Privacy Policy

Last Updated: 01/07/2025

Get Gifted Creative Agency (“Get Gifted Creative Agency”, “we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and protect information about you when you visit our website at getgiftedagency.com, contact us, or use our services.
By using our website or services, you acknowledge that you have read and understood this Privacy Policy. This policy is intended to meet the requirements of the EU General Data Protection Regulation (“GDPR”) and the California Online Privacy Protection Act (“CalOPPA”).

1. Who we are and contact details

   
   Business name: Get Gifted Creative Agency
   Business type: Design and branding agency for financial advisors and registered investment advisors (RIAs)
   Address: 4868 Cypress St, Unit 236, Montclair, CA 91763
   Phone: (951) 525-2267
   Email: Louis.Guajardo34@gmail.com
   Website: getgiftedagency.com

   
   If you have any questions about this Privacy Policy or how we handle your data, you can contact us at the email, address, or phone number listed above.

   
   If you are in the EU/EEA or UK, you also have the right to lodge a complaint with your local data protection authority.

   
   

2. Personal data we collect

   
   We may collect the following categories of personal Information you provide directly

   
   • Name, business name, job title, and professional role.
   • Email address, phone number, and mailing address.
   • Content of messages you send via contact forms, email, or phone.
   • Project-related information you provide (brand details, website links, creative briefs, and other materials relevant to your design and branding needs).
   • Account information if we enable client portals or collaboration spaces.
   • Information collected automatically
   • IP address, browser type, device identifiers, operating system, and general location (country/city).
   • Pages visited, time and date of visits, referral URLs, and other usage data.
   • Cookies, pixels, and similar technologies used for analytics and basic functionality.
   • Information from third parties
   • Basic business and contact data from professional networks, public websites, and lead generation tools.
   • Analytics information from service providers (for example, website analytics and advertising platforms) in aggregated or pseudonymous form.
   
   

   We generally do not collect sensitive personal data (such as information about health, race, or political opinions). If providing project content could expose sensitive information about you or your clients, you should remove or anonymize such content before sharing it with us.

   
   

3. How and why we use personal data (lawful bases)
   
   

   Where GDPR applies, we rely on one or more of the following lawful bases to process your personal

   
   • Performance of a contract
   • To respond to your inquiries and requests.
   • To provide design and branding services and manage our client relationship.
   • To send service-related communications (project updates, invoices, account notices).
   • Legitimate interests
   • To manage and improve our website, services, and user experience.
   • To protect our business, prevent fraud, and maintain security.
   • To send limited, relevant marketing communications to existing or potential business clients, where permitted.
   • To understand how visitors use our website for analytics and business planning.
   • Consent
   • Where required by law for certain marketing communications or cookies/trackers.
   • Where you voluntarily provide information and consent to specific uses.
   • You can withdraw your consent at any time by contacting us or using opt-out mechanisms in our communications (where applicable).
   • Legal obligations
   • To comply with applicable laws, regulations, tax, and accounting requirements.
   • To respond to lawful requests from public authorities.

   
   

4. How we use your information
   
   

   We use the personal data described above for purposes such as:

   
   • Providing and managing our design and branding services for financial advisors and RIAs.
   • Communicating with you about your inquiries, projects, proposals, and contracts.
   • Creating and managing client accounts, files, and project assets.
   • Operating, maintaining, and improving our website and services.
   • Analyzing site traffic and usage trends to optimize our content and offerings.
   • Sending occasional updates, content, or offers about our services where allowed.
   • Preventing, detecting, and responding to potential fraud, security incidents, or other harmful activity.
   • Complying with legal, regulatory, and contractual obligations.

   
   

5. Cookies and similar technologies
   
   

   Our website may use cookies and similar technologies (such as pixels or local storage) to:

   
   • Enable basic site functionality and security.
   • Remember your preferences.
   • Perform analytics and aggregate reporting on site usage.

   
   Where required by law, we will request your consent for non-essential cookies. You can manage cookie preferences through your browser settings, but disabling certain cookies may affect website functionality.

   
   

6. Do Not Track (CalOPPA disclosure)
   
   

   Some browsers offer a “Do Not Track” (“DNT”) feature that signals to websites that you do not want to be tracked. There is currently no uniform standard regarding how websites should respond to DNT signals. At this time, our website does not respond to DNT browser signals. We may update this Privacy Policy if that changes.

   
   

7. How we share personal data
   
   

   We do not sell your personal information. We may share personal data in the following situations:

   
   • Service providers
   • With third-party vendors who perform services on our behalf (for example, hosting providers, email service providers, analytics providers, project management tools, and payment processors).
   • These providers may only use your data as necessary to perform their services for us and must handle it securely.
   • Business partners and advisors
   • With professional advisors such as lawyers, accountants, or consultants where necessary to operate our business or protect our rights.
   • Legal and compliance
   • When required to comply with applicable law, regulation, legal process, or governmental request.
   • When necessary to enforce our agreements, protect our rights, safety, or property, or the rights, safety, or property of others.
   • Business transfers
   • In connection with a merger, acquisition, reorganization, sale of assets, or similar business transaction, your information may be transferred as part of the transaction, subject to appropriate safeguards.

   
   

8. International data transfers
   
   

   Our business is based in the United States, and your data may be stored or processed in the U.S. or other countries. Where GDPR applies and personal data is transferred out of the EU/EEA or UK, we will take appropriate steps to ensure an adequate level of data protection, such as using standard contractual clauses or other lawful transfer mechanisms, to the extent required by law.

   
   

9. Data retention
   
   

   We retain personal data only for as long as reasonably necessary to:

   
   • Fulfill the purposes described in this Privacy Policy.
   • Provide our services and maintain client relationships.
   • Comply with legal, tax, and accounting requirements.
   • Resolve disputes and enforce our agreements.
   
   

   Retention periods may vary depending on the type of data and our legal obligations. When data is no longer needed, we will delete or anonymize it in a secure manner, unless we are legally required or permitted to keep it longer.

   
   

10. Security
    
    

    We use reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or alteration. These measures may include:

    
    • Use of secure hosting providers and encrypted connections (HTTPS).
    • Access controls and authentication for systems where personal data is stored.
    • Limiting access to personal data to personnel and service providers with a legitimate need to know.
    
    

    However, no method of transmission over the internet or electronic storage is completely secure. You use the website and services at your own risk and should take appropriate precautions to protect your information.

    
    

11. Your rights under GDPR (EU/EEA/UK residents)
    
    

    If GDPR applies to you, you may have the following rights regarding your personal data, subject to certain conditions and exceptions:

    
    • Right of access: To obtain confirmation of whether we process your data and to receive a copy.
    • Right to rectification: To ask us to correct inaccurate or incomplete data.
    • Right to erasure: To request deletion of your data in certain circumstances.
    • Right to restriction of processing: To request that we limit processing in certain cases.
    • Right to data portability: To receive your data in a structured, commonly used, machine-readable format and transmit it to another controller where technically feasible.
    • Right to object: To object to processing based on legitimate interests or direct marketing.
    • Right to withdraw consent: Where processing is based on consent, you can withdraw that consent at any time.
    
    

    To exercise any of these rights, please contact us at Louis.Guajardo34@gmail.com with a clear description of your request and enough information to verify your identity.
    You also have the right to lodge a complaint with your local data protection authority if you believe that we have not complied with applicable data protection laws.

    
    

12. California privacy rights (CalOPPA)

    
    

    If you are a California resident, CalOPPA requires that:

    
    • You must be informed about the categories of personal information that are collected and the categories of third parties with whom that information may be shared.
    • You must be able to see and update certain personal information.
    • You must be informed about how we respond to Do Not Track signals (see Section 6 above).

    
    You may contact us at Louis.Guajardo34@gmail.com to:

    
    • Request information about the personal data we hold about you.
    • Request corrections or updates to your information.
    • Request deletion of certain personal information, subject to legal and contractual obligations.

    
    We will not discriminate against you for exercising your privacy rights.

    
    

13. Children’s privacy
    
    

    Our website and services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If you believe that a child under 13 has provided us with personal information, please contact us at Louis.Guajardo34@gmail.com, and we will take steps to delete such information as required by law.

    
    If you are located in the EU/EEA or UK, we do not knowingly collect personal data from children under the age at which consent is required under local law without appropriate parental or guardian consent.

    
    

14. Third-party links
    
    

    Our website may contain links to third-party websites, tools, or services that are not controlled by Get Gifted Creative Agency. This Privacy Policy does not apply to those third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

    
    

15. Changes to this Privacy Policy
    
    

    We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other factors. When we make changes, we will revise the “Last updated” date at the top of this page. Your continued use of our website or services after any changes are posted constitutes your acceptance of the updated policy.
    If we make material changes, we may provide additional notice, such as by email or a prominent notice on our website, where required by law.

    
    If you’d like, the next step can be tailoring this to your exact tech stack (e.g., analytics, CRM, email tools) and adding any jurisdiction-specific notices (like CCPA/CPRA wording) based on how Get Gifted Creative Agency actually processes client and prospect data.