Privacy Policy

Last updated: October 2025

Your privacy matters to us. Everything we do at Ashleigh Warren Consulting, Inc. is driven by respect for your data and your trust.

In this policy, we'll lay out what data we collect and why, how your data is handled, and your rights to your data. We're not in the business of selling your information. We never have been and never will.

Our guiding principle is simple: collect only what we need to serve you well.

What We Collect and Why

Identity & Contact Information

When you reach out to us, apply for services, or sign up through our website, we collect basic identifying information like your name, email address, and any other details you voluntarily provide (company name, website, phone number, etc.).

Why we collect this: So we can communicate with you, personalize our services, send you proposals, invoices, and essential updates about our work together.

What we won't do: We'll never sell your personal information to third parties, and we won't use your name in marketing materials without your explicit permission.

Payment Information

When you hire us, our payment processor Stripe securely collects your payment details and billing address to process payments, calculate taxes, and send invoices. Your payment information goes directly to Stripe and never passes through our servers.

We share your name and email with Stripe at checkout, and they may request additional details like your billing address and IP address to comply with tax laws and ensure security. Stripe protects this data according to their privacy policy.

IP Addresses & Security

We log IP addresses when you visit our website or access any client portals. This helps us prevent unauthorized access and spam sign-ups.

How long we keep this: We keep login data for as long as you're an active client. IP addresses from sign-ups are kept indefinitely to prevent fraudulent accounts.

Website Analytics

When you browse ashleighwarren.org, your browser automatically shares information like your operating system, browser version, which pages you visit, page load times, and which website referred you.

Why we track this: For statistical purposes—understanding how people use our site, testing new designs, and improving your experience.

We use first-party cookies to remember your preferences and support basic analytics. You can adjust cookie settings in your browser. To learn more about cookies, visit allaboutcookies.org.

At this time, our site does not respond to Do Not Track signals from browser plugins.

Correspondence & Support

When you email us at connect@ashleighwarren.org, we keep that correspondence—including your email address—so we have a history if you reach out again.

We also store any information you volunteer, like survey responses or details about your business during discovery calls. If we conduct interviews or record calls, we only do so with your express consent.

What We Don't Collect

We don't collect characteristics of protected classifications including age, race, gender, religion, sexual orientation, gender identity, or gender expression unless you voluntarily provide them (like including pronouns in your email signature).

We do not collect biometric data.

When We Access or Share Your Information

Our default practice is to not access your information. The only times we'll ever access or share your data are:

→ To provide services to you. We need to access the materials and information you share with us to deliver the content production, consulting, or marketing services you've hired us for.

→ To provide customer support. We may access your account information to troubleshoot issues, answer questions, or resolve billing inquiries.

→ When required by law. If law enforcement has the necessary warrant, subpoena, or court order requiring us to share data, we have to comply. Otherwise, we reject requests for data. Unless legally prevented, we'll always inform you when such requests are made. We have never received a National Security Letter or FISA order.

→ If we're acquired. If Ashleigh Warren Consulting, Inc. is acquired by or merged with another company—we don't plan on that, but if it happens—we'll notify you well before any of your information is transferred and becomes subject to a different privacy policy.

Your Rights With Respect to Your Data

We apply the same data rights to all clients and website visitors, regardless of location. We recognize all rights granted under the EU's GDPR and California's CCPA, including:

→ Right to Know. You have the right to know what personal information we collect, use, share, or store. This privacy policy outlines exactly that.

→ Right of Access. You have the right to access the personal information we have about you and obtain information about how it's stored, secured, and processed.

→ Right to Correction. You have the right to request corrections to your personal information.

→ Right to Erasure / "To be Forgotten." You can request that your personal information be deleted from our systems. Note that fulfilling some deletion requests may prevent you from using our services if we need certain information to provide them.

→ Right to Complain. You have the right to file a complaint with the appropriate supervisory authority regarding our handling of your personal information.

→ Right to Restrict Processing. You can request restrictions on how and why your personal information is used or processed.

→ Right to Object. In certain situations, you have the right to object to how or why your personal information is processed.

→ Right to Portability. You have the right to receive the personal information we have about you and transmit it to another party.

→ Right to Non-Discrimination. We will not charge you differently, offer different service levels, or treat you differently because you've exercised your data privacy rights.

To exercise these rights or if you have questions, contact us at connect@ashleighwarren.org.

Data Retention and Deletion

Active Client Data

While you're an active client, we retain the information necessary to provide services and maintain our working relationship.

After Services End

When our working relationship ends, we keep basic records (contact info, contracts, invoices) for legal and tax purposes as required by law—typically 7 years for financial records.

Content and Project Files

Content we create for you and project files are typically delivered to you and removed from our active systems within 90 days of project completion, unless you've arranged for ongoing services or storage.

Deletion Requests

If you request deletion of your personal data, we'll delete it from our active systems within 30 days. Some information may persist in backups for up to 90 days total before being permanently deleted.

Important: Deleting certain data may prevent us from providing services or accessing project history if you return in the future.

Data Security

We take data security seriously and implement appropriate technical and organizational measures to protect your information, including:

• Encrypted data transmission (SSL/TLS)

• Secure password practices

• Limited employee access to personal data

• Regular security reviews and updates

• Secure file sharing and storage systems

While we implement strong security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but commit to promptly addressing any security concerns.

Third-Party Services

We use carefully selected third-party services to run our business:

• Stripe for payment processing

• Email service providers for communications

• Cloud storage providers for secure file storage

• Analytics tools for website performance

These services are bound by their own privacy policies and our contracts with them ensure they handle your data responsibly. We never give third parties permission to use your data for their own purposes.

International Data Transfers

Our business is operated in the United States. If you're located outside the US, please be aware that information you provide will be transferred to and processed in the United States. By using our services, you consent to this transfer.

For EU residents: We comply with applicable data protection laws and take appropriate steps to ensure your data is protected when transferred internationally.

Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If we learn we've collected information from a child under 18, we'll delete it promptly.

Changes to This Policy

We may update this privacy policy as needed to comply with regulations or reflect new practices. When we make significant changes, we'll notify active clients via email. Continued use of our services after updates means you accept the revised policy.

Questions?

Have questions, comments, or concerns about this privacy policy, your data, or your rights? Please reach out to us at connect@ashleighwarren.org and we'll be happy to answer them.

© Ashleigh Warren Consulting, Inc. 2025. All rights reserved.