Privacy Studios Advisory LLC ("PrivacyStudios," "we," "us," or "our") explains here how we collect, use, disclose, and protect personal data when you visit privacystudios.com (the "Website"), receive our communications, attend our events, or use our services and tools. We act as a data controller when we decide why and how personal data is processed for our own purposes. This Policy forms part of our Terms of Use.
This Policy covers Website visitors and people who interact with our content, forms, and events. It does not apply to job applicants or our personnel, or where we act solely as a processor for a client — those situations are governed by notices or contracts specific to them.
We may update this Policy to reflect legal, technical, or business changes. The "Last updated" date indicates when changes took effect. When required, and if we have your contact details, we'll provide advance notice of material updates. Your continued use of the Website after an update applies on a prospective basis.
Privacy Studios Advisory LLC – Data Protection Officer
Submit a request via our on-site form: Data Privacy Request
We do not sell or share personal information for cross-context behavioral advertising, and have not done so in the past 12 months.
Legal bases vary by region and include legitimate interests, contractual necessity, consent (where required), and legal obligations.
We may disclose data to:
International transfers use appropriate safeguards (e.g., Standard Contractual Clauses for EEA/UK transfers).
We use cookies and similar tech to run the site, remember preferences, measure traffic, and improve content. Browser and on-site tools let you manage choices. Some browsers send "Do Not Track" signals; our site does not currently respond to DNT. For details please check our Cookie Notice.
We retain personal data only as long as needed for the purposes in this Policy and to meet legal/regulatory requirements. De-identified/aggregated data may be kept without time limit. Specific retention rules may apply for recruiting or contracts.
We use administrative, technical, and organizational measures designed to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. No method is perfectly secure. If you suspect misuse, contact legal@privacystudios.com.
This Website is intended for adults. We do not knowingly collect data from individuals under 18. If you believe a minor has provided data, contact us and we will delete it promptly.
Our Website/emails may link to external sites governed by their own privacy policies. Review those notices before sharing information; we are not responsible for their practices.
Subject to law and verification of identity, you may be able to:
Submit requests via our on-site Data Privacy Request form or email legal@privacystudios.com. We do not retaliate against people for exercising privacy rights.
Use the links above or email our DPO. Please tell us which right you wish to exercise and enough information for us to locate your records (e.g., the email you used with us). If you maintain an account with us, you can also review or correct certain data in your account settings.
We take reasonable steps to verify your identity before acting on a request. Where permitted, you may appoint an authorized agent to submit a request; we may request evidence of the agent's authority and information sufficient to verify your identity.
If we decline to take action on your request, you may appeal by replying to our decision email or by writing to legal@privacystudios.com with "Appeal" in the subject line. We will review and respond in writing within the timeframe required by applicable law. If you remain dissatisfied, you may contact your state Attorney General or relevant data protection authority.
Where required by law, we treat a browser-based Global Privacy Control (GPC) signal as a request to opt out of "sale"/"sharing" (targeted advertising) for that browser. Our site does not currently respond to Do-Not-Track (DNT) signals.
This summary applies to U.S. residents in states with comprehensive privacy laws and complements Sections 14 and 16 (California).
Our program aims to apply the strongest relevant protection consistently across states.
| Category | Sources | Purposes | Recipients |
|---|---|---|---|
| Identifiers & contact details (name, email, phone, company, role) | You; event signups; website forms | Responding to inquiries; delivering content; administering events; security/fraud prevention | Service providers; professional advisors |
| Commercial & interaction data (downloads, registrations, site usage) | You; automatic collection; event tools | Operate, secure, and improve our site and services; non-intrusive communications you can opt out of | Service providers (analytics, hosting, email) |
| Content you submit (messages, support requests) | You | Answer questions; provide support; maintain records | Service providers; professional advisors |
| Event media (webinar recordings) | You; event platforms | Provide event access; share recordings with registrants; improve event quality | Service providers (event hosting) |
We do not sell personal information and we do not "share" personal information for cross-context behavioral advertising.
PrivacyStudios does not intentionally collect sensitive categories in our normal operations. If a project or legal requirement ever necessitates limited processing, we will only use or disclose such information for the narrow, permitted purposes in the statute.
Submit a request via our on-site Data Privacy Request form or email legal@privacystudios.com. We take reasonable steps to verify the request.
We generally respond within 45 days of receiving a verifiable request. If we need more time (up to an additional 45 days), we will let you know. We do not charge a fee unless a request is excessive or repetitive as defined by law.
We will not deny goods or services, charge different prices, or provide a different level of service because you exercised your CCPA/CPRA rights.
We do not offer financial incentive programs tied to the sale or sharing of personal information.
For Website operations and communications described in this Policy, PrivacyStudios acts as the controller. For client projects where we act on instructions, we are a processor and the client's privacy terms apply.
| Purpose | Personal Data | Legal Basis | Retention |
|---|---|---|---|
| Respond to inquiries | Identifiers, contact, message content, organization, role | Legitimate interests (Art. 6(1)(f)) | As needed to address request; archived if required by law |
| Email subscriptions & newsletters | Email, preferences, interaction data | Consent (Art. 6(1)(a)) or legitimate interests (Art. 6(1)(f)) | Duration of subscription; unsubscribe any time |
| Events and webinars | Registration details, access logs, session questions, recordings | Contract (Art. 6(1)(b)); legitimate interests | Event lifecycle and limited post-event period |
| Site operation, analytics, security | Technical/usage data, cookies | Legitimate interests (Art. 6(1)(f)); consent for non-essential cookies | Cookie/log durations; de-identified data may be retained longer |
| Contracting | Contact, company info, proposal history, billing contacts | Contract (Art. 6(1)(b)); legal obligation (Art. 6(1)(c)) | Contract term plus statutory limitation periods |
| Compliance, legal claims, fraud prevention | Identifiers, transactional records, logs | Legal obligation (Art. 6(1)(c)); legitimate interests (Art. 6(1)(f)) | As required by law and for duration of claims/defense |
When personal data is transferred outside the EEA/UK, we implement appropriate safeguards such as the European Commission's Standard Contractual Clauses. Contact legal@privacystudios.com for details.
We maintain administrative, technical, and organizational measures to protect personal data. Access is limited to personnel and providers who need it under binding obligations.
Non-essential cookies are used only with your consent, which you can withdraw at any time via your browser or our on-site controls. Withdrawing consent does not affect processing carried out before withdrawal.
Subject to conditions in Articles 12–23 GDPR, you have the right to access, rectify, erase, restrict, object, obtain portability for certain data, and withdraw consent where relied upon.
You have the right to lodge a complaint with your local supervisory authority (e.g., the CNIL in France, the DPC in Ireland, or the ICO in the UK). We invite you to contact our DPO first at legal@privacystudios.com so we can address your concerns quickly.
Supplemental information for residents of U.S. states with comprehensive privacy laws. If any term below conflicts with the general sections, this addendum controls for residents of that state.
These provisions apply to residents of: Virginia (VCDPA), Colorado (ColoPA), Connecticut (CTDPA), Utah (UCPA), Delaware (DPDPA), Oregon (OCPA), Texas (TDPSA), Iowa (Iowa CDPA), Indiana (Indiana CDPA), Tennessee (TIPA), Montana (MCDPA), Kentucky (KCDPA), Nebraska (NDPA).
PrivacyStudios applies a unified compliance framework designed to meet or exceed the strongest of these state standards across U.S. operations.