Privacy Policy
Privacy Policy – PrimeKit
Last updated: November 2025
Operated by Optione LTD (Company No. 516967197)
Registered Address: P.O Box 7638, Ramat Gan, Israel
Contact: [email protected]
1. General
PrimeKit (“the System”, “we”, “our”) is owned and operated by Optione LTD, Company No. 516967197, headquartered in P.O Box 7638, Ramat Gan, Israel.
This Privacy Policy explains how we collect, process, store, and protect personal data when users interact with the System.
By using PrimeKit, you acknowledge that you have read and agreed to this Privacy Policy.
We may update this Policy periodically to reflect changes in technology, legal requirements, or operational practices. Updates will be communicated through the System’s Announcements module.
2. Information We Collect
2.1 Information Provided Directly by Users
Name, email address, business details
Account setup information
Any information manually entered by the user into the System
2.2 Information Retrieved Through GoHighLevel (GHL)
When installed via the GHL Marketplace, PrimeKit receives a secure access_token authorizing the System to retrieve:
Sub-account details
Contacts
Appointments
Calendars
Users
Agency details
PrimeKit does not access or store any information beyond the permissions granted through GHL.
2.3 Technical Information
IP address
Browser type
Date and time of access
Audit logs documenting actions performed within the System
2.4 Payment Information
We store only:
Last four digits of the payment card
Card brand
Full payment details are not stored. Payment processing is handled solely by external providers (e.g., Stripe, Lemon Squeezy).
3. How We Use the Information
Collected data is used exclusively for:
Operating and maintaining the System
Enabling functionality connected to GHL
Improving reliability, performance, and user experience
Handling technical support and troubleshooting
Preventing misuse and ensuring system security
Fulfilling legal and regulatory obligations
PrimeKit does not sell or share personal data for external marketing purposes.
4. Data Storage & Security
4.1 Hosting
All data is hosted on secure DigitalOcean servers located in the NYC1 Data Center (New York, USA).
Infrastructure is deployed and managed through Laravel Forge.
4.2 Encryption & Secrets Management
All communication between clients and the System is protected by SSL/TLS encryption
Secrets and credentials are securely managed through Laravel Forge
Database content is not fully encrypted at rest, but access is restricted via strict security controls
4.3 Automated Backups
Daily automated server-level backups are enabled on DigitalOcean.
4.4 Access Controls
Access to production data is strictly limited to authorized developers and administrators, using:
Role-Based Access Control (RBAC)
Server-level access restrictions
Logging of all administrative actions
Secure authentication measures
4.5 Audit Logs
PrimeKit maintains:
User-level audit logs, tracking actions performed inside user accounts
System-level audit logs, tracking developer/administrator operations
These logs support security, compliance, and dispute resolution.
5. Data Sharing with Third Parties
PrimeKit shares data only with essential third-party service providers required for system operation:
Stripe / Lemon Squeezy – payment processing
DigitalOcean – hosting
Laravel Forge – server deployment and environment management
Resend – email delivery
Google Analytics – performance analytics (not yet activated)
Some providers may process data in the United States or other jurisdictions.
All processing is governed by each provider’s DPA (Data Processing Agreement) and SCC (Standard Contractual Clauses).
6. Data Retention & Deletion
6.1 Active Accounts
Data is retained for as long as the account remains active.
6.2 Account Deletion
When an account is deleted:
The System applies a soft delete
After 30 days, the data is automatically and permanently deleted
6.3 Data Export
Users may export their account data at any time through the built-in export functionality.
7. User Rights
Users have the right to:
Request a copy of their personal data
Request correction of inaccurate information
Request deletion of their data
Export their data directly from the System
All requests may be sent to:
Responses will be provided within up to 30 days.
8. Age Restrictions
PrimeKit is intended for individuals aged 18 and above.
We do not knowingly collect data from minors.
Any such data discovered will be deleted promptly.
9. International Data Transfers
All data is stored on servers located in the United States (DigitalOcean NYC1).
We take reasonable measures to ensure compliance with applicable Israeli privacy laws and general data protection standards.
10. Security & Incident Response
PrimeKit employs multiple layers of security, including:
Authentication and authorization controls
Firewall and server protections
Automated backups
Audit logging
Secure deployment practices
Incident Response Procedure
In the event of a suspected or confirmed security incident:
Immediate investigation with DigitalOcean and Laravel Forge
Internal assessment
Prompt remediation
Notification to affected users as required by law
11. Developers, Subcontractors & Confidentiality
Only authorized PrimeKit developers and administrators have access to production data.
All personnel are bound by strict confidentiality obligations and internal security policies.
No external subcontractors currently have access to production data.
12. Acceptance of Terms
The System records:
Timestamp of user acceptance
Policy version
Account or tenant identifiers
Users may be required to re-accept updated versions of this Policy.
13. Policy Updates
Updates will be communicated through the PrimeKit Announcements module.
14. Contact
For privacy-related questions or requests, please contact:
Optione LTD
Company No. 516967197
P.O Box 7638, Ramat Gan, Israel
Info
Copyright 2025. PrimeKit. All rights reserved.
Youtube