Privacy Policy

Read our detailed Privacy Policy to understand your rights and obligations when using Rhetoric Studios' services.

1. Introduction

This Privacy Policy ("Policy") describes how Rhetoric Studios ("we," "our," or "us") collects, uses, and discloses your personal information when you visit our website (the "Site") or use our services. We are committed to protecting your privacy and handling your data in an open and transparent manner.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us, including:

  • Contact information (name, email address, phone number, business address)
  • Business details (company name, role, industry)
  • Website information and access credentials
  • Payment information (processed securely through our payment processors)
  • Communication preferences
  • Any other information you choose to provide

2.2 Information Automatically Collected

When you visit our Site, we automatically collect certain information about your device and usage, including:

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, time spent, referring website)
  • Location information (derived from IP address)
  • Performance and debug data

2.3 Analytics and Tracking Tools

We use various analytics and tracking tools to improve our services and user experience. These tools are only activated with your explicit consent, which you can manage through our cookie consent preferences:

Essential: Always active and necessary for the website to function

Analytics: Tools for website usage analysis (optional), including:

  • Google Analytics for website traffic and behavior analysis
  • HubSpot Analytics for visitor tracking, page view analysis, and engagement measurement

Marketing & CRM: Tools for marketing effectiveness and customer relationship management (optional), including:

  • HubSpot CRM for:
    • Tracking website visitor behavior across multiple sessions
    • Connecting form submissions with browsing history
    • Managing sales opportunities and customer relationships
    • Personalizing communications based on demonstrated interests
    • Measuring outreach and follow-up effectiveness
  • Google Tag Manager for managing marketing tags and scripts
  • Meta Pixel (Facebook Pixel) for advertising effectiveness and retargeting
  • Google Ads Conversion Tracking for measuring advertising performance

All tracking and analytics tools are disabled by default and will only be activated after you provide explicit consent. For more information about how we use cookies and similar technologies, please visit our Cookie Management page, where you can find detailed information about:

  • Types of cookies we use
  • Specific cookie information and duration
  • How to manage your preferences

How HubSpot Tracking Works:

When you visit our website, if you've consented to marketing/CRM cookies, HubSpot may:

  • Record which pages you visit and how long you spend on each page
  • Track your journey across multiple visits to our site
  • Connect your browsing behavior to information you provide via forms
  • Store this information to help us understand your interests and needs
  • Enable us to provide more relevant information and personalized service

This tracking helps us:

  • Understand which content is most valuable to visitors
  • Prepare more effectively for sales conversations
  • Send information relevant to topics you've shown interest in
  • Improve our overall service delivery and customer experience

2.4 Your Control Over Tracking

We respect your privacy choices and provide granular control over tracking:

  • You can accept or reject non-essential cookies when first visiting our site
  • Your preferences are remembered but can be changed at any time
  • No tracking occurs without your explicit consent
  • You can manage your preferences through our Cookie Management page

3. How We Use Your Information

We use your personal information for the following purposes:

Service Delivery: To provide and maintain our services, communicate with you about your account, and fulfill our contractual obligations

Business Operations: To improve our services, develop new features, and ensure efficient operations

Customer Relationship Management (CRM): To manage our interactions with prospects and customers, including:

  • Tracking your engagement with our website and content
  • Understanding your business needs and challenges
  • Preparing for sales conversations with relevant context
  • Personalizing our communications based on your demonstrated interests
  • Managing follow-up activities and maintaining communication history
  • Analyzing patterns to improve our sales and service delivery processes
  • Ensuring consistent service across multiple touchpoints

Example: If you view our pricing calculator and then book a consultation, we'll know you're interested in cost analysis, allowing us to prepare relevant information for our conversation.

Marketing and Communications: To send you updates, newsletters, and marketing materials (subject to your preferences)

Legal Compliance: To comply with legal obligations and enforce our terms

Security: To protect our services, users, and business interests

3.1 Marketing Communications

You can opt out of receiving marketing communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email
  • Updating your preferences in your account settings
  • Contacting us directly at hello@wearerhetoric.com

We will process your opt-out request within 48 hours. Note that you may still receive essential service-related communications even after opting out of marketing messages.

4. Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Contractual Necessity: To perform our contract with you
  • Legitimate Interests: To operate and improve our business
  • Legal Obligation: To comply with applicable laws
  • Consent: Where you have given explicit consent

4.1 Automated Decision Making

We do not make any automated decisions about you that would significantly affect you without human intervention. If you have provided consent for analytics and marketing cookies, we may use automated tools for:

  • Website analytics and performance monitoring
  • Basic content personalization
  • Marketing campaign optimization (only with explicit marketing consent)

These automated processes respect your cookie consent preferences and can be disabled at any time through our cookie settings.

5. Information Sharing and Disclosure

We may share your information with:

Service Providers: Third-party vendors who assist in our operations. We work with the following categories of service providers:

Technology & Infrastructure:

  • HubSpot Inc. (USA) - CRM, email marketing, marketing automation, analytics, and customer data management
  • Cloudflare Inc. (USA) - Website security and performance
  • Amazon Web Services (USA) - Cloud hosting infrastructure

Analytics & Advertising:

  • Google LLC (USA) - Analytics, tag management, and advertising services
  • Meta Platforms Inc. (USA) - Advertising, retargeting, and pixel tracking

Communication & Scheduling:

  • Calendly LLC (USA) - Appointment scheduling and calendar management

Privacy & Compliance:

  • Ketch (USA) - Cookie consent management and privacy compliance

All service providers are:

  • Bound by data processing agreements
  • Required to comply with GDPR and UK data protection laws
  • Subject to standard contractual clauses for international transfers
  • Prohibited from using your data for their own purposes
  • Regularly audited for security and compliance

Business Partners: Trusted partners who help provide or improve our services, such as:

  • Joint venture partners for co-marketed services
  • Technology integration partners
  • Professional service providers (accountants, lawyers)

Legal Authorities: When required by law or to protect our rights, including:

  • Compliance with legal obligations or court orders
  • Protection of our legal rights and property
  • Investigation of fraud or security issues
  • Protection of the safety of our users or the public

Business Transfers: In connection with a merger, acquisition, or sale of assets:

  • During due diligence processes (under confidentiality agreements)
  • As part of the transferred assets to the acquiring entity
  • You will be notified of any such change in ownership or control

We do not sell your personal information to third parties.

Data Sharing Limitations:

We only share the minimum data necessary for each service provider to perform their specific function. For example:

  • HubSpot receives contact information, website activity, and communication history
  • Calendly receives only name, email, and appointment preferences
  • Analytics tools receive anonymized or pseudonymized usage data where possible

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • 256-bit SSL/TLS encryption for data in transit
  • AES-256 encryption for data at rest
  • Multi-factor authentication for system access
  • Quarterly security assessments and penetration testing
  • Regular employee security training
  • Incident response procedures with 24-hour notification for critical breaches

6.1 Data Breach Notification

In the event of a personal data breach, we will:

  • Notify affected users and relevant authorities without undue delay
  • Provide notification within 72 hours of discovery where feasible
  • Include information about the likely consequences of the breach
  • Describe measures taken or proposed to address the breach
  • Provide recommendations for affected users to minimize potential harm

Our breach notification will include:

  • Nature of the personal data breach
  • Categories and approximate number of individuals concerned
  • Name and contact details of our Data Protection Officer
  • Likely consequences of the breach
  • Measures taken or proposed to address the breach and mitigate its effects

7. Your Privacy Rights

You have the following rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data (subject to legal requirements)
  • Objection: Object to processing of your data
  • Portability: Request transfer of your data
  • Withdrawal of Consent: Withdraw previously given consent

7.1 Exercising Your Rights

To exercise any of these rights:

  • Email us at hello@wearerhetoric.com
  • Use our online privacy rights request form
  • Write to our Data Protection Officer at the address below

When you submit a privacy rights request, we will:

  • Respond to your request within 30 days
  • Verify your identity using government-issued ID or account credentials
  • Provide information in a portable, readily usable format
  • Document and maintain records of all requests and our responses

For complex requests, we may:

  • Extend the response time by up to 60 additional days (with written notice)
  • Charge a reasonable fee based on administrative costs
  • Request additional information to clarify your request

7.2 Record Removal Process

To request the removal of your records:

  • Contact us through any of the methods above, specifically mentioning "Data Deletion Request"
  • Specify which data you want removed (e.g., all personal data, specific records, or categories of information)
  • Provide any relevant identifiers (e.g., email address, account number, or submission references)

Upon receiving your request, we will:

  • Confirm receipt within 2 business days
  • Verify your identity to prevent unauthorized deletions
  • Review your request and identify all relevant records
  • Complete the deletion within 30 days
  • Send you confirmation once the deletion is complete

Please note: Some information may need to be retained for legal or legitimate business purposes (e.g., transaction records for tax purposes). In such cases, we will clearly explain what data must be retained and for how long.

8. Data Retention

We retain different types of personal information for different periods:

  • Account Information: 7 years after account closure
  • Transaction Records: 7 years for tax purposes
  • Marketing Data: 2 years from last interaction
  • Website Analytics: 26 months
  • Communication Records: 3 years from last contact

9. International Data Transfers

We may transfer your data to the following countries:

  • United States (under EU-US Data Privacy Framework)
  • United Kingdom (under UK adequacy decision)
  • European Economic Area countries

Our primary servers are located in:

  • United Kingdom (Primary hosting)
  • Germany (Backup and disaster recovery)

We ensure appropriate safeguards through:

  • Standard Contractual Clauses (SCCs)
  • EU-US Data Privacy Framework certification
  • Data Processing Agreements with all processors
  • Regular audits of data protection measures

10. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately for deletion.

11. Changes to This Policy

We consider the following to be "material" changes:

  • Changes to how we collect or use personal information
  • New types of data collection or processing
  • Changes to your privacy rights
  • New categories of third-party sharing

For material changes, we will:

  • Provide 30 days advance notice via email
  • Display prominent notice on our website
  • Require explicit consent where necessary
  • Maintain a policy change log on our website

12. Frequently Asked Questions About Our Data Practices

Q: Why do you track website visits?

A: We track website behavior (with your consent) to understand what content is valuable to visitors and to prepare more effectively for conversations. For example, if you've viewed our case studies, we know you're interested in seeing proof of results.

Q: Can you see my name when I visit your website anonymously?

A: No. We only see anonymous visitor behavior until you voluntarily identify yourself by submitting a form or booking a meeting. Once you identify yourself, we can connect your previous anonymous visits to your contact record.

Q: How do you use my browsing history?

A: We use it to:

  • Understand your interests and business challenges
  • Prepare relevant information for sales conversations
  • Send follow-up content related to topics you've explored
  • Improve our website based on what content is most valuable

Q: Can I opt out of tracking but still use your services?

A: Yes. Essential cookies required for the website to function remain active, but you can decline Analytics and Marketing/CRM cookies. You can still submit forms, book meetings, and work with us - we just won't track your website behavior.

Q: How long do you keep my browsing data?

A: Website analytics data is retained for 26 months. Marketing and CRM data is retained for 2 years from your last interaction with us, unless you request earlier deletion.

Q: Do you share my browsing data with advertisers?

A: We use advertising platforms (Google Ads, Meta/Facebook) to show our ads to people who've visited our website (retargeting). However, we do not sell your data or share your personal information with these platforms - they only receive pseudonymized tracking data.

Q: Can I request a copy of what data you've collected about me?

A: Yes. Under GDPR and UK data protection law, you have the right to request a complete copy of all personal data we hold about you, including website activity logs. Email hello@wearerhetoric.com with "Data Access Request" in the subject line.

13. Contact Us

For privacy-related inquiries, contact our Data Protection Officer:

Policy Version History

  • January 26, 2025: Added explicit HubSpot CRM disclosures, expanded service provider list, clarified CRM data usage practices, added FAQ section
  • February 7, 2025: Updated international transfer section, added automated decision-making details
  • January 15, 2025: Added specific retention periods
  • January 1, 2025: Initial policy publication

Last Updated: January 26, 2025