Who We Are
Fine Prism LLC is the controller or business responsible for personal information collected through our Website and our own business operations.
For privacy questions or requests, contact support@fineprism.com.
When We Act for a Client
When Fine Prism processes personal information solely on behalf of a client—for example, information contained in a client's website, analytics account, content system, customer records, or other platforms—we generally act as a processor or service provider and follow that client's documented instructions.
In those circumstances, the client is responsible for its own privacy notice and for responding to requests about the data. If your request concerns information controlled by one of our clients, please contact that client directly. We may forward your request to the client where appropriate.
Where required, Fine Prism and the client will enter into a data processing agreement addressing confidentiality, security, subprocessors, assistance with individual rights, and international transfers.
Personal Information We Collect
The information we collect depends on how you interact with us.
Information you provide directly
- Identity and contact information, such as your name, business name, job title, email address, telephone number, country, and postal address;
- Inquiry and consultation information, including messages, objectives, budgets, project requirements, website addresses, preferred meeting times, and notes from calls;
- Client and contract information, including proposals, agreements, signatures, approvals, project communications, billing contacts, tax information, and records of services purchased;
- Payment and transaction information, such as invoice details, billing address, payment status, transaction identifiers, and limited payment-method information supplied by a payment processor;
- Project materials, including website content, brand assets, research inputs, analytics, search or AI visibility data, business information, instructions, and credentials or access tokens you choose to provide;
- Support and feedback information, including questions, complaints, refund requests, survey responses, and testimonials; and
- Marketing preferences, including newsletter subscriptions, consent records, and opt-out choices.
Please use an approved secure method when providing passwords, access tokens, or other account credentials. Do not send sensitive personal information unless it is necessary and we have agreed on an appropriate method.
Information collected automatically
When you use the Website or open our electronic communications, we and our service providers may collect:
- IP address and approximate location derived from it;
- browser, device, operating system, language, and screen information;
- pages viewed, links clicked, referring pages, timestamps, session duration, and navigation events;
- cookie identifiers and similar online identifiers;
- form interaction, campaign, conversion, and email engagement information; and
- security, diagnostic, and server-log information.
Some of this information is collected through cookies, pixels, tags, local storage, software development kits, and similar technologies. See Section 8.
Information from clients, partners, and public sources
We may receive business contact information from your employer, colleagues, referral partners, service providers, or other people involved in an engagement.
As part of AEO, GEO, competitive, brand, and market research, we may review information made available through public websites, business directories, professional profiles, search results, AI-generated outputs, news sources, and similar public or licensed sources. This may incidentally include names, professional roles, public statements, and business contact information.
How We Use Personal Information and Our Legal Bases
We use personal information only when we have a valid purpose and, where required, a lawful basis.
| Purpose | Typical information | GDPR / UK GDPR lawful basis |
|---|---|---|
| Respond to inquiries, provide consultations, and prepare proposals | Identity, contact, inquiry, and project information | Steps requested before a contract; legitimate interests in developing our business |
| Enter into and manage client engagements | Identity, contract, billing, project, access, and communications data | Performance of a contract; legitimate interests in managing business relationships |
| Deliver AEO, GEO, content, technical, research, reporting, and consulting services | Project materials, website and platform information, public business data, and client instructions | Performance of a contract; legitimate interests in providing and improving professional services |
| Process payments, invoices, refunds, accounting, and taxes | Contact, transaction, billing, and tax information | Performance of a contract; legal obligations; legitimate interests in collecting amounts due |
| Operate, secure, troubleshoot, and improve the Website and services | Device, usage, log, diagnostic, and security information | Legitimate interests in operating and protecting our systems; consent where required |
| Measure Website performance and understand audiences | Cookie, device, usage, campaign, and conversion information | Consent where required; otherwise legitimate interests in measuring and improving our Website |
| Send newsletters, offers, and other marketing | Contact information, engagement, and marketing preferences | Consent where required; otherwise legitimate interests in marketing relevant business services |
| Prevent fraud, misuse, infringement, and security incidents | Identity, transaction, device, log, credentials, and communications data | Legitimate interests in protecting Fine Prism, clients, users, and third parties; legal obligations |
| Establish, exercise, or defend legal rights and comply with law | Any relevant records | Legal obligations; legitimate interests in protecting legal rights |
| Manage corporate transactions | Relevant business, client, and operational records | Legitimate interests in organizing or transferring our business, subject to appropriate safeguards |
Where we rely on legitimate interests, we consider whether our interests are proportionate and whether your rights override them. You may object as described in Section 12.
Where we rely on consent, you may withdraw it at any time. Withdrawal does not affect processing that was lawful before withdrawal.
AI-Assisted Tools and Automated Processing
Fine Prism may use AI-assisted tools, automation, search platforms, and analytical software to support research, drafting, analysis, quality assurance, monitoring, and service delivery. Depending on the engagement, information submitted to these tools may be processed by third-party providers under their contractual and privacy terms.
We seek to limit personal information included in AI prompts or inputs to what is reasonably necessary for the task. Clients should not provide sensitive or unnecessary personal information for AI-assisted processing.
Fine Prism does not use solely automated decision-making through the Website to make decisions about individuals that produce legal or similarly significant effects. If that changes, we will provide any notice and choices required by applicable law.
How We Disclose Personal Information
We may disclose personal information to:
- Hosting, infrastructure, and security providers that operate or protect the Website, files, communications, and systems;
- Email, CRM, scheduling, support, and collaboration providers used to communicate and manage relationships;
- Payment, banking, accounting, and tax providers that process transactions and maintain financial records;
- Analytics, cookie, advertising, and performance providers, according to your choices and applicable consent requirements;
- Employees, contractors, and professional advisers who need the information to perform services and are subject to confidentiality obligations;
- Client-authorized platforms, such as website, content, analytics, search, AI, or business systems involved in an engagement;
- Government authorities, regulators, courts, and other parties when reasonably necessary to comply with law, protect rights or safety, investigate misuse, or respond to lawful process; and
- Parties to a corporate transaction, such as a merger, financing, acquisition, restructuring, or sale of assets, subject to appropriate confidentiality protections.
We require service providers to use personal information only for authorized purposes and to provide protections appropriate to the nature of the information and services.
Sale, Sharing, and Targeted Advertising
Fine Prism does not sell personal information for monetary consideration.
Depending on the Website technologies enabled, certain analytics or advertising disclosures may be treated as a “sale,” “sharing,” or use for targeted advertising under some U.S. state privacy laws even when no money is exchanged. Where those laws apply, we will provide required notices and a method to opt out through our cookie preference tool, a Website privacy-choices link, or by contacting us.
Where legally required, we will process recognized browser-based opt-out preference signals, such as Global Privacy Control, as a request to opt out for the browser or device sending the signal.
We do not knowingly sell or share the personal information of anyone under 18.
Marketing Communications
We may send business-related marketing where you have consented or where applicable law otherwise permits it. You can unsubscribe through the link in an email or by contacting support@fineprism.com.
We may retain minimal suppression information to ensure we respect your opt-out. Even if you opt out of marketing, we may still send necessary communications about an inquiry, contract, invoice, security issue, or service.
International Transfers
Fine Prism is established in the United States and may use service providers or contractors in the United States and other countries. Your personal information may therefore be processed in countries whose privacy laws differ from those where you live.
For transfers from the EEA, UK, or Switzerland, we use an available lawful transfer mechanism where required. Depending on the recipient, this may include an adequacy decision, the European Commission's Standard Contractual Clauses, the UK International Data Transfer Agreement or UK Addendum, or another legally recognized safeguard. We may also apply supplementary contractual, technical, or organizational measures where appropriate.
You may contact us for more information about the safeguards relevant to your personal information.
Data Retention
We retain personal information only for as long as reasonably necessary for the purposes described in this Policy, including contractual, accounting, tax, security, dispute, and legal requirements.
Our general retention guidelines are:
- inquiry and proposal records: up to 24 months after the last meaningful contact;
- client, contract, project, invoice, and payment records: for the engagement and generally up to seven years afterward;
- support, complaint, and guarantee records: generally up to three years after resolution, or longer if connected to a contract or legal claim;
- marketing records: until you unsubscribe or we determine they are no longer needed, with limited suppression records retained to honor opt-outs;
- security and technical logs: generally up to 12 months, unless needed to investigate an incident;
- cookie and analytics information: according to the periods displayed in the cookie preference tool and the applicable provider settings; and
- backups: until overwritten through ordinary backup cycles, subject to legal holds and technical limitations.
We may retain information longer when required by law, necessary for a legal claim, requested by a regulator, or subject to a valid legal hold. We may retain anonymized information that can no longer reasonably identify an individual.
Your Privacy Rights
Depending on your location and applicable law, you may have the right to:
- request access to personal information we hold about you;
- request correction of inaccurate or incomplete information;
- request deletion of personal information;
- request restriction of processing;
- receive certain information in a portable format;
- object to processing based on legitimate interests, including direct marketing;
- withdraw consent at any time;
- opt out of sale, sharing, targeted advertising, or certain profiling;
- limit certain uses of sensitive personal information;
- appeal our refusal of a privacy request where applicable; and
- lodge a complaint with a privacy or data protection authority.
Your right to object
Where GDPR or UK GDPR applies, you have the right to object at any time to processing of your personal information for direct marketing. You may also object to processing based on our legitimate interests.
To exercise a right, email support@fineprism.com with the subject line “Privacy Request” and describe your request. You may also write to the address in Section 1.
We may ask for information reasonably necessary to verify your identity and authority. An authorized agent may submit a request where permitted, but we may require proof of authorization and identity verification. We will respond within the period required by applicable law and will explain any lawful reason we cannot fulfill a request.
We will not discriminate against you for exercising a privacy right.
EEA, UK, and Switzerland
You may complain to the data protection authority where you live or work, or where you believe a violation occurred. UK residents may contact the UK Information Commissioner's Office. We encourage you to contact us first so we can try to resolve your concern.
California and other U.S. states
If an applicable U.S. state privacy law covers Fine Prism and your information, you may have rights to know, access, correct, delete, obtain a copy, opt out of sale or targeted advertising, limit certain uses of sensitive information, and appeal a decision.
For purposes of California law, the categories of personal information we may have collected during the preceding 12 months include identifiers; customer-record information; commercial information; internet or electronic-network activity; approximate geolocation; professional or employment-related information; inferences drawn from other information; and sensitive personal information such as account credentials when a client provides them for service delivery. We collect, use, disclose, and retain these categories for the purposes and periods described in this Policy.
Security
We use reasonable administrative, technical, and organizational measures designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. Measures may include access controls, authentication, encryption in transit, vendor review, confidentiality obligations, backups, monitoring, and data minimization, as appropriate to the risk.
No method of transmission or storage is completely secure. You are responsible for protecting passwords and promptly telling us if you believe an account or credential connected to our services has been compromised.
Children's Privacy
The Website and services are intended for businesses and adults and are not directed to children. We do not knowingly collect personal information from children under 13 or knowingly offer services directly to anyone under 18.
If you believe a child has provided personal information to us, contact support@fineprism.com, and we will take appropriate steps to investigate and delete it where required.
Third-Party Websites and Platforms
The Website and our deliverables may link to or interact with third-party websites, search engines, AI platforms, payment services, social networks, or software. Their privacy practices are governed by their own notices, not this Policy. Review those notices before providing personal information.
Changes to This Privacy Policy
We may update this Policy to reflect changes in our services, technology, vendors, or legal obligations. We will post the revised version with a new “Last updated” date. If a change materially affects how we use personal information, we will provide additional notice or obtain consent where required.
Contact Us
For privacy questions, requests, or complaints, contact:
Sheridan, WY 82801, USA