top of page

Data Transparency

​These services collect indirect but personally identifying metadata (IP, location, behavior patterns).

​

We carefully evaluate all providers based on their security certifications, privacy policies, and compliance with global regulations. We aim to minimize data access and store only what is necessary to provide a smooth, secure experience.

​

Providers listed here may change over time as we improve our tools and services. We will update this table accordingly to maintain transparency.

​

Updated: April 29, 2025

Third-Party Service Providers & Data Handling Summary

Provider

Purpose

Data Accessed

Security Measures / Compliance

Used for AI?

Airtable

Backend data management and storage

Form submissions, email addresses, user selections

​SOC 2, GDPR, CCPA compliant

No

ChromaDB

Stores vector embeddings of internal documents to enable AI-powered semantic search and Q&A

Text chunks of curated internal documents (no direct user-submitted data)

Currently stored locally with restricted access; planned migration to encrypted, access-controlled cloud hosting; no PII stored

Yes

Google Analytics / GA4

Website traffic monitoring and behavior analysis

IP address, device info, browser type, pages visited, session duration, location (approximate)

IP anonymization available; GDPR- and CCPA-compatible when configured properly; encrypted in transit

No

Meta Pixel / Facebook Ads

Ad performance tracking and retargeting

IP address, device/browser info, activity on site (e.g. page views, conversions)

Follows Meta’s Data Policy; supports GDPR opt-out via Consent Mode; data encrypted and processed in Meta infrastructure

No

Obsidian

Knowledge base powering custom GPT responses

Structured internal prompts and reference content (non-user data)

Local file encryption, secured access, not cloud-synced by default

Yes

OpenAI (API)

AI-powered chatbot and content generation

User inputs into chatbot (text only; no PII unless voluntarily given)

End-to-end encryption, GDPR-aligned, data not used for training

Yes

PayPal

Payment processing

Same as Stripe (user-entered)

PCI-DSS Level 1, encryption, fraud prevention

No

Stripe

Payment processing

Name, billing details (securely handled by Stripe only)

PCI-DSS Level 1, SOC 2, GDPR/CCPA compliant

No

Wix

Website hosting, forms, design, member login

IP address, contact forms, cookies

ISO 27001, GDPR, CCPA, encrypted storage

No

  • TheBusinessVet @Facebook
  • TheBusinessVet @Instagram
  • TheBusinessVet @LinkedIn
  • TheBusinessVet @Threads
  • TheBusinessVet @YouTube
  • TheBusinessVet @TikTok
  • TheBusinessVet @Pinterest
bottom of page