Privacy Policy
Last updated: 2026
Information We Collect
When you subscribe, we collect: your first and last name, email address, Facebook profile URL, and a one-time payment token from your card. Your card number, expiration, and CVV are processed directly by NMI and never reach GMBC servers.
How We Use Information
We use your information to provide and bill for the service, verify your Facebook group join request, send transactional emails about your subscription, and provide customer support. We do not sell your information.
Card Data & PCI Compliance
GMBC operates under PCI DSS SAQ A scope. Card data is captured by hosted iframes served directly from NMI and never transits or rests on GMBC infrastructure. We store only an opaque vault reference, your card brand, and the last four digits of your card — all returned to us by NMI for display purposes.
Cookies
We use essential cookies to maintain your customer portal session. We do not use advertising or third-party tracking cookies.
Data Retention
We retain subscriber data for as long as your subscription is active and for a reasonable period after cancellation for accounting, legal, and dispute-resolution purposes.
Data Security
We use TLS encryption for all data in transit, encrypted database backups, and follow industry-standard security practices for application development and infrastructure.
Your Rights
You can request a copy of your data, request deletion of your data, or update your information by emailing [email protected].
Third Parties
We share data only with service providers necessary to operate the service: NMI (payment processing), our merchant service provider (settlement), our email provider (transactional emails), and AWS (hosting). All providers operate under appropriate data protection agreements.
Contact
Questions about this Privacy Policy? Email [email protected].