Legal
Privacy Policy
Last updated: July 13, 2026
This Privacy Policy explains how Full Stack GTM LLC ("Full Stack GTM," "we," "us," or "our") collects, uses, and shares information when you visit fullstackgtm.com, use our application at app.fullstackgtm.com, or otherwise interact with us (together, the "Services"). By using the Services, you agree to this Policy.
Information we collect
- Account information. When you create an account or sign in — including via Google Sign-In — we receive your name, email address, and profile image. Authentication is handled by our identity provider (Clerk).
- CRM and business data you connect. If you connect a CRM or other tool (for example, HubSpot or Salesforce), we access and process the records you authorize — such as contacts, companies, and deals — solely to provide the Services (CRM data hygiene, audits, and the actions you approve).
- Usage and device data. We collect log data, IP address, browser and device information, and product usage events to operate, secure, and improve the Services.
- Communications. If you contact us or submit a form, we keep the information you provide so we can respond. This includes domains submitted to our website tools, newsletter email addresses, contact-form details, and market-map inputs.
- Tool-generated results. When you use our website-to-leads tool, we retain the generated ideal-customer profile and the sample leads returned for that profile, including business contact details supplied by our data provider, so we can analyze and improve the tool.
How we use information
- Provide, operate, maintain, and improve the Services;
- Authenticate you and secure your account;
- Process the CRM changes and analyses you request or approve;
- Provide support and respond to your inquiries;
- Monitor for, prevent, and address fraud, abuse, and security issues;
- Comply with legal obligations and enforce our agreements.
Google user data
When you choose Google Sign-In, we use Google OAuth only to authenticate you and to obtain your basic profile information (name, email address, and avatar). Full Stack GTM's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not sell Google user data, use it for advertising, or use it for purposes other than providing and improving the Services.
How we share information
We do not sell your personal information. We share information only as needed to run the Services, with service providers ("subprocessors") acting on our behalf, including:
- Clerk — authentication and identity;
- Convex — application database and backend;
- Railway — application hosting;
- Cloudflare — website security, analytics, edge computing, and form storage;
- Google — sign-in (when you choose it);
- CRM and data providers you connect (e.g., HubSpot, Salesforce) — to read and write the records you authorize.
We may also disclose information to comply with law, enforce our terms, or protect the rights, property, and safety of Full Stack GTM, our users, or others. If we undergo a merger, acquisition, or asset sale, information may be transferred as part of that transaction.
Data retention
We retain information for as long as your account is active or as needed to provide the Services, and thereafter as required to comply with legal obligations, resolve disputes, and enforce our agreements. You may request deletion of your account and associated data as described below.
Security
We use administrative, technical, and organizational measures designed to protect your information, including encryption in transit and access controls. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Your rights and choices
Depending on your location, you may have rights to access, correct, export, or delete your personal information, or to object to or restrict certain processing. You can disconnect a connected CRM at any time, and you can request account deletion by contacting us. To exercise any of these rights, email privacy@fullstackgtm.com.
International transfers
We operate in the United States and may process information there and in other countries where our service providers operate. Where required, we use appropriate safeguards for cross-border transfers.
Children's privacy
The Services are intended for business use and are not directed to children under 16. We do not knowingly collect personal information from children.
Changes to this Policy
We may update this Policy from time to time. When we do, we will revise the "Last updated" date above and, where appropriate, provide additional notice.
Contact us
Questions about this Policy or our privacy practices? Email privacy@fullstackgtm.com.