Best Version Media Back Office — Privacy Policy

Last updated: May 21, 2026

This Privacy Policy describes how Best Version Media, LLC ("BVM," "we," "us," or "our") collects, uses, shares, retains, and safeguards information when you use the Best Version Media Back Office application (the "Application"). The Application is an internal customer-relationship-management and operations tool used by BVM employees, publishers, sales representatives, and authorized contractors to manage client relationships, publications, billing, scheduling, and related business workflows.

This Privacy Policy applies only to the Application. For information about how BVM handles personal information collected through our public-facing websites and publications, see our general Privacy Policy.

Categories of Information We Collect

In connection with your use of the Application, we collect:

• Account & Identifier Information — your full name, email address, telephone number, employee or representative identifier, business mailing address, and login credentials.
• Authentication Data — information used to authenticate you to the Application, including (where you choose to sign in with Google) OAuth refresh and access tokens issued by Google, the email address associated with your Google account, and timestamps of your authentication events.
• Commercial & Operational Information — records of transactions, contracts, invoices, advertising orders, production assets, communications, scheduling entries, and other business records that you create, modify, or access while using the Application on behalf of BVM.
• Communications Data — metadata (recipient, subject, timestamp, status) of emails, text messages, and other communications that you originate through the Application, including emails sent on your behalf through Google's Gmail API.
• Application Activity — pages visited, actions taken, browser type and version, operating system, device identifier, IP address, approximate geolocation derived from IP address, and timestamps of access. We use this information for security, auditing, and troubleshooting purposes.

How We Use Your Information

We use the information described above to:

• create and maintain your Application account;
• authenticate you and protect the Application against unauthorized access;
• provide the features you request, including sending emails on your behalf through your connected Google account;
• maintain records of business activity conducted through the Application;
• respond to support requests and communicate with you about the Application;
• monitor, troubleshoot, secure, and improve the Application;
• detect, investigate, and prevent fraud, abuse, or violations of our terms or applicable law; and
• comply with applicable legal, regulatory, tax, accounting, and reporting requirements.

Google API Services User Data — Limited Use Disclosure

The Application uses Google API Services to provide features such as sending email on your behalf through your connected Gmail account. BVM's use and transfer to any other application of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• Use is limited to providing or improving user-facing features. We only access, use, and store data obtained through Google APIs (collectively, "Google user data") for the purpose of providing the features you have explicitly authorized in the Application — for example, sending an email from your connected Gmail account when you take an action in the Application that requests an email be sent on your behalf. We do not use Google user data for any other purpose.
• No advertising. We do not use Google user data to serve advertisements, including remarketing, personalized, or interest-based advertising.
• No training of generalized AI or machine-learning models. We do not use Google user data to develop, improve, or train generalized or non-personalized artificial-intelligence or machine-learning models. Any AI or machine-learning processing of Google user data, if performed at all, is limited to features that are visible and active in the authenticated user's own Application session.
• No human access except in narrow circumstances. We do not allow humans to read Google user data unless:
  1. we have obtained your affirmative, opt-in consent for specific messages or data;
  2. it is necessary for security purposes, such as investigating abuse or a security incident;
  3. it is necessary to comply with applicable law; or
  4. the data has been aggregated and anonymized and is used solely for internal operations in accordance with applicable privacy and other laws.
• Transfers are restricted. We do not transfer Google user data to third parties except:
  1. as necessary to provide or improve user-facing features that are prominent in the Application's user interface (for example, transmitting an outgoing message through Google's own Gmail API so that it can be delivered);
  2. to comply with applicable law or as part of a valid legal process;
  3. as part of a merger, acquisition, or sale of assets, in which case we will provide notice before Google user data becomes subject to a different privacy policy; or
  4. with your explicit consent, for an external-facing feature you have authorized.
• No sale of Google user data. We do not, and will not, sell Google user data.

Google API Scopes We Request

Data Storage and Retention

We store OAuth refresh and access tokens issued by Google to maintain your authorized connection. We store metadata about messages sent through the Application — including recipient, subject, timestamp, and delivery status — for audit and support purposes. We do not store the body content of outgoing email messages after delivery, except where retention is required to provide a feature you have explicitly enabled (for example, sent-mail history within the Application).

How to Revoke Access

You may revoke our access to your Google account at any time by visiting your Google Account permissions page and removing the Application. Revocation will take effect immediately and will stop our ability to access Google user data on your behalf. You may also disconnect Google sign-in from within the Application's account settings.

How We Share Information

We share information described in this Policy only as follows:

• BVM personnel with a legitimate business need to know, for the purposes of operating, supporting, securing, and improving the Application.
• Service providers who process information on our behalf under written contracts that require them to maintain the confidentiality and security of the information, including cloud hosting providers, identity and authentication providers (including Google), database and analytics providers, payment processors, and communications providers.
• Government and law enforcement where we believe in good faith that disclosure is required by applicable law, legal process, or regulation, or is necessary to protect the rights, property, or safety of BVM, our users, or others.
• Professional advisors such as attorneys, accountants, and auditors, in the course of receiving advice or services.
• Successors in interest in connection with a merger, acquisition, sale of assets, dissolution, bankruptcy, or similar corporate transaction. Google user data is transferred in such a transaction only in compliance with the Google API Services User Data Policy.

We do not sell personal information collected through the Application, and we do not share it for cross-context behavioral advertising.

How Long We Keep Your Information

We retain personal information only for as long as we have a legitimate business purpose or legal obligation to do so. Account records are typically retained for the duration of your relationship with BVM and for a reasonable period thereafter to satisfy audit, tax, accounting, legal, and dispute-resolution requirements. Authentication tokens are retained while your Google account remains connected and are deleted upon revocation or disconnection.

Cookies and Application Activity

The Application uses cookies and similar technologies to keep you signed in, maintain your session, remember your preferences within the Application, protect against cross-site request forgery and other security threats, and analyze usage of the Application for troubleshooting and improvement. The Application does not use third-party advertising cookies or trackers.

Security

We maintain administrative, technical, and physical safeguards designed to protect information collected through the Application against unauthorized access, disclosure, alteration, and destruction. Access to the Application requires authentication, and access to Google user data is restricted to authorized features within an authenticated user's own session.

Your Choices

• Update your information. You may update your account profile from within the Application or by contacting us using the information in the "Contact Us" section below.
• Disconnect Google sign-in. You may revoke our access to your Google account at any time as described above.
• Close your account. If you would like to close your Application account, please contact your BVM administrator or contact us using the information below.

Children

The Application is intended for use by adults in the course of business. It is not directed to, and we do not knowingly collect personal information from, children under the age of 13. If we learn that we have collected personal information from a child under 13 without verified parental consent, we will delete that information.

Third-Party Websites

The Application may contain links to websites and services operated by third parties. We are not responsible for the privacy practices of third-party websites and services. Please review the privacy policies of any third-party website or service you visit.

Your California Privacy Rights

This section applies only to California residents. Capitalized terms used in this section have the meanings given to them by the California Consumer Privacy Act, as amended by the California Privacy Rights Act (together, the "CCPA"). In the event of a conflict between this section and the remainder of this Policy, this section takes precedence for California residents.

Subject to verification of your identity and to exceptions permitted by applicable law, California residents have the right to:

• Know the categories of personal information we have collected about you, the sources of that information, the business or commercial purposes for collecting it, the categories of third parties with whom we have shared it, and the specific pieces of personal information we have collected about you;
• Delete personal information we have collected from you, subject to exceptions permitted by applicable law;
• Correct inaccurate personal information we maintain about you;
• Receive a copy of personal information you have previously provided to us, in a portable and, to the extent technically feasible, readily usable format;
• Opt out of sale or sharing of personal information. We do not sell personal information collected through the Application, and we do not share it for cross-context behavioral advertising; and
• Non-discrimination — you have the right not to receive discriminatory treatment for exercising any of these rights.

To exercise these rights, contact us using the information in the "Contact Us" section below. We will respond within the timeframe required by applicable law. Only you, or a person authorized to act on your behalf, may make a verifiable consumer request related to your personal information.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of the Policy. If we make a material change in how we handle Google user data, we will request renewed consent where required by the Google API Services User Data Policy.

Contact Us

If you have questions or concerns about this Privacy Policy or our handling of information collected through the Application, contact us at: