Last updated: April 7, 2026 · Effective: April 7, 2026
ConceptConnect is a business operations platform owned and operated by Jasiri Basel, Inc. ("Jasiri Basel," "we," "us," "our"), a corporation headquartered in Louisiana, United States. ConceptConnect provides customer relationship management, sales automation, email and SMS marketing, social media publishing, AI-assisted content generation, project management, e-commerce, and analytics tools to small and medium-sized businesses. The platform is accessible at conceptconnect.net and my.conceptconnect.net/conceptxx.
This Privacy Policy describes how ConceptConnect collects, uses, shares, and protects information. It applies to everyone who interacts with us — whether you visit our marketing website, register a ConceptConnect account, use the platform on behalf of a business, or have your information uploaded to ConceptConnect by one of our customers. We have written it to be readable. If anything is unclear, please contact us using the methods in Section 16.
1. Two Roles ConceptConnect Plays With Data
ConceptConnect handles information in two distinct roles, and the rights you have depend on which role applies in your situation:
- Account data we control. When a business signs up for ConceptConnect, they provide information to register and use their account — company name, contact details, billing information, login credentials, and configuration preferences. For this information ConceptConnect is the data controller: we decide what is collected, how it is used, and how long it is kept.
- Customer-uploaded data we process. Once a business is using ConceptConnect, they upload, import, and create data inside their account — their own customers' contact information, mailing lists, sales pipelines, uploaded media, project notes, e-commerce orders, and so on. For this information ConceptConnect is the data processor: we process it on behalf of our customer (the data controller), under their instructions, and only for the purposes they direct. If you are an end customer of a business that uses ConceptConnect and you want to exercise rights over your personal data, please contact that business directly. We will assist them in fulfilling your request.
This distinction is standard for business software-as-a-service. It means ConceptConnect is committed to handling our customers' data with the same care that a responsible payroll provider, accounting platform, or document storage service would.
2. Information We Collect
2.1 Information you provide directly
- Account registration: name, business name, email address, phone number, mailing address, and a password.
- Billing: payment card details (handled by our PCI-compliant payment processor — ConceptConnect does not store full card numbers on its own systems), billing address, and tax identification numbers where applicable.
- Communications: messages you send through our contact form, support tickets, or email correspondence, and our responses.
- Profile and preferences: brand voice configurations, content pillars, time zones, scheduling preferences, notification settings, and other choices you make.
2.2 Information you upload or create inside ConceptConnect
ConceptConnect's customers use the platform to manage their business operations. As they do, they upload and create a wide range of information — this is their data, processed by us on their behalf:
- Contacts, leads, and customer records (names, emails, phone numbers, addresses, custom fields)
- Email and SMS distribution lists, including consent and opt-out status
- Sales pipeline data, deals, proposals, and invoices
- Media assets (images, videos, audio) uploaded for publishing or storage
- Press contacts and media outreach records
- Project tasks, notes, comments, and team communications
- Calendar events and reservations
- E-commerce product catalogs, customer accounts, and order records
- Content drafts, scheduled posts, AI-generated material, and campaign analytics
2.3 Information from connected platforms
When you connect a third-party platform to ConceptConnect, we receive an OAuth access token and the data necessary to perform the actions you request. This typically includes your account identifier on the connected platform, display name, profile image, the content you publish through ConceptConnect, and analytics about that content. See Section 4 for the full list of supported integrations and how each one works.
2.4 Information collected automatically
- Usage data: pages visited, features used, actions taken inside the platform, timestamps, error logs, and approximate location derived from IP address.
- Device and browser data: device type, operating system, browser type and version, screen resolution, and language preference.
- Cookies and similar technologies: session identifiers, authentication tokens, and analytics cookies. See Section 13.
2.5 Information from third parties
We may receive information about you from third parties such as analytics providers, fraud prevention services, payment processors, and the connected platforms listed in Section 4. We use such information only for the purposes described in this Policy and in line with the consents you have provided to those third parties.
3. How We Use Information
ConceptConnect uses the information it collects to:
- Provide, maintain, and improve the ConceptConnect platform and its features
- Authenticate users and protect accounts from unauthorized access
- Process transactions and send transactional communications such as receipts, account notifications, and password resets
- Carry out actions you explicitly request — publishing content to connected platforms, sending email and SMS campaigns, generating AI content, processing orders, and managing your projects
- Provide customer support and respond to inquiries
- Monitor and analyze usage to improve performance, fix bugs, and develop new features
- Detect, prevent, and address fraud, security incidents, abuse, and violations of our Terms of Service
- Comply with legal obligations and respond to lawful requests from public authorities
- Send service updates and, where permitted by law and your preferences, occasional marketing communications about ConceptConnect (you can opt out at any time)
What ConceptConnect does not do:
- We do not sell your personal information to data brokers, advertisers, or any other third party
- We do not use customer-uploaded data to train external AI models
- We do not share your data with advertising networks for behavioral targeting
- We do not read the content of your messages, contacts, or campaigns for marketing purposes
- We do not transfer your data outside our subprocessor relationships described in Section 6
4. Connected Platforms and Integrations
ConceptConnect integrates with many third-party platforms so that you can publish content, run campaigns, process payments, and pull analytics from one place. When you connect a platform, you authorize ConceptConnect to act on your behalf within the scope of permissions you grant.
For every integration, ConceptConnect follows the same principles:
- We request only the minimum permissions necessary to provide the feature you are using
- We never store your password for the connected platform — only the encrypted access token issued by that platform's OAuth flow
- We use the access token only to carry out actions you explicitly request inside ConceptConnect
- We do not access, read, or analyze your connected accounts beyond what is necessary to fulfill those requests
- You can disconnect any integration at any time, either from inside ConceptConnect (Settings → Connected Accounts) or directly from the connected platform's settings
- When you disconnect, we delete the stored access token and stop performing any actions on that account
4.1 Social media platforms
ConceptConnect supports publishing and analytics for the following social media platforms. The data ConceptConnect receives from each is limited to what is necessary to publish content you author and retrieve analytics for posts you published through ConceptConnect:
- Facebook — pages management, content publishing, basic analytics
- Instagram — business account publishing, media insights
- TikTok — video publishing, video upload, basic user info. Specifically, ConceptConnect requests the scopes
video.publish, video.upload, and user.info.basic. ConceptConnect uses these scopes to upload videos you have created, publish them to your TikTok account at the time you specify, and confirm your account identity. ConceptConnect does not browse your TikTok feed, read your messages, follow other accounts on your behalf, or perform any action you have not explicitly initiated.
- X (formerly Twitter) — tweet publishing, basic profile
- LinkedIn — personal and company page publishing, post analytics
- YouTube — video upload, channel management
- Google Business Profile — business posts, review management
4.2 Email, SMS, and voice providers
ConceptConnect integrates with email delivery services, SMS gateways, and voice broadcast providers to send messages on your behalf. When you use these features, your distribution lists and message content are transmitted to the relevant provider for delivery. ConceptConnect honors recipient unsubscribe and opt-out signals across all of these channels.
4.3 Payment processors
For e-commerce orders and ConceptConnect billing, payment information is handled by PCI-compliant payment processors. ConceptConnect does not store full payment card numbers on its own systems. The payment processor returns a token that ConceptConnect uses to reference future transactions and provide receipts.
4.4 Storage and infrastructure
Media files you upload (images, videos, documents) are stored using cloud object storage. This includes Amazon Web Services S3 and equivalent providers. Files are stored under access controls that limit them to your account and processes you have authorized.
5. AI Features and Content Generation
ConceptConnect includes AI-assisted content generation features (collectively branded as "Nora") that help users draft captions, generate post ideas, and score content performance. When you use these features:
- Your prompts and the brand voice configuration you have set are sent to the AI service that powers the feature
- ConceptConnect's AI providers process this information solely to generate the requested output and do not retain it for training their models
- ConceptConnect does not use your content, brand voice, contacts, or any other customer-uploaded data to train AI models — not our own, and not third-party providers'
- You retain full ownership of any AI-generated content created on your behalf inside ConceptConnect
6. Subprocessors and Vendors
ConceptConnect uses a small number of vetted third-party vendors to deliver the platform. These vendors are bound by data processing agreements that require them to handle data with at least the same level of care as ConceptConnect itself. Categories of subprocessors include:
- Cloud hosting and infrastructure — servers, databases, and storage that run the platform
- Email delivery services — for transactional email and customer-initiated marketing campaigns
- SMS and voice gateways — for customer-initiated text and voice broadcasts
- Payment processing — for ConceptConnect billing and customer e-commerce orders
- AI providers — for content generation features, processing only what is necessary to fulfill a specific request
- Error monitoring and analytics — to detect and fix software defects
- Customer support tools — to respond to inquiries
We can provide a current list of named subprocessors to enterprise customers under a data processing agreement. To request that list, contact us using the methods in Section 16.
7. How We Share Information
ConceptConnect shares information only in the following circumstances:
- With your explicit instructions. When you connect a platform or send a campaign, your content and the necessary metadata are transmitted to that platform or recipient as you have directed.
- With our subprocessors. As described in Section 6, vetted vendors process information on our behalf to deliver the platform.
- For legal reasons. We may disclose information when required by law, court order, or to protect the rights, property, or safety of ConceptConnect, our customers, or others. When permitted, we will notify affected customers.
- In connection with a business transaction. If Jasiri Basel, Inc. is involved in a merger, acquisition, financing, or sale of assets, customer information may be transferred as part of that transaction, subject to standard confidentiality protections and continued compliance with this Policy.
- With your consent. Any other sharing is done only with your explicit consent.
8. Data Retention
ConceptConnect retains your information for as long as your account is active and as needed to provide the service. Specifically:
- Account data: retained while your account is active. Upon account closure, deleted from active systems within 30 days, except where retention is required by law (such as tax records) or to resolve disputes.
- Customer-uploaded data: retained for as long as the customer's account is active. Customers can delete individual records at any time. Upon account closure, all customer-uploaded data is deleted within 30 days unless legal retention applies.
- Usage logs: retained for up to 12 months for security, troubleshooting, and analytics purposes, then deleted or anonymized.
- Backups: may persist for up to 90 days after deletion from primary systems before being overwritten.
9. Data Security
ConceptConnect uses industry-standard practices to protect information against unauthorized access, alteration, disclosure, and destruction. These include:
- Encryption in transit using TLS for all connections to and from the platform
- Encrypted storage of passwords, third-party access tokens, and other secrets
- Role-based access controls limiting which employees can view customer data, with least-privilege principles
- Regular security reviews, dependency updates, and vulnerability remediation
- Network and application-level monitoring for suspicious activity
- Backup and disaster recovery processes
- Staff training on security and confidentiality
No system can be guaranteed perfectly secure. If we become aware of a security incident affecting your data, we will notify you in line with applicable law and our internal incident response procedures.
10. Your Rights
Depending on where you live, you may have certain rights regarding your personal information. ConceptConnect honors the following rights for all users where applicable law requires it:
- Access. Request a copy of the personal information ConceptConnect holds about you.
- Correction. Request that we correct inaccurate or incomplete information.
- Deletion. Request that we delete your personal information, subject to legal retention requirements.
- Portability. Request a copy of your data in a structured, commonly used, machine-readable format.
- Restriction. Request that we limit how we use your information in certain circumstances.
- Objection. Object to our processing of your information for certain purposes, including direct marketing.
- Withdraw consent. Where we rely on consent, you can withdraw it at any time.
- Lodge a complaint. If you believe we have not addressed your concerns, you have the right to lodge a complaint with your local data protection authority.
To exercise any of these rights, contact us through our contact form selecting the "Privacy Question" topic, or email privacy@conceptconnect.net. We will respond within 30 days.
Note for end customers of ConceptConnect users: If you are not a ConceptConnect account holder yourself but a business that uses ConceptConnect holds information about you, your rights run against that business as the data controller. We will assist them in fulfilling any request you make to them.
11. International Data Transfers
ConceptConnect is operated from the United States and stores data on servers located in the United States. If you access ConceptConnect from outside the United States, your information will be transferred to, stored in, and processed in the United States. Where required by law (for example, for transfers from the European Economic Area, the United Kingdom, or Switzerland), ConceptConnect relies on appropriate safeguards such as Standard Contractual Clauses to protect your information during the transfer.
12. Children's Privacy
ConceptConnect is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and you believe your child has provided personal information to ConceptConnect, please contact us at privacy@conceptconnect.net and we will delete it.
13. Cookies and Similar Technologies
ConceptConnect uses cookies and similar technologies for the following purposes:
- Strictly necessary cookies: required to authenticate sessions and protect against cross-site request forgery. The platform cannot function without these.
- Functional cookies: remember your preferences such as theme, language, and recently viewed items.
- Analytics cookies: help us understand how the platform is used so we can improve it. We use first-party analytics where possible and do not share analytics data with advertising networks.
Most browsers allow you to refuse or delete cookies through their settings. Disabling strictly necessary cookies will prevent ConceptConnect from functioning correctly.
14. Marketing Communications
ConceptConnect may occasionally send you marketing communications about new features, customer stories, and events — only if you are an account holder or have opted in. Every marketing email includes an unsubscribe link, and you can also update your preferences from your ConceptConnect account settings. Transactional communications (account notifications, billing receipts, security alerts) are not marketing communications and cannot be opted out of while you maintain an account.
15. Changes to This Privacy Policy
ConceptConnect may update this Privacy Policy from time to time to reflect changes in our practices, the platform, or applicable law. When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Notify registered users by email or in-platform notification
- For significant changes, provide at least 30 days notice before the changes take effect
Continued use of ConceptConnect after changes take effect constitutes acceptance of the updated Policy.
16. Contact Us
Questions, concerns, or requests regarding this Privacy Policy or how ConceptConnect handles your information can be directed to: