← Back to It's Buzzing # Trust Center It's Buzzing, LLC

Data Practices

No Sale of Personal Data

We do not sell, rent, or trade personal information.

Data Processing

Security Measures

  • Encryption in transit (TLS 1.2+)
  • Encryption at rest (AES-256)
  • Role-based access control
  • Regular security audits
  • Vulnerability scanning
  • Incident response procedures

    • Compliance Programs

    Email & SMS Compliance (CAN-SPAM / TCPA)

  • Mandatory unsubscribe links
  • Opt-out honored within 10 business days
  • Physical address in communications
  • No deceptive subject lines
  • Consent required for SMS

    • FTC Endorsement Compliance

  • Mandatory disclosures for incentivized referrals
  • No forced positive reviews
  • No suppression of negative feedback
  • Auto-disclosure injection

    • Anti-Fraud & Abuse

  • Automated monitoring
  • Velocity limits
  • Self-referral prevention
  • Manual review for suspicious activity

    • Reporting Channels

    Trust & Safety

    Email: trust@itsbuzzing.com For: Fraud, abuse, policy violations

    Privacy Inquiries

    Email: privacy@itsbuzzing.com For: Data requests, GDPR/CCPA rights

    Legal Matters

    Email: legal@itsbuzzing.com For: Subpoenas, compliance questions

    General Support

    Email: support@itsbuzzing.com For: Account issues, billing

    Subprocessors

    Payment Processing

  • Stripe, Inc. - Payment processing, subscription billing

    • Reward Fulfillment

  • Giftbit, Inc. - Gift card issuance and delivery

    • Email Delivery

  • Mailchimp / Sendgrid - Transactional and marketing emails

    • SMS Delivery

  • Twilio, Inc. - SMS notifications and campaigns

    • Hosting & Infrastructure

  • Amazon Web Services (AWS) - Cloud hosting, databases, storage
  • Google Cloud Platform (GCP) - Analytics, AI services

    • Analytics

  • Google Analytics - Usage analytics
  • Mixpanel - Product analytics

    • A complete subprocessor list is available upon request to privacy@itsbuzzing.com.

    Data Retention & Deletion

    Active Accounts

    Data retained for duration of service.

    Terminated Accounts

  • Business data retained 30 days for recovery
  • Thereafter deleted or anonymized
  • Financial records retained 7 years (tax compliance)

    • Deletion Requests

    Requests honored within 30 days. Some data retained for legal/tax obligations.

    User Rights

    Depending on jurisdiction, you may have rights to:

  • Access your data
  • Request deletion
  • Correct inaccurate data
  • Port data to another service
  • Opt out of marketing
  • Restrict processing

    • Submit requests to privacy@itsbuzzing.com.

    Compliance Certifications

    Current Status

  • SOC-2 Aligned Controls (audit in progress)
  • PCI DSS (via Stripe)
  • GDPR Data Processing Addendum available
  • CCPA Compliance program active

    • Not Yet Certified

    We do not currently hold SOC-2 Type II certification. Audit scheduled for Q2 2026.

    Security Incident Response

    Detection

    24/7 monitoring, automated alerting

    Response Time

  • Critical incidents: <1 hour
  • Data breaches: Legal/regulatory timelines

    • Notification

    Affected users notified without undue delay.

    Contact

    It's Buzzing, LLC Email: trust@itsbuzzing.com Website: https://itsbuzzing.com

    It's Buzzing, LLC | Privacy Policy | Terms

    Questions? Contact us at trust@itsbuzzing.com