Automate the Journey, Inc. Customer Journey Automation
Security & Privacy

Trust Center

Plain-English overview of how we protect your data and respect your clients.

Security practices

  • Least-privilege access - Team members only receive permissions required for their role.
  • Encryption - All data in transit is protected with TLS 1.2 or higher.
  • Backups - Configurations and assets are version-controlled with regular backups.
  • Environment separation - Staging and production environments are fully isolated.
  • Change control - Every deployment is peer-reviewed, logged, and includes a rollback plan.

We integrate with third-party platforms (GoHighLevel, Stripe, etc.) that maintain their own security programs. Our controls cover the work we perform within those platforms on your behalf.

Privacy & data handling

  • Data minimization - We only access the data necessary to deliver the services you hired us for.
  • Data processing - We act as a data processor on your behalf; your data stays in your accounts.
  • Consent - You are the data controller. We help you implement proper opt-in and consent mechanisms.
  • Exports & deletion - You can export or request deletion of any data we process at any time.

For CCPA/GDPR inquiries or data subject requests, contact privacy@automatethejourney.com.

Compliance posture

Area
Summary
TCPA / SMS
All automations include opt-in/opt-out flows and honor STOP/HELP keyword standards.
GDPR / CCPA
We support export and erase requests. A Data Processing Addendum (DPA) is available on request.
PCI
We do not process or store card data. All payments are handled via Stripe.
HIPAA
We are not a HIPAA Business Associate by default, but can scope a compliant integration if needed.

Legal documents

See Pricing Guarantee Book a Call
← Back to Home