Legal

Privacy Policy

This document explains how Freshpower collects, uses, stores, and protects personal information when you visit freshpower.world or use our consultation services.

Effective date:

1. Data controller

The data controller responsible for processing your personal data is:

Freshpower
1512 Haight St, San Francisco, CA 94117, USA
Phone: +1 415-437-7888
Email: touch@freshpower.world
Website: freshpower.world

For privacy-related requests, contact us using the email address above with the subject line "Privacy Request."

2. Scope and purpose of this policy

This Privacy Policy applies to visitors of our website, individuals who submit contact forms, clients who purchase consultation services, and participants in educational programs. We process data to operate our workspace organization consulting business, comply with legal obligations, and communicate with you about services you request.

Our website provides general informational content about workspace organization. Personal data processing supports that informational purpose and any contractual relationship you enter with us.

3. Categories of personal data we collect

3.1 Data you provide directly

  • Identity and contact data: name, email address, phone number if supplied, and message content from contact forms.
  • Consultation-related data: room descriptions, photographs you voluntarily share, scheduling preferences, and billing details when you purchase services.
  • Consent records: timestamps and selections from cookie banners and GDPR checkboxes on forms.

3.2 Data collected automatically

  • Technical data: IP address, browser type, device type, operating system, referring URLs, and pages viewed.
  • Cookie and similar technologies data as described in our Cookie Policy.

3.3 Data from third parties

We may receive limited data from payment processors or scheduling tools when you complete a transaction. Those providers process data under their own privacy policies.

4. Legal bases for processing (GDPR)

Where the General Data Protection Regulation applies, we rely on the following legal bases:

  • Consent: for optional analytics and marketing cookies, and when you opt in to newsletters.
  • Contract: to deliver consultations, programs, and purchased materials you request.
  • Legitimate interests: to secure our website, prevent fraud, improve content based on aggregated analytics, and respond to inquiries—balanced against your rights.
  • Legal obligation: to retain certain records for tax, accounting, or regulatory requirements.

5. How we use personal data

We use personal data for the following purposes:

  1. Responding to contact form submissions and scheduling consultations.
  2. Preparing session notes, written plans, and educational materials tailored to your inquiry.
  3. Processing payments and issuing invoices or receipts.
  4. Maintaining website security and diagnosing technical issues.
  5. Complying with applicable laws and responding to lawful requests from authorities.
  6. Sending service-related communications you reasonably expect, such as appointment reminders.
  7. Measuring advertising performance in aggregate when you consent to marketing or analytics cookies, including campaigns run on Google Ads in the United States.

We do not use your data to make automated decisions with legal or similarly significant effects. We do not sell personal information for cross-context behavioral advertising as defined under California law.

6. Data retention periods

  • Contact form messages: up to twenty-four months from last interaction, unless you request earlier deletion.
  • Client consultation records: up to seven years after the final session for business and tax documentation.
  • Marketing consents: until withdrawn, plus a minimal log proving consent timing.
  • Server logs: typically ninety days unless needed for security investigations.
  • Cookie data: according to durations listed in the Cookie Policy.

When retention periods expire, we delete or anonymize data unless further storage is legally required.

7. Security measures

We implement appropriate technical and organizational measures to protect personal data, including:

  • HTTPS encryption for data transmitted through this website.
  • Access controls limiting staff access to data required for their role.
  • Regular review of third-party vendors handling data on our behalf.
  • Secure storage for consultation documents with password protection where applicable.

No transmission method over the internet is completely secure. We encourage you to use strong passwords for any accounts we provide and to avoid sending sensitive identifiers unnecessarily.

8. Sharing and international transfers

We do not sell personal data. We may share data with:

  • Service providers such as hosting, email delivery, payment processing, and analytics (only with consent where required).
  • Professional advisers bound by confidentiality when necessary.
  • Authorities when required by law.

Some providers may process data in the United States or other countries. Where GDPR applies, we use appropriate safeguards such as Standard Contractual Clauses when transferring data outside the European Economic Area.

9. Your rights

Depending on your location, you may have the following rights:

  • Access: request a copy of personal data we hold about you.
  • Rectification: correct inaccurate or incomplete data.
  • Erasure: request deletion where no overriding legal basis requires retention.
  • Restriction: limit processing in certain circumstances.
  • Portability: receive data you provided in a structured, machine-readable format where applicable.
  • Objection: object to processing based on legitimate interests or direct marketing.
  • Withdraw consent: at any time for consent-based processing, without affecting prior lawful processing.
  • Lodge a complaint: with your local supervisory authority, such as a Data Protection Authority in the EU.

California residents may have additional rights under the CCPA/CPRA, including knowing categories of data collected and requesting deletion subject to exceptions. We do not sell personal information as defined by California law.

To exercise rights, email us with sufficient detail to verify your identity. We respond within thirty days where GDPR applies, or as required by local law.

10. Children

Our services target adults organizing workspaces. We do not knowingly collect data from individuals under sixteen without parental consent. Contact us if you believe we received such data inadvertently.

11. Links to other websites

Our site may link to external resources. We are not responsible for their privacy practices. Review their policies before submitting personal data.

12. Changes to this policy

We may update this Privacy Policy to reflect legal or operational changes. Material updates will be indicated by revising the effective date at the top of this page. Continued use of the website after changes constitutes acknowledgment where permitted by law.

13. Contact

Questions about this Privacy Policy may be directed to Freshpower at the address and email listed in Section 1.