Privacy Policy
Last updated: January 2025
1. Introduction
At Shane.Agency ("we," "us," or "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.
2. Information We Collect
2.1 Personal Information
- Name and contact information
- Email address
- Phone number
- Business information
- Website URLs
- Payment information
2.2 Technical Information
- IP address
- Browser type and version
- Device information
- Operating system
- Usage patterns and preferences
3. Analytics and Tracking
We use various analytics tools and technologies, including:
- Google Analytics
- HotJar
- Microsoft Clarity
- Custom event tracking
These tools help us understand how users interact with our services and improve user experience.
4. Cookies and Similar Technologies
We use cookies and similar tracking technologies to:
- Remember your preferences
- Analyze site usage
- Personalize content
- Improve user experience
- Measure marketing effectiveness
5. How We Use Your Information
- Provide and improve our services
- Communicate with you
- Process payments
- Send marketing communications (with consent)
- Analyze and improve our website
- Comply with legal obligations
6. Detailed Data Processing Information
6.1 Data Collection Methods
- Direct user input through forms and communications
- Automated collection through cookies and tracking tools
- Third-party integrations (payment processors, analytics providers)
- Server logs and technical data collection
- Client project information and documentation
6.2 Processing Operations
We process your data through the following operations:
- Collection: Gathering data through forms, analytics, and user interactions
- Storage: Secure cloud storage with encryption at rest and in transit
- Analysis: Processing data to improve services and user experience
- Transfer: Sharing with authorized third-party service providers
- Deletion: Removing data upon request or after retention period
6.3 Data Retention Periods
- Active client data: Duration of service plus 2 years
- Marketing communications data: 3 years from last interaction
- Analytics data: 26 months
- Financial records: 7 years (legal requirement)
- Backup data: 30 days rolling retention
6.4 Technical Security Measures
-
Encryption:
- TLS 1.3 for data in transit
- AES-256 encryption for data at rest
- End-to-end encryption for sensitive communications
-
Access Control:
- Role-based access control (RBAC)
- Multi-factor authentication (MFA)
- Regular access reviews and logging
-
Monitoring:
- 24/7 security monitoring
- Intrusion detection systems
- Regular security audits
6.5 Data Processing Locations
Your data is processed in the following locations:
- Primary processing: United States (AWS US-East)
- Backup locations: United States (AWS US-West)
- Analytics processing: United States and Ireland
- Content Delivery: Global CDN with primary nodes in:
- North America (US, Canada)
- Europe (Germany, Ireland)
- Asia Pacific (Singapore, Japan)
6.6 Third-Party Processors
We use the following key third-party processors:
- Amazon Web Services (AWS) - Cloud infrastructure
- Google Analytics - Website analytics
- Stripe - Payment processing
- SendGrid - Email communications
- HubSpot - Customer relationship management
7. Data Sharing and Third Parties
We may share your information with:
- Service providers (hosting, analytics, payment processing)
- Business partners (with your consent)
- Legal authorities (when required by law)
We do not sell your personal information to third parties.
8. Your Rights and Choices
You have the right to:
- Access your personal information
- Correct inaccurate data
- Request deletion of your data
- Opt-out of marketing communications
- Disable cookies and tracking
9. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place through:
- Standard contractual clauses
- Data processing agreements
- Compliance with international data protection laws
10. GDPR Compliance
For users in the European Economic Area (EEA), we comply with GDPR requirements:
10.1 Legal Basis for Processing
- Contract: Processing necessary for contracts or services
- Consent: Processing based on explicit consent
- Legal Obligations: Compliance with EU/member state law
- Legitimate Interests: Business operations and improvements
10.2 Additional Rights Under GDPR
- Right to be forgotten (erasure)
- Data portability
- Restriction of processing
- Object to processing
- Withdraw consent at any time
10.3 Data Protection Officer
Our Data Protection Officer can be contacted at [email protected]
11. CCPA Compliance
For California residents, we comply with the California Consumer Privacy Act (CCPA):
11.1 California Privacy Rights
- Right to know what personal information is collected
- Right to know whether personal information is sold or disclosed
- Right to say "no" to the sale of personal information
- Right to access your personal information
- Right to equal service and price
11.2 CCPA Information Requests
In the past 12 months:
- Categories of information collected: identifiers, commercial information, internet activity
- Sources: directly from users, automated collection, third-party services
- Purpose: as described in "How We Use Your Information"
- No sale of personal information
To exercise your CCPA rights, contact us using the information in our Contact section or call 1-800-XXX-XXXX.
12. Contact Us
For privacy-related inquiries or to exercise your rights, contact us at:
- Email: [email protected]
- Address: San Diego, CA 92101, USA
13. Updates to This Policy
We may update this Privacy Policy periodically. The latest version will be posted on this page with the "Last updated" date.