← WaypointConnect

Privacy Policy

Last updated: 7 June 2026

Who we are

WaypointConnect (“we”, “us”, “our”) provides an automated client onboarding tool that connects Stripe billing with GoHighLevel. Our service is operated independently and is not affiliated with or endorsed by HighLevel Inc.

What we collect and why

We collect only what we need to provide the service:

  • Account information — your email address and a hashed password, used to log you into your dashboard.
  • Integration credentials — your GoHighLevel OAuth tokens and Stripe webhook secret. These are encrypted at rest using AES-256-GCM and used solely to perform onboarding on your behalf.
  • Provisioning event logs — records of Stripe checkout events and the GoHighLevel sub-accounts created from them. These are kept so you can see your onboarding history and retry failures.
  • Stripe webhook payloads — we receive the customer name and email sent by Stripe when a payment completes, purely to create the GoHighLevel sub-account. We do not store payment card details.

What we do not do

  • We do not sell, rent, or share your data with third parties for advertising or marketing.
  • We do not track you across websites or use third-party analytics on personal data.
  • We do not store your customers’ payment card information — Stripe handles all payment data.

How we protect your data

Your GoHighLevel and Stripe credentials are encrypted at rest using AES-256-GCM authenticated encryption. All communication between WaypointConnect, Stripe, and GoHighLevel happens over TLS. Stripe webhooks are verified using HMAC signature validation before we act on them.

Data retention

We keep your account data and provisioning logs for as long as your account is active. If you close your account, we delete your data within 30 days, except where we are required to retain it by law.

Your rights

You have the right to access, correct, or delete the data we hold about you. To make a request, email us at [email protected]. If you are in the European Economic Area, you also have the right to data portability and to lodge a complaint with your local data protection authority.

Cookies

We use a single HTTP-only session cookie to keep you logged into your dashboard. We do not use advertising or tracking cookies.

Changes to this policy

If we make material changes, we will update the date at the top of this page and notify you by email where we have a way to reach you.

Contact

Questions? Email us at [email protected].

Note: This policy is provided in good faith and reflects how we actually operate. It is not a substitute for legal advice. If you have specific regulatory requirements, please consult a qualified professional.