Legal

Privacy Policy

Last updated: May 29, 2026

1. Scope

This Privacy Policy explains how Lux Services LLC ("BJJ Track," "we," "us," or "our") collects, uses, discloses, stores, and protects personal information through the BJJ Track platform, our marketing websites, public forms, checkout pages, support channels, and related services.

This Policy applies differently depending on your relationship with us. If you are a gym, academy, school, or business using BJJ Track as software, this Policy describes both the data we process for you and the data we process for our own business purposes. If you are a member, lead, prospect, parent, or other end user interacting with a gym that uses BJJ Track, that gym is usually the party deciding why your data is collected and used.

2. Controller and Processor Roles

When a BJJ Track customer uses the platform to manage member records, leads, waivers, billing, communications, or class activity, that customer is generally the business, controller, or organization responsible for deciding how and why the personal information is processed. In those situations, BJJ Track generally acts as a service provider or processor on the customer's behalf.

BJJ Track acts as an independent controller for information we collect about our own website visitors, prospects, account owners, billing contacts, support contacts, referral partners, and others who interact directly with BJJ Track for our own marketing, account administration, billing, security, and legal compliance purposes.

3. Personal Information We Collect

Depending on how you use the Services, we may collect the following categories of information:

  • Account and business information, such as names, business names, email addresses, phone numbers, mailing addresses, tax or billing contacts, and user role data.
  • Member, lead, and customer records managed by our business customers, including contact information, trial information, family relationships, attendance, rank or program information, notes, and communication preferences.
  • Agreements, waivers, signatures, form submissions, guardian details, and related audit fields such as timestamps and IP addresses where captured.
  • Payment and subscription records, such as subscription status, invoices, transaction identifiers, payout status, refunds, disputes, billing history, and processor metadata. We do not store full payment card numbers on our own servers.
  • Communications data, including email, SMS, WhatsApp, voice, portal, and chat content; delivery, open, click, unsubscribe, reply, or opt-out events; and consent records.
  • Usage, telemetry, and technical data, such as IP address, browser type, device identifiers, operating system, session activity, feature usage, page visits, timestamps, and diagnostic logs.
  • Advertising and attribution data, such as campaign identifiers, UTM parameters, click IDs, conversion data, and ad account information when integrations are enabled.
  • AI-related inputs and outputs, such as prompts, transcripts, call summaries, generated content, lead scoring, recommendations, or automations initiated through the platform.

4. Sources of Information

We collect information directly from you, from our customers and their authorized users, from forms and kiosks, from payment processors and connected integrations, from telecom and delivery providers, from analytics and advertising tools, from support interactions, and automatically from devices and browsers that access the Services.

5. How We Use Information

We may use personal information to provide and operate the Services, authenticate users, provision accounts, process payments and subscriptions, send notifications, host forms and websites, manage communications, power AI and automation features, prevent fraud, investigate abuse, resolve disputes, provide support, improve product performance, create aggregated reporting, comply with law, and protect BJJ Track, our customers, and the public.

Where a customer account becomes delinquent, suspended, canceled, or locked, we may also use billing, operational, and service-status data to administer retries, restrict features, stop downstream billing activity, process or facilitate refunds where required, preserve reactivation records, and send neutral operational notices to authorized users or affected end users when reasonably necessary.

Where applicable law requires a legal basis, our use of information may be based on contract performance, legitimate interests, legal obligations, consent, or other lawful bases recognized in the relevant jurisdiction.

6. Cookies, Analytics, and Advertising Technologies

We use cookies, local storage, server logs, SDKs, pixels, and similar technologies for authentication, fraud prevention, session continuity, product analytics, attribution, performance monitoring, and marketing measurement. Our marketing properties currently use tools such as Google Analytics and Meta Pixel, and customer-owned pages built or hosted through BJJ Track may also use analytics or advertising tools when the customer enables them.

We do not sell personal information for money. However, when analytics, attribution, or advertising tools are enabled, identifiers and usage data may be disclosed to analytics or advertising partners in ways that some privacy laws could characterize as "sharing" or targeted advertising. You can manage cookies through browser settings and may be able to opt out of certain ad personalization through your browser or device tools.

Mobile and SMS data are excluded from all advertising and analytics sharing. Phone numbers and SMS opt-in/consent data collected for messaging are never included in the analytics, attribution, or advertising disclosures described above, and are never sold, rented, or shared with any third party, affiliate, or lead generator for their own or others' marketing or promotional purposes. The only parties that ever receive a phone number are the subprocessors strictly necessary to deliver the message you consented to (for example, the telecom carrier and our messaging vendor). No mobile information obtained through an SMS opt-in is shared with third parties for marketing.

7. Service Providers and Disclosures

We may disclose information to trusted service providers and infrastructure partners that help us operate the Services, including hosting providers, database providers, payment processors, email and telecom vendors, analytics vendors, AI model providers, support tools, and security vendors. We may also disclose information: (a) at a customer's direction; (b) to enforce contracts or platform rules; (c) to investigate fraud, abuse, or security incidents; (d) to comply with subpoenas, court orders, or legal obligations; or (e) in connection with a merger, financing, restructuring, acquisition, or sale of assets.

8. Payments, Stripe, and Connected Accounts

Payment processing, subscription billing, and connected-account features may be provided through Stripe and related providers. When you use those features, information such as business identity, payout details, tax information, transaction data, disputes, and processor status may be collected and shared with Stripe. Stripe and its affiliated providers process that information under their own terms and privacy disclosures, and BJJ Track may receive status information, transaction metadata, invoice data, customer IDs, connected account IDs, refund data, and other billing-related information needed to operate the Services.

If platform non-payment, cancellation, or closure makes continued downstream billing inappropriate, BJJ Track may use payment and account-status data to stop member billing activity, facilitate neutral end-user notices, and process or support prorated refunds, credits, or dispute evidence where required by law, processor rules, or platform policy. Additional detail appears in our Billing & Cancellation Policy.

9. Messaging, Consent, and Communications Records

If you use BJJ Track messaging features, we may process phone numbers, email addresses, messaging content, templates, delivery events, opt-in records, opt-out records, unsubscribe requests, STOP and HELP interactions, call transcripts, voicemail or AI voice logs, and related consent evidence. We keep suppression and opt-out records as needed to honor unsubscribe and do-not-contact preferences and to demonstrate compliance.

SMS consent — two independent categories. Per A2P 10DLC carrier policy, BJJ Track captures transactional SMS consent and marketing SMS consent as two separate, independently-checked opt-ins. The two consents are never bundled, never collected together as a single agreement, and never preselected. Opting into one does not opt you into the other. You can opt into transactional only, marketing only, both, or neither. Each category is recorded as its own row in our consent ledger with timestamp, IP address, user agent, source URL, and the verbatim disclosure text shown to you at the moment of opt-in. Message frequency varies by category and recipient; message and data rates may apply.

No sharing or selling of mobile information. Phone numbers and SMS opt-in/consent data are never sold, rented, or shared with any third party, affiliate, or lead generator for their own or others' marketing or promotional purposes, and are not shared with advertising or analytics partners. The only parties that ever receive a mobile number are the subprocessors strictly necessary to deliver a message you consented to (the telecom carrier and our messaging vendor). No mobile information obtained through an SMS opt-in is shared with third parties for marketing.

Send-time enforcement. The platform refuses to dispatch a marketing SMS to any recipient who lacks an active marketing-category consent record, even when a transactional consent record exists. Likewise, transactional sends require an active transactional consent record. Refusals are logged for audit. STOP / UNSUBSCRIBE / CANCEL / END / QUIT / REVOKE keywords revoke all categories platform-wide; revoking a single category without revoking the other is also supported on request.

Full live SMS consent capture and the verbatim disclosure text for each category are available at bjjtrack.com/sms-consent-cta; the deeper compliance audit page is at bjjtrack.com/sms-consent; the SMS-specific terms and frequency caps are in our SMS Terms & Conditions. Phone-call (voice) consent is captured separately under the TCPA — SMS consent does not authorize a call and vice versa; the call-specific terms, recording disclosure, and how to stop calls are in our Phone Call (Voice) Terms & Consent.

For end users receiving messages from a BJJ Track customer, the customer is responsible for the underlying legal basis and message content. BJJ Track may nevertheless block, log, or retain communications data where necessary for carrier compliance, abuse prevention, investigations, dispute resolution, or platform security.

Express consent captured during live interactions. When a person on a live BJJ Track Voice AI call, web chat, or other real-time channel explicitly asks the system to email or text them (for example, "send me your pricing" or "text me your address"), the request itself is express consent under TCPA and the CAN-SPAM safe harbor for solicited communications. BJJ Track records that consent the moment the requested message is sent: a new row is written to the consent ledger with consent_source = 'user_request', the canonical disclosure text, the live-interaction identifier (call SID, thread ID), and the timestamp. The row is durable evidence that a regulator or carrier can be shown on demand.

9a. Voice AI — Recording, Transcription, and PCI DSS Handling

BJJ Track operates an AI voice receptionist that can answer inbound calls and place outbound calls on a customer's behalf. Call audio may be recorded when the customer enables the recording option, in which case the caller hears a recording disclosure at the start of the call. Recordings are stored on our voice provider (Twilio) and the URL is referenced in our database.

Default retention windows for Voice AI data:

  • Call audio recordings: 90 days after the call. Recordings are then deleted from Twilio via API and the local URL is cleared. Customers may shorten this in their admin settings (minimum 30 days — the practical TCPA dispute window).
  • Call transcripts: 12 months after the call. Transcripts are then nulled in our database.
  • Call metadata (duration, caller / called numbers, AI handling flag): retained per the general operational-data windows above.

PCI DSS 3.2.1 handling. The Voice AI is configured to never solicit or accept credit card numbers, CVV / CSC / security codes, expiration dates, or cardholder names over the phone. For any payment-related action, the assistant sends a secure Stripe payment link by SMS or email.

As a second line of defense, every live transcript chunk is scanned for credit-card / CVV patterns. When the scanner fires, the Twilio recording is paused via the recording-control API within ~1 second of the digits being spoken, the transcript is replaced with [REDACTED:card] before durable storage, and an audit row is written to pci_redaction_events with the pattern type and mitigation action — never with the matched cleartext. BJJ Track does not store sensitive authentication data (CVV / CSC / track data) under any circumstances. Per PCI DSS 3.2.1 § 3.2, this data MUST NOT be retained after authorization, even encrypted.

9b. Biometric Identifiers — Face Recognition (BIPA / CUBI)

Some gyms enable an optional face-recognition feature for member check-in and for auto-tagging members in class and event photos. When a member affirmatively opts in, BJJ Track computes a face geometry template — a 512-number mathematical "faceprint" derived from the member's photo. A faceprint is a biometric identifier under laws such as the Illinois Biometric Information Privacy Act (BIPA) and the Texas Capture or Use of Biometric Identifier Act (CUBI), and we treat it accordingly.

Affirmative, separate, written consent. Face-recognition consent is never bundled with, or implied by, membership, photography, social-posting, or any communications consent. It is captured as its own unchecked-by-default opt-in with a verbatim disclosure that names the biometric collected, the purpose, the storage, the retention, and the right to withdraw. The verbatim consent text the member saw is stored in the consent ledger with timestamp and source.

Purpose limitation, no third-party sharing. A faceprint is used only to recognize the consenting member for check-in and photo auto-tagging at that member's gym. Faceprints are stored solely in that gym's own database, are never sold, leased, traded, or otherwise disclosed to any third party, and are never used to build a cross-gym or platform-wide identification system.

Retention and deletion. A faceprint is retained only while the member remains enrolled. A member may withdraw biometric consent at any time in the Member Portal or by asking the gym; withdrawal permanently deletes the stored face embedding immediately and disables face check-in and auto-tagging for that member. Faceprints are also deleted when the member account is deleted.

10. AI Features and Model Providers

If you use AI features, prompts, transcripts, contextual customer data, communication history, or other operational inputs may be processed by BJJ Track and third-party model providers to generate drafts, recommendations, summaries, analytics, classifications, or actions. We use that information to deliver the requested AI feature, monitor abuse, improve reliability, and support product development. Because AI output can be inaccurate or inappropriate, customers are responsible for reviewing how AI features are configured and used in their business.

AI analysis of communications (Call Coach, draft replies, sentiment, summarization). Where the customer enables features that analyze conversational content — including live AI Call Coach guidance during staff softphone calls, AI-drafted replies to inbound messages, post-call quality notes for staff training, automated thread summarization, AI sentiment or risk scoring on member conversations — the underlying audio, transcripts, message bodies, attachments, and related metadata are processed by BJJ Track and our third-party model providers (currently including OpenAI for transcription and language tasks, Anthropic for reasoning tasks, and ElevenLabs / for voice synthesis). Processing is for the purpose of producing the requested AI output, securing the platform, billing for AI usage, and improving the AI feature for the customer base generally; we contract with our model providers to limit their reuse of this data for their own model training. Aggregated and de-identified data may be used to evaluate and tune our own models or model configurations. Customers may turn off Call Coach, AI drafts, and other AI analysis features per-channel in their admin settings. Recording disclosure played by Voice AI under Section 9a generally satisfies the consent required to analyze the recorded portion of those calls.

10a. Anonymized Aggregate Analytics

To improve product features and provide useful benchmarks for all customers, BJJ Track computes anonymized, aggregated statistics across the platform — for example, the typical price range of monthly memberships, the most common program names, and average class-schedule density. These aggregates are derived from operational data customers have already provided in the ordinary course of using the Services and are used to power features like pricing suggestions, schedule templates, and onboarding defaults shown to other gyms.

Regional and demographic clustering. To make benchmarks actually useful (a gym in Manhattan should not be benchmarked against a gym in rural Texas), aggregates may be computed by region — including ZIP code, city, metro area, and country — and by general demographic bucket such as gym size (members), program mix (kids-only, adult-only, mixed), and the publicly available demographic profile of the gym's service area (urban / suburban / rural, median household income band). The demographic bucket is derived from publicly available US Census and equivalent international statistics for the gym's ZIP / postal code; we do not collect demographic information about individual members.

Aggregates are computed only at scale, with k-anonymity floors (a minimum number of contributing gyms per bucket) so no individual gym can be identified from any benchmark. Buckets that would fall below the floor are merged upward (ZIP → city → metro → country) until the floor is met or the benchmark is suppressed.

The following are never shared or surfaced across customers: gym names or brands, member or staff identities, contact information, financial account details, individual transaction histories, payouts, or any free-form notes. Personally identifying information stays inside each tenant boundary.

Customers may opt out of contributing to anonymized aggregates at any time from Settings → Privacy & Data in the dashboard. Opting out does not affect any other Service feature.

11. Retention

We retain information for different periods depending on the data type, customer configuration, legal obligations, backup cycles, and the reasons the data was collected. In general, active customer account data is retained while the subscription remains active. If an account is canceled, locked for non-payment, or otherwise terminated, operational customer data may remain in recoverable or archived form for up to approximately 180 days to support reactivation, export, fraud review, dispute handling, or system restoration.

Billing, tax, refund, payout, dispute, consent, audit, security, and legal hold records may be retained longer where reasonably necessary or legally required. Backups may persist beyond deletion from live systems for a limited period. We may also retain de-identified or aggregated information that no longer reasonably identifies a person.

Additional operational detail, including telemetry and archive handling, is available in our Data, Retention & Telemetry Policy.

12. Security

We use administrative, technical, and physical safeguards designed to protect personal information, including role-based access controls, row-level security in supported systems, encryption in transit, access logging, and other security measures reasonably appropriate to the Services. No system is completely secure, and we cannot guarantee that unauthorized access, loss, or misuse will never occur.

13. Your Rights and Choices

Depending on your location and the context in which we process your information, you may have rights to request access, correction, deletion, portability, restriction, or opt-out of certain processing such as targeted advertising or profiling. Texas and other U.S. state privacy laws may also provide additional rights to qualifying residents.

If you are an end user whose data was collected by a gym or business using BJJ Track, please direct your privacy request to that business first because it usually controls the relevant records. If BJJ Track receives an end-user request for customer-controlled data, we may refer the request to the relevant customer or work with that customer as needed.

To submit a request directly to BJJ Track regarding information we control, email contact@bjjtrack.com. We may need to verify your identity and authority before acting on a request.

14. Children and Minors

BJJ Track is business software and is not directed to children. However, because our customers may manage youth programs, we may process information about minors on behalf of those customers. In those cases, the customer is responsible for providing required notices and obtaining any necessary parental or guardian permissions. If you believe personal information about a child was submitted improperly, contact the relevant business first or email us at contact@bjjtrack.com.

15. International and Cross-Border Processing

BJJ Track primarily operates in the United States, and information may be processed or stored in the United States or other jurisdictions where our providers operate. By using the Services, you understand that information may be transferred to and processed in countries that may have different data-protection laws than your home jurisdiction, subject to applicable legal requirements.

16. Data Deletion Requests

Information about deletion and privacy requests is available on our Data Deletion page and our Data, Retention & Telemetry Policy. Deletion is subject to verification, customer control where applicable, backup cycles, legal holds, and retention obligations for billing, security, consent, and dispute records.

Statutory response times for verified consumer deletion requests: 30 days for GDPR and UK GDPR (Art. 12(3)); 45 days for U.S. state privacy laws including CCPA, CPRA, VCDPA, CPA, CTDPA, UCPA, and TDPSA. Each request is logged in our data_deletion_requests table on intake with the statutory due date, identity-verification method, and lifecycle status. On execution the deletion is fanned out across voice recordings (Twilio API delete), transcripts (nulled), members / leads / unified profiles (anonymized in place — operational records like attendance and payment history are retained per CCPA § 1798.105(d) business-purpose exception), messages (body cleared, delivery metadata kept), and SMS / email consent records (PII stripped but the bare opt-in row is retained for the 5-year FTC TSR legal hold). Every per-resource action writes an audit row to data_deletion_audit tied back to the request, so a regulator can be shown a complete deletion record on demand.

17. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date and may provide additional notice where required by law or where the changes are material.

18. Contact Information

Lux Services LLC

8801 Colorado Bend, Lantana, TX 76226

Email: contact@bjjtrack.com

Website: bjjtrack.com