Privacy Policy

Brevaro LLC is an AI automation and digital strategy firm headquartered in Colorado Springs, Colorado. We design and implement AI-powered systems for professional service organizations including healthcare, dental practices, civic agencies, membership organizations, and summer camps.

Business address: P.O. Box 149, Colorado Springs, CO 80901, United States
Contact: brevaro.com/contact

We collect information in two ways: information you provide directly, and information collected automatically.

We do not collect sensitive personal data such as Social Security numbers, payment card numbers, health records, or biometric data through this website.

We use the information we collect to:

• Respond to your inquiries, schedule consultations, and communicate with you about our services.
• Deliver and improve the Site and our services.
• Analyze site traffic and usage patterns to better understand how visitors use the Site.
• Authenticate users and protect the security of our internal portal.
• Comply with legal obligations and enforce our terms.
• Send service-related communications (not marketing emails without your consent).

We do not sell your personal information to third parties. We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects.

We use cookies and similar technologies (such as browser local storage) on the Site. When you first visit, we ask for your consent via our cookie banner. You may accept or deny non-essential cookies at any time.

You can withdraw your consent at any time by clearing your browser’s local storage or cookies. Most browsers also allow you to block or delete cookies through their settings. Note that disabling strictly necessary cookies may affect your ability to use certain features of the Site.

We use a limited number of trusted third-party services to operate the Site:

• Supabase, provides our authentication and database infrastructure. User account data (name, email, role) is stored securely in Supabase’s platform. Supabase is SOC 2 Type II certified. Supabase Privacy Policy.
• Vercel, hosts and serves the Site. Vercel may collect basic access logs as part of standard web hosting operations. Vercel Privacy Policy.
• GoHighLevel (GHL), our CRM and marketing automation platform. Contact inquiries and form submissions are routed to GHL for follow-up and relationship management. GHL processes data in accordance with their privacy policy. GoHighLevel Privacy Policy.
• Resend, our transactional email delivery service. When you submit a form or receive a report, Resend processes the email on our behalf. Resend does not use your email address for independent marketing purposes. Resend Privacy Policy.
• Google Maps, we may use Google Maps functionality for location display. Google may collect usage data pursuant to their privacy policy. Google Privacy Policy.
• Analytics providers, we may use web analytics tools to understand aggregate site usage. Any such tools are used in a privacy-respecting manner and do not create individual profiles without consent.

We do not permit any third party to use your personal data for their own independent marketing or advertising purposes.

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

• Service providers, trusted vendors who process data on our behalf (e.g., hosting, authentication) under strict confidentiality agreements.
• Legal requirements, if required by law, court order, or government regulation, or to protect the rights, property, or safety of Brevaro, our users, or the public.
• Business transfers, if Brevaro is involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.

We retain your personal information for as long as necessary to fulfill the purposes described in this policy, or as required by law. Specifically:

• Account data, retained for the duration of the account and deleted upon request or account closure.
• Contact form submissions, retained for up to 2 years to support follow-up communications and service history, then deleted or anonymized.
• Diagnostic and assessment results (AI Readiness Compass, Revenue Diagnostic), retained for up to 2 years to enable follow-up consultation, then deleted or anonymized.
• NDA and signed agreement records, retained for 7 years to satisfy legal and business record-keeping obligations.
• Cookie consent records, stored in your browser’s local storage and controlled entirely by you.

When data is no longer needed, we delete or anonymize it securely.

Depending on your location, you may have certain rights regarding your personal information. We honor these rights regardless of where you are located.

• Right to access, request a copy of the personal information we hold about you.
• Right to correction, request that we correct inaccurate or incomplete information.
• Right to deletion, request that we delete your personal information, subject to any legal retention obligations.
• Right to restrict processing, request that we limit how we use your data in certain circumstances.
• Right to data portability, request your data in a structured, machine-readable format.
• Right to object, object to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent, withdraw any consent you have given at any time, without affecting the lawfulness of prior processing.

California residents (CCPA/CPRA): You have the right to know what personal information we collect, the right to delete it, the right to correct inaccurate information, the right to opt out of its sale or sharing (we do not sell or share personal information), and the right to non-discrimination for exercising these rights.

Colorado residents (Colorado Privacy Act): As a Colorado business, we extend CPA rights to all Colorado residents. You have the right to access, correct, delete, and obtain a portable copy of your personal data. You have the right to opt out of the processing of your personal data for targeted advertising, sale, or profiling in furtherance of decisions that produce legal or similarly significant effects. We do not engage in these activities. To appeal a decision regarding your rights request, contact us using the information in Section 12.

To exercise any of these rights, please use our contact form. We will respond within 30 days.

We do not knowingly collect personal information from minors under the age of 16 through our Service, although certain third-party websites that we link to may do so. These third-party websites have their own terms of use and privacy policies, and we encourage parents and legal guardians to monitor their children’s internet usage and instruct their children to never provide information on other websites without their permission.

We do not sell the personal information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt in to the sale of personal information may opt out of future sales at any time.

If you have reason to believe that a child under the age of 16 has provided us with personal information, please contact us with sufficient detail to enable us to delete that information.

We implement industry-standard technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encrypted data transmission (HTTPS), secure authentication, and access controls limited to authorized personnel.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. If you believe your information has been compromised, please contact us immediately.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the “Last Updated” date at the top of this page.

We encourage you to review this policy periodically. Your continued use of the Site after any changes constitutes your acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us:

We aim to respond to all privacy-related inquiries within 30 business days.