Educational services only — not medical care. Terms of Use · Cookies · Refunds

Privacy Policy

This document explains how Freshstkneeao collects and processes personal information when you use our website and services.

Last updated:

1. Data Controller

The data controller responsible for your personal information is:

Freshstkneeao
261 Columbus Ave, San Francisco, CA 94133, USA
Phone: +1 415-362-8193
Email: touch@freshstkneeao.world
Website: https://freshstkneeao.world

For privacy-related requests, contact us using the details above with the subject line "Privacy Request."

2. Scope and Purpose of This Policy

This Privacy Policy applies to visitors of freshstkneeao.world, participants in our educational workplace programs, purchasers of educational products, and individuals who contact us through forms or email. We process data to deliver consulting services, respond to inquiries, operate our website, comply with legal obligations, and—where permitted—analyze site usage.

Our website provides general informational content about office back comfort. We do not collect health records, insurance identifiers, or clinical diagnoses through standard contact forms. Do not submit protected health information unless we explicitly request it under a separate written agreement.

3a. Advertising and Website Analytics

When you arrive from online advertising (including Google Ads in the United States), we may receive campaign parameters in the page URL. If you accept analytics cookies, we use aggregated data to measure ad relevance and improve landing page clarity. We do not use sensitive health categories for ad targeting on our own campaigns, and we do not sell personal data to data brokers.

3. Categories of Personal Data We Collect

3.1 Information You Provide Directly

  • Identity and contact data: name, email address, phone number, organization name, job title
  • Communication content: messages submitted through our contact form
  • Consent records: GDPR checkbox confirmations and cookie preference selections
  • Program enrollment data: billing contact, participant lists supplied by your employer

3.2 Information Collected Automatically

  • Technical data: IP address, browser type, device type, operating system
  • Usage data: pages viewed, time on page, referral URL, click patterns (only when analytics cookies are accepted)
  • Cookie identifiers as described in our Cookie Policy

3.3 Information from Third Parties

We may receive business contact details from referral partners or publicly available professional directories when you have expressed interest in workplace wellness education. We verify the lawful basis before adding such contacts to our systems.

4. Legal Bases for Processing (GDPR)

Where the General Data Protection Regulation applies, we rely on the following legal bases:

  • Contract: Processing necessary to perform agreements for programs, consulting, or product delivery
  • Legitimate interests: Operating and securing our website, preventing fraud, improving educational content, and proportionate B2B outreach
  • Consent: Analytics and marketing cookies, optional newsletters, and contact form submissions
  • Legal obligation: Tax records, responses to lawful requests from authorities

You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

5. How We Use Your Data

We use personal data for these purposes:

  1. Responding to inquiries and scheduling consultations
  2. Delivering educational programs and personalized non-medical plans
  3. Processing payments and issuing invoices
  4. Maintaining participant attendance records and program materials distribution
  5. Improving website content and user experience when analytics are enabled
  6. Sending service-related announcements about programs you enrolled in
  7. Protecting against unauthorized access and technical abuse
  8. Complying with accounting, tax, and regulatory requirements

We do not use your data to make automated decisions that produce legal or similarly significant effects.

6. Data Retention Periods

  • Contact form submissions: 24 months from last interaction, unless a business relationship continues
  • Contract and billing records: 7 years from the end of the fiscal year in which the transaction occurred (US tax requirements)
  • Program participation logs: 36 months after program completion for reference and dispute resolution
  • Marketing consents: Until withdrawal of consent plus 12 months for proof of consent
  • Server logs: 90 days unless required for security investigations
  • Cookie consent records: 12 months, then refreshed upon your next visit

When retention periods expire, we delete or anonymize data unless a longer period is required by law.

7. Data Sharing and Recipients

We do not sell personal data. We may share information with:

  • Hosting and infrastructure providers located in the United States and European Union
  • Email delivery and customer relationship tools bound by data processing agreements
  • Payment processors handling transactions on our behalf
  • Professional advisors (lawyers, accountants) under confidentiality duties
  • Authorities when required by valid legal process

International transfers outside the EEA use Standard Contractual Clauses or equivalent safeguards where applicable.

8. Security Measures

We implement administrative, technical, and organizational measures appropriate to the risk, including:

  • HTTPS encryption for all website communications
  • Access controls limiting employee data access to authorized roles
  • Regular software updates and vulnerability monitoring
  • Encrypted backups stored in geographically redundant facilities
  • Staff training on confidentiality and incident reporting

No method of transmission over the Internet is completely secure. We encourage you to use strong passwords for any accounts we provide and to notify us promptly of suspected breaches.

9. Your Rights

Depending on your location, you may have the following rights:

  • Access: obtain confirmation whether we process your data and receive a copy
  • Rectification: correct inaccurate or incomplete information
  • Erasure: request deletion when data is no longer necessary or consent is withdrawn
  • Restriction: limit processing in certain circumstances
  • Portability: receive data you provided in a structured, machine-readable format
  • Objection: oppose processing based on legitimate interests or direct marketing
  • Withdraw consent: for consent-based processing at any time

California residents may have additional rights under the CCPA/CPRA, including knowing categories of data collected and opting out of certain sharing. We honor applicable state privacy laws.

To exercise rights, email touch@freshstkneeao.world with sufficient detail to verify your identity. We respond within 30 days (45 days for complex requests where permitted).

You may lodge a complaint with your local supervisory authority. EU residents may contact their national data protection authority.

10. Children's Privacy

Our services target business professionals and organizations. We do not knowingly collect data from individuals under 16. If you believe a minor submitted information, contact us for deletion.

11. Changes to This Policy

We may update this Privacy Policy to reflect legal or operational changes. Material updates will be indicated by revising the date at the top of this page. Continued use after changes constitutes acknowledgment where permitted by law.

12. Related Documents

Please also review our Cookie Policy, Terms of Use, and Refund Policy for additional information about your relationship with Freshstkneeao.