revise the "Effective date" above and, for material changes, provide additional notice where required. Your continued use of the Services after an update means you accept the revised Policy.

15. Contact Us

If you have questions or requests about this Policy or your personal information, contact us at privacy@heretoscale.com, or write to Here to Scale, Inc..

© 2026 Here to Scale, Inc.. This document is provided for general information and does not constitute legal advice.