Data Security & Governance

Effective Date: February 19, 2026 | Last Updated: February 19, 2026

GoPiperGo LLC takes the security of your data seriously. Our platform is built on enterprise-grade infrastructure with security at every layer. This page summarizes how we protect the data entrusted to us by our agent clients and their leads.

1. Encryption

All data transmitted between our systems, third-party services, and end users is protected by TLS 1.2 or higher. This applies to every communication channel including SMS delivery, AI processing, database connections, calendar integrations, and CRM webhook deliveries.

All persistent data stored in our database is protected by AES-256 encryption at rest, managed by our cloud infrastructure provider. Database backups are also encrypted.

2. AI Data Protections

Our AI processing operates in a zero-data-retention configuration. Conversation data sent to our AI provider for processing is:

Not stored by the AI provider beyond the duration of the request
Not used to train or improve any AI models
Transmitted exclusively via encrypted connections

Each agent's lead conversations are logically isolated at the database level. One agent cannot access another agent's data, conversation histories, or records.

3. Access Controls

Our platform enforces strict access controls at every level. Database access is restricted via row-level security policies. Administrative access requires authenticated credentials. API keys and service credentials are stored as encrypted environment variables and are never exposed in logs, error messages, or client-facing code.

4. Infrastructure Partners

We build on trusted, industry-leading infrastructure providers that maintain SOC 2, ISO 27001, and other recognized security certifications. All partners are contractually bound to data protection standards consistent with our own policies.

5. Compliance by Design

The GoPiperGo platform is designed from the ground up for regulatory compliance:

TCPA compliant — opt-in/opt-out enforcement, quiet hours, DNC scrubbing, and full audit trails
A2P 10DLC registered — all messaging through carrier-approved channels
Fair Housing compliant — zero protected-class variables in AI processing (see our Fair Housing Compliance page)
Full audit trail — every conversation, escalation, and system action is logged with timestamps for compliance verification

6. Data Retention & Purging

We retain operational data only as long as necessary for service delivery and compliance. Key retention periods include:

Active lead data — retained during active engagement plus 90 days after the lead is archived or opts out
Completed transactions — conversation data purged 90 days after close, provided the agent has exported to their CRM
Compliance records — opt-in/opt-out logs retained for 4 years as required by federal regulation
Inactive nurture leads — purged 180 days after the final contact attempt with no response

Agents may request earlier purging of specific lead data at any time by contacting support@gopipergo.com.

7. Account Deletion

When an agent cancels their subscription, we follow a clear data removal process:

Days 1–30: Grace period for the agent to export all lead data, conversations, and records via CRM integration or data export tools
Day 30: All third-party authorization tokens are immediately revoked
Days 30–44: All operational data permanently deleted from our systems
Day 44+: Agent receives written confirmation of data removal
4 years: Compliance audit logs reach end of required retention and are purged

8. Incident Response

In the event of a security incident, GoPiperGo will immediately isolate affected systems, assess the scope within 24 hours, notify affected clients within 72 hours of a confirmed breach, and notify regulatory authorities as required by law. We conduct post-incident reviews and implement additional safeguards as needed.

9. Website Security

The gopipergo.com website is protected by enterprise-grade security headers, DDoS protection, bot mitigation, automatic HTTPS enforcement, and a strict Content Security Policy that limits script and resource loading to approved origins.

Need More Detail?

We maintain a comprehensive technical security document covering our full infrastructure architecture, encryption implementation, and data governance procedures. If you're a brokerage compliance officer, IT professional, or need detailed technical specifications for vendor review, contact us at support@gopipergo.com and we'll send it over.

10. Contact

For questions about our data security practices or to report a security concern:

GoPiperGo LLC
Email: support@gopipergo.com
Phone: (919) 278-7202
Fuquay-Varina, NC 27526