Data Protection & Privacy Policy *Last Updated: June 4, 2025*
Our Commitment to Your Privacy
This document outlines how we collect, use, protect, and manage your personal information. We believe in transparency and your right to control your data. We do not sell, rent, or trade your personal information under any circumstances.
---
Table of Contents
1. Scope and application
2. Information Collection and Usage
3. Information Sharing and Disclosure
4. Your Privacy Rights
5. Data Security Measures
6. Data Retention and Deletion
7. International Data Transfers
8. Children's Privacy Protection
9. Policy Updates and Contact Information
---
1. Scope and Application
This privacy policy governs all services and products operated by Kingfisher35 LLC, including but not limited to: Lighthouse35, Forge35, Aspen35, Sierra35, Keystone35, and Horizon35 (collectively referred to as "our Services").
This policy covers our treatment of information related to website visitors, potential clients, active customers, and authorized service users. Throughout this document, these individuals are collectively referred to as "users" or "you."
**Important Distinction:** This policy does not govern data that our customers process through our Services on behalf of their own users. In such cases, we act as a data processor under the customer's instructions, and our obligations are defined in separate service agreements and data processing addendums.
End users of our customers' systems should direct privacy inquiries to the organization that provided their information to us.
California residents can find additional disclosures required by state law in our California Privacy Notice, accessible through our main website.
---
2. Information Collection and Usage
We operate under a principle of data minimization, collecting only information necessary to provide and improve our Services.
Account Information
During registration, we collect your name, email address, and organization details to establish your account, enable service personalization, and deliver important product communications. Profile images and preferences are optional additions to enhance your experience.
Financial Information
For paid services, we collect billing addresses and payment details. Credit card data is processed directly by our payment partners and never stored on our servers. We maintain transaction records (including masked card numbers) for billing support and fraud prevention.
Service Usage Data
We store content you create, upload, or manage within our platforms to enable core functionality. This includes projects, documents, and associated metadata necessary for service operation.
Location Information
IP addresses are logged for security monitoring and spam prevention. Our services may include optional location features for asset tracking and route coordination. GPS coordinates can be provided voluntarily for mapping functionality.
Digital Analytics and Tracking
We monitor website interactions to improve user experience and measure service performance. This includes browser specifications, page navigation patterns, loading times, and referral sources. For authenticated users, this data may be associated with account information until account closure.
Security and Fraud Prevention
CAPTCHA systems help protect against automated attacks by analyzing visitor behavior patterns, device characteristics, and interaction timing. We receive only risk assessment scores from these services, not the underlying analysis data.
Marketing and Advertising Technologies
We utilize cookies and similar technologies for preference storage, functionality enhancement, and performance testing. Third-party advertising platforms may receive anonymized engagement data to measure campaign effectiveness. Users can manage cookie preferences through browser settings, though some functionality may be affected.
User Communications
Support correspondence, survey responses, and voluntary feedback are retained to maintain service quality and communication history. Interview recordings require explicit consent and serve product development purposes.
Mobile Application Permission
Our mobile applications may request access to device features like contacts, calendar, or camera. All permissions are optional, and core functionality remains available without granting access to these features.
---
3. Information Sharing and Disclosure
Service Delivery and Operations
We engage carefully vetted third-party processors to support service delivery, including infrastructure providers, communication tools, and business operation services. Current processor listings are available on our website.
User-directed integrations (such as email service connections) may result in data sharing with chosen third-party platforms. Such integrations operate under the privacy policies of all involved services.
Access Controls and Monitoring
Human review of user content occurs only when necessary to resolve technical issues or investigate potential policy violations. We prioritize automated solutions and implement systematic improvements to minimize manual intervention.
Legal and Regulatory Compliance
We may disclose information when legally required through valid court orders, warrants, or subpoenas. Government data requests are carefully evaluated, and affected users are notified unless legally prohibited. International requests must follow established treaty procedures.
Data preservation requests are honored only when compelled by appropriate legal instruments. Preserved data is not disclosed without proper authorization and is destroyed at the end of required retention periods.
Business Transitions
In the event of merger, acquisition, or business transfer, affected users will receive advance notification before personal information becomes subject to different privacy terms.
---
4. Your Privacy Rights
We extend comprehensive privacy rights to all users regardless of location, including:
Information Transparency
You can learn what personal information we collect, how it's used, and whether it's shared with third parties.
Data Access
Request copies of your personal information and details about how it's processed, stored, and protected.
Correction Rights
Update or correct inaccurate personal information in your account or request corrections for data you cannot directly modify.
Deletion Rights
Request removal of your personal information, subject to legal retention requirements and service functionality needs.
Processing Restrictions
Limit how your information is used or processed, including opting out of marketing communications and data sales (which we don't engage in).
Data Portability
Export your information in standard formats or transfer it to other service providers.
Automated Decision-Making Protection
You have the right to object to and prevent decisions with legal or significant effects from being made solely through automated processes. This right has limited exceptions for contractual necessity, legal compliance, or explicit consent.
Non-Discrimination Guarantee
We do not charge different amounts, offer different discounts, or provide different service levels based on your exercise of privacy rights. However, exercising certain rights may affect service functionality.
Many rights can be exercised directly through your account settings. For requests requiring verification, we may need to confirm your identity through multiple factors depending on the sensitivity of the information involved.
**Privacy Rights Contact Information:**
- Email: privacy@kingfisher35.com
- Postal Mail: Kingfisher35 LLC, 885 Woodstock Road, Suite 430-237, Roswell, GA 30075-2274, USA
Authorized representatives must provide written consent with account holder signatures.
You may have the right to appeal our decisions regarding your privacy requests. Information about appeal procedures will be provided if a request is denied. EU and UK residents can contact their data protection authorities to file complaints or learn about local privacy laws.
---
5. Data Security Measures
We implement comprehensive security controls to protect your information:
- **Encryption:** All data transmissions use SSL/TLS encryption, and database backups are encrypted at rest
- **Access Controls:** Strict employee access limitations based on job requirements
- **Monitoring:** Continuous security monitoring and incident response procedures
- **Regular Audits:** Periodic security assessments and compliance reviews
- **Infrastructure Security:** Secure data centers with physical and environmental protections
- **Vulnerability Management:** Regular security testing and prompt patching procedures
Detailed security information is available in our Security Overview documentation.
Data Breach Notification
In the unlikely event of a security incident affecting personal information, we will notify affected users and relevant authorities within legally required timeframes, providing clear information about the incident and recommended protective actions.
---
6. Data Retention and Deletion
Information retention periods vary based on data type and legal requirements:
- **Account Data:** Maintained while your account remains active
- **Service Content:** Deleted within 90 days of account closure
- **Security Logs:** Retained for fraud prevention and security monitoring
- **Financial Records:** Kept as required by tax and accounting regulations
- **Communication Records:** Maintained for service quality and support purposes
- **Analytics Data:** Aggregated and anonymized for long-term trend analysis
Deleted content enters an inactive state to preserve data integrity for existing references before permanent removal. Account cancellation triggers complete data purging within 90 days unless legal obligations require longer retention
We may retain aggregated, anonymized, or de-identified information indefinitely for analytics and service improvement purposes.
---
7. International Data Transfers
Our primary infrastructure operates within the United States. Users outside the U.S. should understand that their information will be transferred to and processed in the United States under this privacy policy and applicable U.S. privacy laws.
We implement appropriate safeguards for international transfers, including:
- Contractual protections with service providers
- Compliance with applicable cross-border data transfer regulations
- Standard contractual clauses where required
- Adequacy decisions and certification programs where available
By using our Services, international users consent to the transfer of their information to the United States for processing and storage.
---
8. Children's Privacy Protection
Our Services are not designed for or directed toward children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take immediate steps to delete it.
For users between 13 and 18 years of age, we recommend parental or guardian involvement in account creation and management.
Parents or guardians who believe we may have collected information from a child under 13 should contact us immediately using the contact information provided in this policy.
**Age Verification:** We may implement age verification measures for certain services or features to ensure compliance with applicable age restrictions.
---
9. Policy Updates and Contact Information
This policy may be updated to reflect service changes, legal requirements, or operational improvements. Significant modifications will be communicated through:
- Updated timestamps at the top of this document
- Email notifications to subscribed users
- Prominent notices on our website
- In-app notifications for material changes
We encourage periodic review of this policy to stay informed about how we protect your information.
Questions and Concerns
For privacy-related questions, data rights requests, or policy concerns:
**Primary Contact:**
- Email: privacy@kingfisher35.com
- Response Time: Within 5 business days for most inquiries
**Alternative Contact Methods:**
- Postal Mail: Kingfisher35 LLC, 885 Woodstock Road, Suite 430-237, Roswell, GA 30075-2274, USA
Regulatory Contact Information
**Data Protection Officer:** Available upon request through privacy@kingfisher35.com
**EU Representative:** Contact information available upon request if applicable
**UK Representative:** Contact information available upon request if applicable
---
*This policy represents our commitment to protecting your privacy and maintaining transparent data practices. We encourage you to review it periodically and contact us with any questions or concerns.*
**Effective Date:** June 4, 2025
**Document Version:** 2.0