Privacy Policy

Last updated: August 28, 2025

This Privacy Policy explains how [Agency Name] ("we", "us", or "our") collects, uses, shares, and safeguards personal information when you visit [Website URL], interact with our ads, complete our forms, or use our services (together, the "Services").

GDPR CCPA/CPRA PIPEDA/CASL Your Privacy Choices

1. Scope & Who We Are

This policy applies to [Agency Legal Name] doing business as [Agency Name], located at [Business Address, City, Region, Country]. It covers personal information processed in connection with our marketing services for clients and our own business operations.

This template is provided for general informational purposes and is not legal advice. Please consult a qualified attorney to adapt it to your situation.

2. Data We Collect

Depending on how you interact with us, we may collect:

  • Identifiers & Contact — name, email, phone number, postal address, company, job title, account IDs or handles.
  • Commercial Info — inquiries, service interests, proposals, contracts, invoices, purchase history.
  • Usage & Device Data — pages viewed, links clicked, time on page, IP address, cookie IDs, advertising IDs, browser and device information, approximate location.
  • Lead & Campaign Data — form submissions, ad interactions, campaign source/medium, UTM parameters, CRM notes.
  • Communications — emails, chat messages, support requests, call recordings (where permitted and disclosed).
  • Preference Data — marketing preferences, cookie choices.
  • Client Content — assets and data you share with us to perform services (e.g., contact lists with consent, creative briefs, analytics exports).
  • Sensitive/Restricted — we do not seek to collect sensitive personal data (e.g., health, precise geolocation) unless you instruct us in writing and applicable law allows it with appropriate safeguards.

3. Where We Get Data

  • Directly from you via our website forms, chat, phone/SMS, email, events, or when you purchase our services.
  • Automatically through cookies, pixels, tags, and similar technologies when you visit our website or interact with our campaigns.
  • From clients and partners who share contact lists or audience segments with appropriate permissions.
  • From platforms & providers such as Google, Meta, LinkedIn, TikTok, HubSpot, Salesforce, Mailchimp, Twilio, Google Analytics/Tag Manager, Hotjar, and similar tools we use to run campaigns and measure performance.
  • Public & third-party sources such as social networks, data enrichment providers, or public records, consistent with law.

4. How We Use Data

  • Provide, operate, secure, and improve our Services.
  • Respond to inquiries, provide proposals, onboard and support clients.
  • Plan, execute, and measure advertising and marketing campaigns.
  • Personalize content and ads, create audience segments, and perform remarketing/retargeting.
  • Send marketing communications (with consent or as permitted by law) and honor opt-outs.
  • Monitor usage, debug, prevent fraud/abuse, and ensure platform integrity.
  • Comply with legal obligations, enforce terms, and protect rights.

6. How We Share Data

We may share personal information with:

  • Service providers & processors who help us run our Services (see Appendix A).
  • Advertising & analytics partners to serve and measure ads, and to build audiences.
  • Clients (when we manage campaigns on their behalf and data sharing is necessary).
  • Professional advisors (lawyers, accountants), authorities, or where required by law.
  • Business transfers in connection with a merger, acquisition, financing, or sale of assets.

We do not sell personal information as the term is commonly understood. Where the CPRA or similar laws define "sell" or "share" to include certain advertising disclosures, we will honor your right to opt out. See Your Privacy Choices.

7. Advertising, Analytics & Cookies

We use cookies and similar technologies to operate our site and measure marketing effectiveness. Where required, we request your consent. You can update your preferences at any time using the button below.

Cookie Preferences

Online Advertising

We may work with platforms such as Google Ads, Meta (Facebook/Instagram), LinkedIn, TikTok, and other partners to show ads, perform conversion tracking, and create lookalike or custom audiences. You can use platform-provided controls to manage ad settings.

Do Not Track / Global Privacy Control (GPC)

Our site honors applicable browser-level Global Privacy Control signals as an opt-out of sales/sharing for cross-context behavioral advertising where required.

8. AI & Automated Decision‑Making

We may use AI-assisted tools (e.g., for content generation, analytics insights, lead scoring) provided by reputable vendors. Where these tools process personal information, we do so under appropriate contracts and safeguards. We do not use automated decision-making that produces legal or similarly significant effects without meaningful human review.

9. Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Policy, including to comply with legal, accounting, or reporting requirements, and then delete or de-identify it according to our retention schedule.

10. Security

We implement administrative, technical, and physical safeguards designed to protect personal information. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

11. Children

Our Services are not directed to children under 13 (or under 16 where applicable). We do not knowingly collect personal information from children.

12. Your Choices & Rights

You may have rights under applicable law, which can include:

  • Access, correction, update, or deletion of your personal information.
  • Portability (receive a copy in a usable format).
  • Restriction or objection to certain processing.
  • Withdraw consent where processing is based on consent.
  • Opt out of targeted advertising, cross-context behavioral advertising, or profiling where permitted.
  • Opt out of marketing emails or SMS by using unsubscribe links or replying STOP (for SMS).

How to exercise: Email us at [privacy@agency.com] or use our request form: [Data Subject Request URL]. We may verify your identity before responding.

Authorized agents (California): You may designate an authorized agent to submit requests on your behalf, subject to verification.

Do Not Sell or Share My Personal Information: If applicable, use the opt-out link or send a GPC signal in your browser.

13. Region‑Specific Notices

EEA/UK (GDPR)

  • Controller: [Agency Legal Name], [Address], [Contact Email].
  • Data Protection Officer (if appointed): [DPO Contact].
  • Complaints: You can complain to your local supervisory authority. See EDPB list.

Canada (PIPEDA) & CASL

  • We obtain consent for marketing and respect CASL requirements for commercial electronic messages.
  • To withdraw consent for email/SMS marketing, use the unsubscribe link or reply STOP.
  • Questions or complaints may be directed to our Privacy Officer at [privacy@agency.com].

California (CCPA/CPRA)

  • Categories of personal information collected are described in Sections 2–3.
  • We may disclose personal information for business purposes to service providers (Section 6) and engage in cross‑context behavioral advertising (Section 7). You have the right to opt out as described in Section 12.
  • We do not knowingly sell or share information of consumers under 16.

Other U.S. State Laws

Depending on your state (e.g., Virginia, Colorado, Connecticut, Utah), you may have similar rights to access, delete, correct, or opt out of targeted advertising or profiling. Use the methods in Section 12 to exercise rights.

14. International Transfers

We may transfer personal information to countries other than where it was collected. Where required, we use appropriate safeguards (e.g., SCCs) and ensure service providers commit to adequate protections.

15. Changes

We may update this Policy from time to time. If changes are material, we will provide prominent notice (e.g., via the site or email) and indicate the effective date.

16. Contact Us

Questions about this Policy or our privacy practices? Contact us:

[Agency Name]
Attn: Privacy Officer
[Business Address]
Email: [privacy@agency.com]
Phone:

Appendix A — Key Service Providers (Examples)

This is a representative, non‑exhaustive list. We may add or change providers as our Services evolve.

  • Advertising: Google Ads, Meta Ads, LinkedIn Ads, TikTok Ads.
  • Analytics & Tracking: Google Analytics, Google Tag Manager, Hotjar.
  • CRM/Marketing: HubSpot, Salesforce, Mailchimp, SendGrid.
  • Communications: Twilio (SMS/voice), email service providers.
  • Hosting & Infrastructure: [Cloud Provider], CDN, security tools.
  • Data Enrichment: [Provider], subject to applicable law and contracts.

© [Agency Name]. All rights reserved.