Privacy Policy
Last updated: 2026-04-30
1. Introduction
GoWeBa (operated by Next Fit LLC, DBA "GoWeBa") is a comprehensive business management and CRM platform that helps organizations manage contacts, communications, tasks, calendars, files, billing, and more. GoWeBa is also a full email & messaging platform with departmental routing, alias management, and AI-powered assistance through our proprietary virtual assistant, WEBA.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at goweba.com and any related services (collectively, the "Service"). By using the Service, you consent to the practices described in this policy.
2. Information We Collect
2.1 Information You Provide Directly
- Account Information: Full name, email address, phone number, business name, and billing details when you register.
- Communication Data: Emails, SMS messages, and other communications you send or receive through the Service.
- Contact Data: Information about your business contacts stored in the platform (names, addresses, phones, notes, tags, custom fields).
- Payment Information: Credit card details and billing information processed through our payment provider (Stripe). GoWeBa does not store credit card numbers on its servers.
- Files & Documents: Files you upload to WebaDrive, including documents, images, PDFs, and other media.
- Calendar & Tasks: Events, appointments, tasks, and pipeline data you create within the platform.
2.2 Information Collected Automatically
- Usage Data: Pages visited, features used, actions performed, and timestamps.
- Device Information: Browser type, operating system, IP address, and device identifiers.
- Cookies: Session cookies for authentication and preferences.
- Analytics Data: We use Google Analytics (GA4) to collect aggregate usage statistics to improve the Service.
2.3 Information Collected via Third-Party Integrations
When you connect third-party services to GoWeBa (e.g., Google Workspace, Microsoft 365), we may access and import data from those services with your explicit consent. This includes:
- Google Workspace Migration: Contacts (via People API), emails (via Gmail API), calendar events (via Calendar API), and files (via Drive API). This data is accessed read-only and only during the migration process. See Section 6 for details.
- Microsoft 365 / Outlook: Contacts, emails, and calendar events for migration purposes.
- SSO Authentication: When you sign in with Google or Microsoft, we receive your name, email, and profile picture.
3. How We Use Your Information
- To provide, maintain, and improve the Service.
- To process migrations from third-party platforms into GoWeBa.
- To power WEBA, our AI assistant, which uses your organizational data to provide contextual help, automate tasks, and generate documents.
- To route incoming emails to the appropriate department and alias.
- To send transactional communications (account verification, security alerts, billing notifications).
- To send SMS notifications and reminders you have opted into.
- To process payments and manage subscriptions via Stripe.
- To provide customer support and respond to inquiries.
- To ensure security, detect fraud, and enforce our Terms of Service.
- To comply with legal obligations.
4. Official Departments & Email Aliases
GoWeBa uses a departmental email routing system. Each department has one or more email aliases used for specific business purposes. Below are the official departments and their associated aliases for the goweba.com domain:
| Department | Email Alias(es) | Purpose |
|---|---|---|
| Admin | [email protected] | Administration, domain management, server configuration |
| Billing | [email protected] | Invoices, payments, refunds, account billing |
| Booking | [email protected] | Appointments, reservations, scheduling |
| Feedback | [email protected][email protected] | Reviews, testimonials, surveys, suggestions |
| General | [email protected][email protected] | General inquiries, contact requests, information |
| HR | [email protected] | Recruitment, hiring, job applications, human resources |
| Marketing | [email protected][email protected] | Marketing campaigns, promotions, brand communications |
| Migration | [email protected] | Data migration assistance, Google Workspace import, WEBA AI migration support |
| Notifications | [email protected][email protected] | System notifications, alerts, automated messages (do not reply) |
| Orders | [email protected] | Order management, shipping, delivery, returns |
| Sales | [email protected] | Sales inquiries, quotes, proposals, offers |
| Support | [email protected][email protected] | Customer support, help desk, technical assistance |
Additional aliases include: [email protected], [email protected], and [email protected]. This list is updated each time a new department or alias is created within the platform.
5. SMS & Communication Consent
By registering for GoWeBa and opting in to SMS communications, you consent to receive text messages from us at the phone number you provide. These messages may include:
- Two-factor authentication and security verification codes.
- Appointment and meeting reminders.
- Task and deadline notifications.
- Account status updates and billing alerts.
Message frequency varies. Message and data rates may apply. You can opt out at any time by replying STOP to any message. Reply HELP for assistance. For support, email [email protected].
6. Google Workspace Migration & API Data
GoWeBa offers a migration service powered by WEBA (our AI assistant) to help users transfer their data from Google Workspace to GoWeBa. When you initiate a migration via [email protected] or through the WEBA chat interface, the following applies:
6.1 Data Accessed
- Google Contacts (via People API) — names, emails, phone numbers, addresses, and notes.
- Gmail (via Gmail API) — email threads, subjects, bodies, attachments, and labels.
- Google Calendar (via Calendar API) — events, dates, locations, attendees, and descriptions.
- Google Drive (via Drive API) — file names, contents, folder structure, and metadata.
6.2 How Migration Data Is Used
- Data is accessed read-only from your Google account.
- Data is imported into your GoWeBa organization and becomes part of your GoWeBa account data.
- We do not retain copies of your Google data outside of what is imported into your GoWeBa account.
- We do not share, sell, or transfer your Google data to third parties.
- OAuth tokens (access & refresh) are stored securely and encrypted. They are used only for the migration and can be revoked at any time.
6.3 Revoking Access
You can revoke GoWeBa's access to your Google account at any time by visiting Google Account Permissions and removing "GoWeBa" from the list of connected apps. You may also request data deletion by contacting [email protected].
7. WEBA AI Assistant & Data Processing
WEBA is GoWeBa's proprietary AI virtual assistant. WEBA processes your organizational data (contacts, emails, calendar, tasks, documents) to provide contextual assistance, automate workflows, and generate documents. Key privacy considerations:
- WEBA processes data within your organization's scope only — it cannot access other organizations' data.
- Conversations with WEBA are stored in your account for continuity and audit purposes.
- WEBA uses large language models (LLMs) to generate responses. Your data is not used to train these models.
- AI-generated content (documents, emails, summaries) is stored in your account and subject to this policy.
8. Data Sharing & Disclosure
We do not sell your personal information. We may share data with:
- Service Providers: Third-party vendors who assist in operating our Service (e.g., Stripe for payments, Twilio for SMS, Amazon Web Services for hosting and file storage).
- Google APIs: Only when you explicitly authorize a migration or SSO connection.
- Legal Requirements: When required by law, regulation, or legal process.
- Business Transfers: In connection with a merger, acquisition, or sale of assets.
- With Your Consent: When you explicitly authorize us to share your data.
9. Data Security
We implement industry-standard security measures including:
- Encryption in transit (TLS/SSL) for all data transmissions.
- Encryption at rest for sensitive data and OAuth tokens.
- Role-based access controls within the platform.
- Audit logging of all security-sensitive actions (login, impersonation, password changes).
- Two-factor authentication (2FA) support.
- Regular security audits and monitoring.
However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.
10. Cookies & Tracking
GoWeBa uses the following cookies:
- Session Cookies: Required for authentication and maintaining your login session.
- Preference Cookies: Store your language preference, theme (light/dark), and sidebar configuration.
- Analytics Cookies: Google Analytics (GA4) to understand aggregate usage patterns. You may opt out via the cookie consent banner.
11. Data Retention
We retain your information for as long as your account is active or as needed to provide you with our Service. Upon account deletion, we will remove your personal data within 90 days, except where retention is required by law. Audit logs and security events are retained for 12 months for compliance purposes.
12. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access, correct, or delete your personal information.
- Opt out of marketing communications.
- Request a copy of your data in a portable format (export).
- Withdraw consent for data processing.
- Revoke third-party integrations (Google, Microsoft) at any time.
- Request deletion of migrated data.
To exercise these rights, contact us at [email protected].
13. Children's Privacy
GoWeBa is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.
14. International Data Transfers
GoWeBa is operated from the United States. If you are accessing the Service from outside the US (including Canada, the European Union, or other jurisdictions), your data may be transferred to and processed in the United States. By using the Service, you consent to this transfer. We implement appropriate safeguards to protect your data in accordance with applicable laws.
15. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will send an email notification to the address associated with your account.
16. Contact Us
If you have questions about this Privacy Policy, please contact the appropriate department:
Next Fit LLC (DBA GoWeBa)
1323 Port Neches Avenue, Suite 107
Port Neches, TX 77651, United States
Privacy inquiries: [email protected]
Legal inquiries: [email protected]
Migration support (WEBA): [email protected]
General support: [email protected]
General inquiries: [email protected]
17. Zoom Integration Privacy Addendum
When you connect your Zoom account to GoWeBa, the following data practices apply specifically to the Zoom integration:
- Scope meeting:write:meeting — GoWeBa creates Zoom meetings on your behalf only when you schedule an event requiring a video call.
- Scope user:read:email — GoWeBa reads your Zoom email address solely to display account connection status.
- OAuth tokens are encrypted at rest using AES-256-GCM and automatically refreshed before expiry.
- GoWeBa does not access, store, or process Zoom meeting recordings, chat messages, participant lists, or any other meeting content.
- When you disconnect your Zoom account, all stored tokens are permanently and irreversibly deleted.
- GoWeBa does not sell, share, or transfer your Zoom data to any third party.
For complete details, see our Zoom Integration Documentation.
18. Google Meet Integration Privacy Addendum
When you connect your Google account for Google Meet, the following data practices apply:
- Scope calendar.events — GoWeBa creates Google Calendar events with attached Google Meet conference links.
- Scope userinfo.email — GoWeBa reads your Google email address to display account connection status.
- OAuth tokens are encrypted at rest using AES-256-GCM and automatically refreshed before expiry.
- GoWeBa does not access, read, or modify your existing Google Calendar events. It only creates new events when you explicitly request a Meet link.
- When you disconnect your Google account, all stored tokens are permanently and irreversibly deleted.
- GoWeBa does not sell, share, or transfer your Google data to any third party.
For complete details, see our Google Meet Integration Documentation.
19. Microsoft Teams Integration Privacy Addendum
When you connect your Microsoft account for Teams meetings, the following data practices apply:
- Scope OnlineMeetings.ReadWrite — GoWeBa creates Microsoft Teams meetings on your behalf.
- Scope User.Read — GoWeBa reads your Microsoft profile to display account connection status.
- OAuth tokens are encrypted at rest using AES-256-GCM and automatically refreshed before expiry.
- GoWeBa does not access your Teams messages, channels, files, or any other Microsoft 365 data beyond meeting creation.
- When you disconnect your Microsoft account, all stored tokens are permanently and irreversibly deleted.
- GoWeBa does not sell, share, or transfer your Microsoft data to any third party.
For complete details, see our Microsoft Teams Integration Documentation.
20. GoWeBa iOS App Privacy Addendum
The GoWeBa iOS app extends the web platform to mobile devices. The following privacy considerations apply:
- All data in transit between the app and GoWeBa servers is encrypted with TLS 1.3.
- Biometric data (Face ID / Touch ID) is processed entirely on-device by Apple's Secure Enclave and is never transmitted to GoWeBa servers.
- Push notification tokens are stored securely and used only to deliver notifications you have opted into.
- The app does not access contacts, photos, or other device data unless you explicitly grant permission for specific features.
- The iOS app uses the same secure API and data handling practices as the GoWeBa web platform.
For complete details, see our GoWeBa for iOS page.