Privacy Policy

1. Introduction

Threshold Vote LLC (“Threshold,” “we,” “us,” or “our”) operates the Threshold platform, including its web application and iOS app. This Privacy Policy describes how we collect, use, share, and protect your information when you use our services. By using Threshold, you agree to the practices described in this policy.

2. Information We Collect

We collect the following types of information:

• Account Information: When you create an account, we collect your name, email address, phone number (optional), and password (stored in hashed form). We also record login timestamps and activity dates.
• Contact and Outreach Data: Names, addresses, phone numbers, age, gender, and geographic coordinates of people you add to your outreach list. We also record outreach activity including dates, methods (call, text, in-person), outcomes, notes, and survey responses.
• Voter File Data: We access publicly available voter registration records to match your contacts. This data includes names, addresses, party affiliation, district information, and voting history (whether someone voted, not how they voted). It is public record maintained by state election authorities.
• Event and RSVP Data: If you create or register for events through the platform, we collect event details and RSVP information including guest name, email, phone number, and attendance status.
• Petition Signature Data: If your campaign uses petition features, we collect signer names, addresses, and dates of signature, which are matched against voter registration records.
• Text Messaging Data: If your campaign uses peer-to-peer texting, we store message content, phone numbers, delivery status, and opt-out records. SMS messages are transmitted through Telnyx, our SMS provider.
• Push Notification Data: If you enable push notifications, we store your device token (iOS) or web push subscription to deliver notifications. These tokens are transmitted to Apple’s Push Notification Service (APNs) for delivery.
• Support and Messaging Data: If you submit a support ticket, we retain the content. Ticket content may be processed by Google Gemini to generate suggested responses. Internal messaging and direct message content between platform users is stored and accessible to campaign administrators.
• Billing Data: If your organization subscribes to paid features, we collect subscription and billing information through Stripe. We do not store credit card numbers; all payment data is handled directly by Stripe.
• Usage and Activity Data: We log actions taken on the platform (such as contact updates and outreach activity) for auditing and campaign management purposes.

3. How We Use Your Information

• To provide and maintain the Threshold platform and its features
• To match your contacts with publicly available voter registration records
• To generate outreach recommendations and action plans
• To enable campaign administrators to view activity data and manage their campaigns
• To send SMS messages on behalf of campaigns through peer-to-peer texting features
• To deliver push notifications to your device
• To process payments and manage subscriptions
• To provide AI-assisted support ticket responses
• To communicate with you about your account and our services
• To improve and develop new features for the platform
• To measure the effectiveness of campaign advertising (if Google Ads integration is enabled)

4. Data Sharing and Third-Party Services

We do not sell your personal information. We share data with the following third parties as necessary to operate the platform:

• Campaign Organizations: If you are a member of a campaign, your activity data (contacts added, outreach completed, outcomes, messages) may be visible to campaign administrators.
• Stripe: Payment processing. Receives organization and subscription information. Handles all payment card data directly.
• Resend: Email delivery. Receives your email address to send account verification codes and password reset emails.
• Telnyx: SMS delivery. Receives phone numbers and message content to deliver text messages sent through the platform’s texting features.
• Apple APNs: Push notification delivery for iOS. Receives device tokens and notification content.
• Google Gemini: AI processing. Support ticket content may be sent to Google Gemini to generate suggested responses. Data is used for inference only and is not retained for model training under our agreement.
• VAN / EveryAction (optional): If a campaign enables VAN integration, contact data (name, phone, address) and canvass outcomes may be synced to VAN’s servers.
• Google Ads (optional): If a campaign enables Google Ads integration, conversion events and Google Click IDs (GCLIDs) are shared with Google for ad attribution tracking.
• Legal Requirements: We may disclose information when required by law, regulation, subpoena, or other legal process.

5. Voter File Data

Voter registration information used by Threshold is publicly available data maintained by state election authorities. This data includes names, addresses, party affiliation, district assignments, and voting history (whether someone voted, not how they voted). We use this data solely to help campaigns identify and engage with voters. We do not use voter file data for commercial purposes unrelated to civic engagement, and we do not share it with third parties beyond the optional CRM integrations described in Section 4.

6. Cookies and Tracking

We use essential cookies to maintain your session and authentication state. These are strictly necessary for the platform to function. We do not use third-party advertising cookies.

If your campaign enables Google Ads integration, we may store a Google Click ID (GCLID) in your browser’s local storage for up to 90 days to measure ad conversion effectiveness. This is campaign-specific and only applies when the Google Ads feature is active.

7. Data Security

We implement industry-standard security measures including encrypted connections (HTTPS/TLS), hashed passwords (bcrypt), secure HTTP-only session cookies, two-factor authentication, rate limiting on authentication endpoints, and AES-256-GCM encryption for stored third-party API credentials. While no system is perfectly secure, we take reasonable steps to protect against unauthorized access, alteration, or destruction of your data.

8. Data Retention

We retain your account information and associated data for as long as your account is active or as needed to provide services. Campaign data may be retained according to the campaign organization’s policies. SMS opt-out records are retained indefinitely to honor opt-out requests. You may request deletion of your account and personal data by contacting us.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your account and personal data
• Export your data in a portable format
• Opt out of non-essential communications
• Know what categories of personal information we have collected and with whom it has been shared (California residents under CCPA)

To exercise any of these rights, contact us at [email protected]. We will respond within 45 days.

10. California Residents (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information. In the past 12 months, we have collected the categories of personal information described in Section 2, including identifiers (name, email, phone), geolocation data, internet activity data, and inferences drawn from voter file records.

We do not sell personal information as defined under the CCPA. You have the right to request disclosure of what personal information we collect and with whom it is shared, request deletion of your personal information, and not be discriminated against for exercising these rights.

To submit a CCPA request, email [email protected] with the subject line “CCPA Request.”

11. Children’s Privacy

Threshold is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 13 in compliance with the Children’s Online Privacy Protection Act (COPPA). If we become aware that we have collected data from someone under 13, we will take steps to delete that information promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the platform or sending an email to the address associated with your account. Your continued use of the platform after changes take effect constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: