PRIVACY POLICY

Last updated: August 7, 2025

1. Scope

This Privacy Policy explains how Hardware Breakout LLC, doing business as “Conn Castle Studios” (“Company,” “we,” “us”) collects, uses, and protects the personal information of U.S. consumers who subscribe to Morning Boop. It reflects the New York SHIELD Act’s “reasonable safeguards” requirement and the rights afforded under the California Consumer Privacy Act/California Privacy Rights Act (CCPA/CPRA).

2. Information We Collect

• Identifiers: Name, email, phone, timezone, IP address, Stripe/Lemon Squeezy customer ID. Source: Directly from you and from Stripe/Lemon Squeezy. Purpose: Account set-up, billing, authentication.
• Commercial Data: Subscription tier, transaction history. Source: Payment processors. Purpose: Fulfil subscription, analytics.
• Internet/Device: Browser and device metadata, log timestamps. Source: Automatically via cookies & server logs. Purpose: Debugging, security.
• SMS Interaction: Opt-in status, keyword replies (STOP, STOPALL, UNSUBSCRIBE, CANCEL, END, QUIT, START, UNSTOP, HELP, INFO, ACCOUNT, SETTINGS). Source: Automatically via SignalWire or similar services. Purpose: Delivery of product, compliance, customer support.

We do not knowingly collect age, gender, or geolocation, nor do we process sensitive categories like health or biometric data.

3. How We Use Information

• Deliver daily Boops via SignalWire SMS gateway (or similar).
• Process payments and renewals through Stripe or Lemon Squeezy.
• Detect, investigate, and prevent fraud or abuse.
• Send service or administrative notices (e.g., upcoming renewals).
• Comply with legal obligations such as FCC record-keeping rules for consent.

4. Sharing & Disclosure

We disclose data only to:

• Service Providers – SignalWire (SMS delivery), Stripe & Lemon Squeezy (billing), Supabase & AWS (hosting and storage), and similar services. These providers are established companies that commit to protecting customer data and following applicable privacy and security laws in their own Terms of Service and Privacy Policies.
• Legal Authorities if compelled by subpoena, court order, or other lawful process.

We do not sell, rent, or share your mobile phone number, SMS consent status, or other mobile-related information with any third party for their own marketing or promotional purposes.

We do not currently “sell” or “share” your personal information for cross-context behavioral advertising within the meaning of the California Consumer Privacy Act (CCPA/CPRA). If we begin selling or sharing your personal information, we will provide appropriate notice and offer you the right to opt out, as required by law.

We may use third-party analytics and advertising partners (such as Google Analytics, Meta Pixel, or similar services) that collect data about your use of our website. These partners may use cookies, pixels, or other tracking technologies to collect information about your browsing activity for analytics, personalization, and advertising purposes; they do not receive your mobile phone number or SMS consent status from us.

5. SMS Opt-Out & Marketing Choices

You may opt out of texts at any time by replying STOP, STOPALL, UNSUBSCRIBE, CANCEL, END, or QUIT; we honor the request immediately, as required by FCC rules.
For email marketing, click the unsubscribe link in any message or email us at hello@morningboop.com.
Please note: Even if you unsubscribe from marketing texts or emails, we may still contact you with important information about your account or order, such as purchase receipts, renewal notices, or required legal updates.

6. Security

We implement physical, technical, and administrative safeguards—including TLS encryption in transit, hashed API secrets, and role-based access controls—to satisfy the SHIELD Act’s mandate for “reasonable” protection of private information.

7. Data Retention

Identifiers, consent logs, and message records are currently retained for as long as necessary to comply with legal requirements, demonstrate TCPA compliance, and resolve account inquiries. There is no statutory maximum retention period for such records under U.S. law, but we review our holdings as needed and may update our retention practices as business or legal needs change. While we strive to safeguard your data, we cannot guarantee against accidental loss or unauthorized access due to unforeseen events or technical failures.

8. Your U.S. State Privacy Rights

• California Residents may request access, deletion, or correction of personal data, or opt out of any future sale/share, by emailing hello@morningboop.com or submitting the web form on morningboop.com/contact.
• We will verify requests using email and respond within 45 days, extendable by another 45 days when reasonably necessary, as permitted by the CCPA.

9. Children’s Privacy

Morning Boop is marketed only to adults. We do not intentionally collect data from anyone under 13; if you believe a child has subscribed, please contact us so we can delete the information, consistent with COPPA.

10. Do-Not-Track & Cookies

Our site may use cookies for analytics and advertising purposes. We do not currently respond to browser Do-Not-Track signals, but you can manage cookie preferences through your browser settings or through our opt-out page at morningboop.com/privacy-choices.

11. Changes

We will post any material changes to this Policy at least 30 days before they take effect and update the “Last updated” date above.

12. Contact

Hardware Breakout LLC
3 Cressier Ct., Fairport NY 14450
Email: hello@morningboop.com