Blackhawk Digital Marketing logo in black.
Get started

Privacy policy.

Last modified: [May 26, 2026]

Blackhawkdm, LLC (“Blackhawk”, “we”, “us”, or “our”) operates the website at www.blackhawkdm.com (the “Site”) and the Blackhawk AI application accessible at ai.blackhawkdm.com and related subdomains (the “Application”). The Site and the Application are referred to collectively as the “Services”.

This Privacy Policy describes how we collect, use, store, share, and protect personal information when you use the Services, including data we access from third-party platforms — Google, Meta, LinkedIn, and others — on your behalf and with your explicit authorization.

If you do not agree with this policy, do not use the Services.

1. SCOPE

This policy applies to:

  • Information you provide directly when you create an account, sign a Statement of Work, fill out a form, or contact us.
  • Information collected automatically when you use the Site or the Application.
  • Information from third-party platforms (Google Workspace, Google Ads, Google Analytics, Google Search Console, Google Business Profile, Meta Ads, LinkedIn Ads, and others) that you authorize us to access on your behalf via OAuth or equivalent authorization.

It does not apply to data collected by third parties on their own properties, or to information collected through any website or service other than the Services.

2. INFORMATION WE COLLECT

2.1 Information you provide

  • Identifiers: name, email address, phone number, mailing address, job title, company name.
  • Account credentials: hashed passwords (we never store plaintext passwords) and authentication tokens.
  • Billing information processed by our payment processor (we do not store full card numbers on our systems).
  • Content you submit: messages, documents, knowledge-base entries, tasks, comments, and other materials you upload or create in the Application.

2.2 Information collected automatically

  • Device and connection data: IP address, browser type, operating system, device identifiers.
  • Usage data: pages viewed, features used, timestamps, referring URLs.
  • Cookies and similar technologies (see Section 8).
  • Error and diagnostic data captured by our monitoring tools (Sentry, Amplitude).

2.3 Information from authorized third-party platforms

When you connect a third-party account to the Application, we access only the data needed to deliver the features you have enabled, and only with the scopes you grant during authorization. Specifically:

Google Workspace — Gmail. Scopes: gmail.readonly, gmail.modify, gmail.send. We access message metadata, message bodies, attachments, and labels for the mailboxes you connect. We use this data to sync client communications into the helpdesk, draft replies, attach files to deals, and surface relevant emails in AI chat. Only the connected mailbox(es) are read.

Google Workspace — Calendar. Scopes: calendar.readonly, calendar.events. We access the calendar list, event details, and attendees. We use this data to surface upcoming meetings, link meetings to clients and contracts, and suggest scheduling actions.

Google Workspace — Drive. Scopes: drive.readonly, drive.file. We access file metadata and the content of files you select or that the Application creates. We use this data to attach Drive files to tasks and contracts and to generate deliverables.

Google Ads. Scope: adwords. We access campaign, ad group, ad, keyword, conversion, and performance data for the accounts you link. We use this data for reporting, optimization recommendations, and AI-assisted analysis. We do not modify campaigns without explicit user action.

Google Analytics (GA4). Scope: analytics.readonly. We access GA4 property metadata and aggregated report data for website performance reporting.

Google Search Console. Scope: webmasters.readonly. We access the verified site list and search performance data for SEO reporting and recommendations.

Google Business Profile. Scope: business.manage. We access locations, reviews, posts, and insights for reputation management and local SEO reporting.

Meta (Facebook/Instagram) Ads. Scopes: ads_read, ads_management, business_management, pages_read_engagement, pages_show_list. We access ad account, campaign, ad set, ad, and performance data for reporting, optimization, and AI-assisted analysis.

LinkedIn Ads. Scopes: r_ads, r_ads_reporting, r_organization_social. We access ad account and campaign performance data for reporting and optimization.

We do not access platforms you have not connected, and we do not request scopes beyond what is needed for the feature you are using.

3. GOOGLE API SERVICES USER DATA POLICY AND LIMITED USE

Blackhawk AI’s use and transfer to any other application of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. See https://developers.google.com/terms/api-services-user-data-policy.

In particular, with respect to data received from Google Workspace APIs (Gmail, Calendar, Drive):

  1. 1. We use Google user data only to provide or improve user-facing features that are visible and prominent in the Application’s interface.
  2. 2. We do not transfer Google user data to third parties except (a) as necessary to provide or improve user-facing features, (b) for security purposes (e.g., investigating abuse), (c) to comply with applicable law, or (d) as part of a merger, acquisition, or sale of assets with your explicit prior consent.
  3. 3. We do not use Google user data to serve advertisements, and we do not allow humans to read Google user data unless (a) you have given affirmative agreement for specific messages, (b) it is necessary for security purposes such as investigating abuse, (c) it is necessary to comply with applicable law, or (d) the data has been aggregated and anonymized and is used for internal operations.
  4. 4. We do not use Google user data, or data derived from Google user data, to develop, improve, or train generalized artificial intelligence or machine learning models. When the Application uses AI/LLM features to summarize, draft, or analyze content on your behalf, the relevant data is processed only for that specific user-facing request and is not retained by the AI provider for model training. We use providers (Anthropic, OpenAI, Google) under enterprise terms that prohibit training on customer data.

4. HOW WE USE YOUR INFORMATION

We use the information we collect to:

  • Provide, operate, maintain, and improve the Services.
  • Authenticate you and secure your account.
  • Sync, organize, and surface data from the third-party platforms you connect.
  • Generate AI-assisted insights, drafts, and recommendations in response to your in-Application requests.
  • Communicate with you about the Services, including security alerts, billing, and support.
  • Detect, investigate, and prevent fraud, abuse, and security incidents.
  • Comply with legal obligations.
  • With your consent, send you marketing communications about Blackhawk products (you can opt out at any time).

We do not sell personal information. We do not use Google user data for advertising. We do not use Google user data to train AI/ML models.

5. HOW WE SHARE YOUR INFORMATION

We share personal information only as described below:

Service providers and sub-processors. We use third parties to host infrastructure, process payments, send transactional email, monitor errors, and provide AI inference. Each is bound by a contract that limits use of personal information to providing services to Blackhawk. Current categories include cloud hosting (Google Cloud, Supabase), error monitoring (Sentry), product analytics (Amplitude), payment processing (our processor of record), and AI inference (Anthropic, OpenAI, Google) under enterprise terms with no-training commitments.

At your direction. When you ask the Application to send an email, create a calendar event, post to a connected platform, or otherwise transmit data to a third party, we share what is needed to complete that action.

Legal and safety. We may disclose information if required by law, subpoena, or court order, or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Blackhawk, our customers, or the public.

Business transfers. If Blackhawk is involved in a merger, acquisition, or asset sale, personal information may be transferred. We will provide notice before personal information is transferred and becomes subject to a different privacy policy, and Google user data will be transferred only with your explicit prior consent.

We do not sell or rent personal information. We do not share Google user data with third parties for advertising, retargeting, behavioral profiling, or any purpose prohibited by the Google API Services User Data Policy.

6. DATA RETENTION

We retain personal information for as long as needed to provide the Services, including features that depend on historical data (such as long-term performance reporting, trend analysis, and AI-assisted analysis of past communications and campaigns), and to comply with our legal obligations.

  • Account data is retained for the life of your account.
  • Data synced from connected platforms (e.g., Gmail messages, Google Ads performance data, GA4 reports) is retained for the life of your account so that historical reporting and AI-assisted analysis remain available, including after a particular platform connection is disconnected and reconnected. If you ask us to delete it, or you close your account, we will delete it (see Section 9).
  • Logs and diagnostic data are retained for up to 90 days.
  • Backups follow our standard backup retention schedule and are overwritten on rolling cycles.

You may request deletion of your personal information at any time (see Section 9).

7. SECURITY

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. These include encryption in transit (TLS) and at rest, role-based access controls, multi-tenant database isolation via row-level security, audit logging, and regular security reviews. No system is perfectly secure, and we cannot guarantee absolute security.

8. COOKIES AND SIMILAR TECHNOLOGIES

We use cookies and similar technologies to keep you signed in, remember your preferences, measure how the Services are used, and detect abuse. You can configure your browser to refuse cookies, but parts of the Services may not function properly without them.

We use first-party analytics for usage measurement. We do not use cookies in connection with Google user data for any advertising purpose.

9. YOUR RIGHTS AND CHOICES

Regardless of where you live, you may:

  • Access or correct your personal information by contacting us at privacy@blackhawkdm.com or through the Application’s settings.
  • Delete your personal information by emailing privacy@blackhawkdm.com. We will delete account data within 30 days, subject to legal retention requirements.
  • Disconnect a third-party account at any time from the Application’s connection settings. You can also revoke Blackhawk’s access from the third party directly:
    • Google: https://myaccount.google.com/permissions
    • Meta: https://www.facebook.com/settings?tab=business_tools
    • LinkedIn: https://www.linkedin.com/psettings/permitted-services

Revoking access stops further data collection from that platform. Data previously synced is retained so that historical reporting in the Application continues to work; if you also want that historical data deleted, email privacy@blackhawkdm.com.

Opt out of marketing email using the unsubscribe link in any marketing message, or by emailing hello@blackhawkdm.com.

If you are in the European Economic Area, the United Kingdom, or another jurisdiction with comparable privacy laws, you also have the rights to data portability, restriction, and objection, and the right to lodge a complaint with your supervisory authority.

If you are a California resident, you have the rights described under the California Consumer Privacy Act (CCPA) as amended by the CPRA, including the right to know, the right to delete, the right to correct, and the right to opt out of “sale” or “sharing” of personal information. We do not sell or share personal information as those terms are defined under the CCPA.

10. CHILDREN

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us at privacy@blackhawkdm.com and we will delete it.

11. INTERNATIONAL TRANSFERS

The Services are operated in the United States. If you access them from outside the United States, your information will be transferred to, stored, and processed in the United States. By using the Services you consent to this transfer.

12. CHANGES TO THIS POLICY

We may update this policy from time to time. When we make material changes, we will update the “Last updated” date at the top and, where required, notify you through the Application or by email. Continued use of the Services after a change indicates acceptance of the updated policy.

13. CONTACT US

For questions, requests, or complaints about this policy or our privacy practices:

 

Blackhawk logo in white.
Get started
Let's get started

Ready for world-class, localized marketing?

By submitting this form, you are authorizing Blackhawk to reach out to you via phone, email, or text to talk about your marketing needs, which you can opt out of at any time. Consent is not a condition of purchase. Message/data rates apply. View our Terms and Conditions and Privacy Policy.

or give us a call    (512) 736-0127