Privacy Policy

We aim to collect only the information we need. The categories of personal information we may collect are:

• Information you provide directly: when you reach out to us — for example, through an email link on the Site or a contact form — we receive your email address and whatever you choose to include, such as your name, company, role, phone number, and the details of your inquiry. If you become a client, we collect the additional information needed to provide our services and administer the engagement.
• Usage and device data: when you visit, our hosting and infrastructure providers automatically record standard technical information, such as your IP address, browser type and settings, device and operating-system details, language preferences, referring and exit pages, the pages and resources you request, and the dates and times of your visits.
• Analytics data: if we have enabled analytics, our analytics provider collects aggregated, statistical information about how visitors use the Site — for example, which pages are viewed and general engagement patterns — typically using cookies or similar technologies.
• Cookies and similar technologies: small data files and identifiers stored on or read from your device, described in Section 4 below.

We use the personal information we collect to:

• Respond to your inquiries, provide the information you request, and communicate with you;
• Provide, perform, and administer our services and any client engagement, including billing;
• Operate, maintain, secure, debug, and improve the Site and our business;
• Understand aggregate usage and trends where analytics is enabled;
• Protect against, investigate, and deter fraud, abuse, security incidents, and unauthorized activity; and
• Comply with legal obligations, enforce our Terms of Service, and establish, exercise, or defend legal claims.

If you are in the European Economic Area (EEA) or the United Kingdom, we process your personal information only where we have a lawful basis to do so. Depending on the circumstances, those bases are:

• Consent — where you have given consent, for example to optional analytics cookies; you may withdraw consent at any time without affecting processing carried out beforehand;
• Contract — where processing is necessary to take steps at your request before entering into a contract, or to perform a contract with you;
• Legitimate interests — where processing is necessary for our legitimate interests, such as operating and securing the Site, responding to inquiries, and improving our services, provided those interests are not overridden by your rights and freedoms; and
• Legal obligation — where we must process information to comply with applicable law.

Cookies are small text files placed on your device; similar technologies include pixels, tags, and browser local storage. We use them sparingly, in two categories:

• Strictly necessary: cookies and storage required for the Site to load, function, and remain secure. These cannot be switched off through the Site.
• Analytics and performance: where analytics is enabled, these help us understand, in aggregate, how the Site is used so we can improve it. Where the law requires it, we load these only with your consent.

Most browsers let you block or delete cookies through their settings; doing so may affect how parts of the Site work. Where a consent mechanism is presented, you can review or change your choices through it at any time. We do not use cookies for cross-context behavioral advertising.

Because there is no common industry standard for browser “Do Not Track” (DNT) signals, the Site does not currently respond to them. Where required by law, we treat a recognized opt-out preference signal, such as the Global Privacy Control (GPC), as a valid request to opt out for the browser or device from which it is sent.

We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We disclose personal information only in the limited circumstances below, and we identify our providers by category rather than by name because specific vendors may change over time. In each case we require appropriate confidentiality and data-protection safeguards.

• Service providers and processors that perform services on our behalf, including a website hosting and infrastructure provider, an email and productivity provider that handles our correspondence with you, an analytics provider (only if analytics is enabled), and a payment processor (for clients, to handle billing);
• Professional advisors, such as accountants, auditors, and lawyers, where reasonably necessary;
• Parties to a business transfer, if we are involved in a merger, acquisition, financing, reorganization, or sale of assets, in which case information may be transferred subject to this Policy; and
• Authorities or other parties where we reasonably believe disclosure is necessary to comply with law or legal process, respond to lawful requests, enforce our agreements, or protect the rights, property, or safety of Drift Line, our clients, or others.

We keep personal information only for as long as necessary for the purposes described in this Policy, including to respond to you, provide and administer services, maintain business and financial records, and meet legal, tax, accounting, and dispute-resolution requirements.

For example, we retain email correspondence for as long as needed to handle your inquiry and for our legitimate record-keeping, after which we delete or anonymize it. Aggregate analytics data is retained according to our analytics provider's standard settings. When information is no longer needed, we delete it or render it anonymous.

We use reasonable administrative, technical, and organizational measures designed to protect personal information against loss, misuse, and unauthorized access, disclosure, or alteration — for example, encryption in transit, access controls, and minimizing the information we collect.

No website, transmission method, or storage system is completely secure, however, so we cannot guarantee absolute security. Please use care in deciding what information you send us, and avoid including sensitive information (such as government identifiers or financial-account details) in email.

We operate from the United States, and our service providers may process information in the United States and other countries. If you access the Site from outside the United States, your information may be transferred to, stored in, and processed in the United States and elsewhere, where data-protection laws may differ from those in your jurisdiction.

Where we transfer personal information from the EEA, the UK, or Switzerland to a country that has not been recognized as providing an adequate level of protection, we rely on an appropriate transfer mechanism, such as the European Commission's Standard Contractual Clauses (together with the UK International Data Transfer Addendum, where applicable). You may contact us for more information about these safeguards.

Depending on where you live, you may have rights over your personal information. We honor the rights that apply to you and will not discriminate against you for exercising them. The two frameworks most likely to apply are summarized below; we extend comparable choices to others where practical.

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA), gives you the following rights, subject to certain exceptions:

• Right to know the categories and specific pieces of personal information we have collected, the sources, the purposes for collecting it, and the categories of third parties to whom we disclose it;
• Right to delete personal information we have collected from you;
• Right to correct inaccurate personal information we maintain about you;
• Right to opt out of the “sale” or “sharing” of personal information — we do not sell or share personal information as those terms are defined under California law;
• Right to limit the use of sensitive personal information — we do not collect sensitive personal information through the Site for the purpose of inferring characteristics; and
• Right to non-discrimination for exercising any of these rights.

In the preceding twelve months, we have collected the categories of personal information described in Section 1 — namely identifiers (such as name, email address, and IP address), customer and commercial records (such as the contents of your inquiry and, for clients, billing information), and internet or other electronic network activity (such as usage and analytics data). We collect this information from you directly and automatically through your use of the Site, and we disclose it to the categories of service providers described in Section 6 for the business purposes described in Section 2.

We have not sold or shared personal information, and we have no actual knowledge of selling or sharing the personal information of consumers under 16 years of age. You may submit a request through an authorized agent; in that case we may require proof of the agent's authorization and verification of your identity.

If you are in the EEA or the UK, the General Data Protection Regulation and the UK GDPR give you the following rights, subject to conditions and exemptions in the law:

• Access — to obtain confirmation of, and a copy of, the personal information we hold about you;
• Rectification — to have inaccurate or incomplete information corrected;
• Erasure — to have your information deleted in certain circumstances;
• Restriction — to limit how we process your information in certain circumstances;
• Portability — to receive certain information in a structured, commonly used, machine-readable format and to have it transmitted to another controller where technically feasible;
• Objection — to object to processing based on our legitimate interests, and to object to direct marketing at any time; and
• Withdraw consent — where we rely on consent, to withdraw it at any time without affecting prior processing.

To make a request, email us at support@driftline.biz with enough detail for us to understand and respond to it. To protect your information, we will take reasonable steps to verify your identity before acting, which may involve asking you to confirm details we already hold; we use information provided in a request only to verify and respond to it.

We will respond within the timeframe required by applicable law — generally within 45 days under the CCPA/CPRA (extendable as permitted) and within one month under the GDPR/UK GDPR (extendable for complex requests). There is normally no fee, although we may charge a reasonable fee or decline a request that is manifestly unfounded, excessive, or repetitive, as permitted by law. If we cannot fully honor a request, we will explain why. If you are in the EEA or the UK, you also have the right to lodge a complaint with your local data-protection supervisory authority, though we would welcome the opportunity to address your concerns first.

The Site and our services are intended for businesses and the adults who operate them. They are not directed to children, and we do not knowingly collect personal information from children under 16 (or the minimum age required in your jurisdiction). If you believe a child has provided us with personal information, please contact us and we will take appropriate steps to delete it.

The Site may link to third-party websites or services that we do not operate or control. This Policy does not apply to those third parties, and we are not responsible for their content or privacy practices. We encourage you to review the privacy policy of any site you visit.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we do, we will post the revised version on this page and update the “Last updated” date above. If we make material changes, we will take reasonable steps to provide additional notice where appropriate, such as a more prominent notice on the Site. Changes take effect when posted, and your continued use of the Site afterward constitutes acceptance of the updated Policy. We encourage you to review this page periodically.

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle personal information, contact Drift Line Holdings LLC at support@driftline.biz, or by mail at 5830 E 2nd St, Ste 7000 #36456, Casper, Wyoming 82609. For the purposes of applicable data-protection law, Drift Line Holdings LLC is the controller of personal information processed in connection with the Site.