Privacy Policy

1. Who We Are

This Privacy Policy covers the family of brands operated by D2D Experts and its affiliated entities, including:

• OwnersOS (ownersos.com)
• D2D Experts (thed2dexperts.com)
• D2DU / D2D University (d2du.com)
• D2DCon (d2dcon.com)
• Recruitomatic (recruitomatic.co)
• Sam Taggart personal brand properties (thesamtaggart.com)

When we say "we," "us," "our," or "the Company" in this document, we mean D2D Experts and these affiliated brands collectively. Our principal place of business is 9305 S 700 E, Sandy, UT 84070, United States.

2. Scope of This Policy

This Privacy Policy applies to information we collect through:

• Our websites listed above and any subdomains or landing pages we operate
• Our mobile applications, including The OwnersOS App
• Our email and SMS communications
• Our online courses, certifications, community platforms, and learning management systems
• Our coaching calls, masterminds, and live events (D2DCon, Business Bootcamp, Sales Bootcamp, Golden Door Sales Summit, and similar)
• Forms, applications, and surveys you submit
• Phone calls, video calls, and recorded sales conversations with our team
• Interactions with our advertising on Meta, Google, YouTube, TikTok, and other platforms

This policy does not apply to third-party websites, services, or applications that we link to but do not control.

3. Information We Collect

We collect information in several ways depending on how you interact with us.

3.1 Information You Give Us Directly

• Identity information: your name, business name, role or title, and the industry you work in
• Contact information: email address, phone number, mailing address, and shipping address
• Business information: annual revenue range, team size, average ticket, market region, and growth goals (collected on Strategy Call applications and program enrollment forms)
• Account credentials: usernames and passwords for course platforms, communities, and member portals
• Payment information: credit card details, billing address, and tax information (processed through PCI-compliant payment processors like Stripe and Authorize.net; we do not store full card numbers on our own servers)
• Communications: messages you send us via email, SMS, chat, contact forms, community platforms, or social media
• Content you submit: questions, comments, posts inside our communities, survey responses, and feedback shared during coaching sessions
• Event registration data: dietary restrictions, accessibility needs, and emergency contact information for in-person events
• Recorded calls and video: with your notice and consent (or as required by applicable law), we may record Strategy Calls, coaching sessions, and webinars for quality, training, and follow-up purposes

3.2 Information We Collect Automatically

• Device and browser data: IP address, browser type and version, device type, operating system, screen resolution, and language settings
• Usage data: pages visited, time on page, links clicked, scroll depth, referral source, and exit pages
• Cookies, pixels, and similar technologies (see Section 7 below for details)
• Email engagement: whether you opened an email, which links you clicked, and how long the email was open (collected via tracking pixels in marketing emails)
• Course and community engagement: which modules you complete, which videos you watch, time spent in lessons, and your activity inside Disco, GoHighLevel-hosted communities, and other learning platforms

3.3 Information We Get From Third Parties

• Advertising attribution data from Meta Ads, Google Ads, YouTube, TikTok, and other platforms (we use Hyros as our primary attribution platform)
• Analytics data from Google Analytics (GA4), Hyros, Meta Pixel, and similar tools
• Verification and enrichment data from services that confirm business contact information and improve data accuracy
• Referral data from affiliates, partners, and joint venture partners who refer you to us
• Social media data when you interact with our content on Instagram, YouTube, Facebook, LinkedIn, TikTok, or similar platforms

4. How We Use Your Information

We use your information for the following purposes:

• To deliver the products, courses, certifications, events, coaching, and services you purchased or signed up for
• To process payments, manage subscriptions, prevent fraud, and handle refunds and chargebacks
• To send transactional communications (purchase confirmations, course access, event reminders, billing notices, password resets)
• To send marketing communications via email and SMS about our products, programs, events, and offers (you can opt out anytime)
• To personalize your experience across our websites, programs, and communities
• To respond to your inquiries, support requests, and feedback
• To improve our products, content, websites, and customer service
• To run, measure, and optimize advertising campaigns across Meta, Google, YouTube, TikTok, and other platforms
• To detect, prevent, and address technical issues, security incidents, fraud, and abuse
• To comply with legal obligations, respond to subpoenas, and protect our legal rights and the rights of others
• For internal business purposes including analytics, reporting, accounting, audits, and corporate governance

5. Legal Basis for Processing (GDPR / Applicable Laws)

If you are located in the European Economic Area, United Kingdom, or another jurisdiction with similar privacy laws, we process your personal information under one or more of the following legal bases:

• Contract: processing is necessary to deliver the products or services you purchased
• Consent: you have given clear consent for us to process your data for a specific purpose (such as receiving marketing emails)
• Legitimate interests: processing is necessary for our legitimate business interests, like improving our services, preventing fraud, and marketing to existing customers, balanced against your rights and interests
• Legal obligation: processing is necessary to comply with the law

6. How We Share Your Information

We do not sell your personal information. We share it only in the following circumstances:

6.1 With Service Providers

We share information with vendors and service providers who help us run our business. They are contractually required to protect your data and use it only for the purposes we authorize. Categories of service providers include:

• Payment processing: Stripe, Authorize.net, and similar PCI-compliant processors
• CRM, email, and SMS platforms: GoHighLevel (GHL) is our primary CRM and marketing automation platform
• Course delivery and community platforms: Disco (d2duniversity.disco.co), D2DU learning systems, and similar
• Analytics and attribution: Hyros, Google Analytics (GA4), Google Search Console
• Advertising platforms: Meta Ads, Google Ads, YouTube, TikTok (for ad delivery and conversion tracking; we share hashed identifiers, not raw personal data)
• Event registration and ticketing: platforms used for D2DCon, Business Bootcamp, Sales Bootcamp, and similar events
• Communication tools: Slack, Zoom, Google Workspace, and similar productivity platforms
• Customer support and help desk: tools that allow our team to respond to your inquiries
• Data storage and cloud hosting: Amazon Web Services, Google Cloud, and similar providers
• Reporting and analytics dashboards: Supabase, Lovable, and other internal reporting tools

6.2 With Partner Brands

We share information across our family of brands (OwnersOS, D2D Experts, D2DU, D2DCon, Recruitomatic, Sam Taggart) so we can serve you across the full platform. For example, if you opt in to the Business Playbook on ownersos.com, we may invite you to relevant events at D2DCon or training programs at D2DU.

6.3 For Legal Reasons

• To comply with applicable laws, regulations, court orders, subpoenas, or other legal process
• To respond to lawful requests by public authorities (including national security or law enforcement)
• To protect our rights, property, or safety, or that of our users or others
• To investigate and prevent fraud, security issues, or violations of our Terms of Service

6.4 Business Transfers

If D2D Experts or any of our affiliated brands is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you (typically via email or website notice) before your information becomes subject to a different privacy policy.

6.5 With Your Consent

We share your information for any other purpose disclosed at the time of collection with your explicit consent.

6.6 Aggregated and De-Identified Data

We may share aggregated or de-identified information (information that cannot reasonably identify you) with third parties for any purpose, including industry research, benchmarking, and marketing.

7. Cookies and Similar Tracking Technologies

We and our service providers use cookies, pixels, web beacons, local storage, and similar technologies to recognize you across sessions, remember your preferences, measure ad performance, analyze how our sites are used, and personalize your experience.

7.1 Categories of Cookies We Use

• Strictly necessary cookies required for the site to function (e.g., session cookies, login authentication, shopping cart)
• Functionality cookies that remember your preferences (e.g., language, region, accessibility settings)
• Analytics cookies from Google Analytics (GA4), Hyros, and similar tools that help us understand site usage
• Advertising cookies from Meta Pixel, Google Ads, YouTube, TikTok Pixel, and similar platforms used for retargeting, attribution, and ad personalization

7.2 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can typically refuse all cookies, accept only first-party cookies, or be notified before a cookie is placed. Be aware that disabling cookies may limit some functionality of our websites (you may not be able to log in, complete purchases, or access certain features).

7.3 Do Not Track Signals

Most browsers offer a "Do Not Track" (DNT) signal. Because there is no industry standard for how to respond to DNT signals, our websites do not currently respond to them. We honor opt-out preferences through cookie banners, account settings, and direct requests to [email protected].

8. SMS and Text Messaging (TCPA Compliance)

By providing your phone number on our forms, opt-ins, or applications, you expressly consent to receive both marketing and transactional SMS messages from D2D Experts and our affiliated brands at the number provided, including messages sent using an automated system or autodialer.

Consent is not a condition of purchase. Message and data rates may apply. Message frequency varies based on your account activity and the programs you participate in.

• To opt out of marketing texts, reply STOP to any message
• To get help, reply HELP or email [email protected]
• Standard message and data rates from your carrier may apply
• Carriers are not liable for delayed or undelivered messages

9. Your Privacy Rights and Choices

Depending on where you live, you have certain rights regarding your personal information. We honor these rights for all users regardless of location, to the extent practicable.

9.1 General Rights

• Right of access: request a copy of the personal information we have about you
• Right to correction: ask us to fix inaccurate or incomplete information
• Right to deletion: ask us to delete your personal information, subject to legal retention requirements
• Right to restrict or object: ask us to limit how we use your information in certain circumstances
• Right to data portability: receive your information in a structured, commonly used, machine-readable format
• Right to withdraw consent: where we rely on your consent, you can withdraw it at any time
• Right to opt out of marketing: unsubscribe from emails or reply STOP to texts at any time

9.2 California Privacy Rights (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act ("CCPA") as amended by the California Privacy Rights Act ("CPRA") gives you additional rights:

• The right to know what categories of personal information we collect, the sources, the purposes, and the categories of third parties with whom we share it
• The right to delete personal information we have collected (subject to exceptions)
• The right to correct inaccurate personal information
• The right to opt out of the "sale" or "sharing" of your personal information (we do not sell personal information, but California defines "sharing" broadly to include cross-context behavioral advertising; you can opt out by emailing us)
• The right to limit the use of sensitive personal information
• The right to non-discrimination for exercising your rights

To submit a CCPA/CPRA request, email [email protected] with "California Privacy Request" in the subject line. We will verify your identity before processing your request.

9.3 European Privacy Rights (GDPR)

If you are in the European Economic Area or United Kingdom, you have additional rights under the General Data Protection Regulation, including the rights described in Section 9.1, plus:

• The right to lodge a complaint with your local data protection authority
• The right to object to processing based on legitimate interests, including for direct marketing purposes
• The right not to be subject to automated decision-making that produces legal or similarly significant effects

9.4 How to Exercise Your Rights

To exercise any of these rights, email [email protected] with the subject "Privacy Request" and tell us which right you want to exercise. We will respond within the timeframes required by applicable law (generally 30-45 days, depending on jurisdiction). We may need to verify your identity before processing your request. There is no fee unless your request is excessive or repetitive.

10. Data Retention

We keep your personal information for as long as needed to deliver our products and services, fulfill the purposes outlined in this Privacy Policy, comply with legal obligations (including tax, accounting, and consumer protection laws), resolve disputes, and enforce our agreements.

Specific retention periods vary by data type:

• Customer account data: retained for the life of your account plus 7 years after closure for accounting and tax compliance
• Payment records: retained for 7 years per IRS and accounting requirements
• Marketing data: retained until you unsubscribe or request deletion
• Course completion and certification data: retained indefinitely to verify your credentials
• Recorded calls and webinars: retained for up to 3 years unless deleted earlier upon request

When information is no longer needed, we securely delete or anonymize it.

11. Data Security

We take reasonable, industry-appropriate steps to protect your information from unauthorized access, disclosure, alteration, and destruction. Our security measures include:

• Encryption of data in transit using TLS/SSL
• Encryption of sensitive data at rest where applicable
• Access controls limiting employee and contractor access to personal data on a need-to-know basis
• Use of PCI-DSS compliant payment processors for all credit card transactions
• Regular security reviews of our systems, vendors, and processes
• Multi-factor authentication on internal admin accounts

No system is 100% secure. While we work hard to protect your data, we cannot guarantee absolute security. You are also responsible for protecting your account credentials and not sharing them with others.

12. Data Breach Notification

In the unlikely event of a data breach involving your personal information, we will notify you and applicable regulators as required by law. Notification will include the nature of the breach, the categories of information affected, the steps we are taking to mitigate harm, and what you can do to protect yourself.

13. Children's Privacy (COPPA)

Our products and services are intended for adults (18 and older) running or working in home service businesses. We do not knowingly collect personal information from anyone under 13, and we do not knowingly market to children under 18. If we learn we have collected personal information from a child under 13 without verifiable parental consent, we will delete it promptly. If you believe we have collected information from a minor, contact us at [email protected].

14. International Data Transfers

We are based in the United States. If you access our websites or use our services from outside the U.S., your information will be transferred to, stored in, and processed in the U.S. and other countries where our service providers operate. These countries may have data protection laws that differ from those in your country of residence.

By using our services, you consent to this transfer. Where required by applicable law, we rely on appropriate safeguards (such as Standard Contractual Clauses) for international data transfers.

15. Third-Party Links and Services

Our websites and content may link to third-party sites, platforms, and services (such as social media, partner companies, software tools, and external resources). We are not responsible for the privacy practices of those third parties. We encourage you to read the privacy policies of any third-party site you visit.

16. Marketing Communications and Unsubscribing

By providing your email address or phone number, you agree to receive marketing communications from us. You can opt out of marketing communications at any time:

• Email: click the "unsubscribe" link at the bottom of any marketing email
• SMS: reply STOP to any text message
• All channels: email [email protected] and request to be removed from marketing lists

Opting out of marketing does not affect transactional communications (purchase confirmations, account notices, course access, event reminders, and other operational messages).

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we update it, we will post the new version on this page with a revised "Last updated" date at the top. Material changes will be communicated through email or a prominent notice on our websites. Continued use of our services after changes are posted means you accept the updated policy.