Overview
Protecting your privacy is fundamental to the way Buddy Brand Fitness, LLC ("we," "us," or "our") conducts business. This Privacy Policy explains how we collect, use, and disclose personal information in connection with our website at www.buddybrand.fitness and the Kingdom Mindset Training Platform services we offer. We provide this Privacy Policy at or before the time we collect personal information, as required by applicable laws.
This Privacy Policy covers three categories of individuals:
- Clients — individuals who enroll in or inquire about our training programs (Tier 1, Tier 2, or Tier 3).
- Visitors — individuals who visit our websites or interact with us online or offline.
- Job Applicants & Personnel — individuals who apply for positions or work with Buddy Brand Fitness, LLC.
Different portions of this Policy apply depending on your relationship with us. Use the navigation strip above to jump to any section.
How We Collect Personal Information
We collect personal information in the course of providing our services and, sometimes, directly from you. The table below describes the categories of data we collect and the primary purpose for each.
| Category | Types of Data | Primary Purpose |
|---|---|---|
| Client Information | Name, contact information, communication history. | Client communication and normal business administration. |
| Account Information | Email, password, account preferences, login activity. | Account management, fraud detection, service fulfillment. |
| Payment & Billing | Payment method, billing address, transaction history. | Payment processing, billing, fraud prevention, financial compliance. |
| Cookies & First-Party Tracking | Cookies, clear GIFs, session data. | Website operation efficiency. |
| Third-Party Tracking | Behavioral advertising data from third-party cookies. | Behavior-based advertising and website analytics. |
| Demographic Information | Age, location, general profile data. | Understanding users to provide tailored services. |
| Email Interactions | Open rates, link clicks, banner interactions. | Understanding how you interact with our communications. |
| Feedback / Support | Inquiries, support requests, call recordings (with prior notice), form submissions. | Receiving and acting upon feedback; quality improvement. |
| Mailing List | Email address, postal address (if provided). | Sharing product and service info with consenting individuals. |
| Surveys | Survey responses. Third-party survey data is governed by that party's policy. | Understanding opinions relevant to our organization. |
| Website Interactions | Link clicks, form inputs, device and browser information. | Improving our website; detecting and preventing fraud. |
| Web Logs | Browser type, OS, IP address, domain, click activity, referrer, timestamps. | Network monitoring; understanding popular services. |
| Employment Information | Job application, SSN (if applicable), employment history. | Processing applications; fulfilling employment obligations. |
We may also receive information about you from third parties, business partners, affiliates, or publicly available sources. For example, if you submit a job application, we may conduct a background check.
How We Use Personal Information
We collect and use personal information only as reasonably necessary and proportionate to achieve the purposes described in this Policy or as required by law. We may use your information to:
- Provide our training services, programs, and platform access.
- Communicate about your enrollment, billing, and account activity.
- Send email alerts, event registrations, and notices about our products or services.
- Improve our website and tailor its content to your preferences.
- Conduct testing, research, analysis, and product development.
- Detect, investigate, and prevent fraud, security risks, or illegal activity.
- Comply with legal obligations and enforce our agreements.
- Fulfill any other purpose disclosed at the time of collection or with your consent.
Our processing of your information is based upon your consent, our need to perform a contract, our legal obligations, and/or our legitimate business interest — often more than one basis applies simultaneously.
Disclosure of Personal Information
We may disclose your personal information in the following circumstances:
- To protect the rights, property, or safety of us, our clients, or others.
- To contractors, service providers, and third parties supporting our business.
- To fulfill the purpose for which you provided the information.
- To a buyer or successor in the event of a sale, merger, or transfer of our business or assets.
- To comply with any court order, law, or legal process, including government requests.
- To carry out billing, collections, and contractual obligations.
- With your consent, or for any purpose disclosed at the time of collection.
We do not sell or otherwise share personal information with third parties for direct marketing purposes.
AI & Automated Tools
We use AI technologies only for purposes that are reasonably necessary and proportionate to operate, improve, and secure our services. We do not use AI tools to infer sensitive characteristics or for any purpose incompatible with the context in which information was collected.
We may use artificial intelligence, machine learning, and automated tools to:
- Analyze website interactions and user behavior patterns.
- Detect fraud or security risks.
- Improve platform performance.
- Assist in customer support responses.
We do not use AI or automated decision-making to make decisions that produce legal or similarly significant effects on any individual. Any personalized recommendations (e.g., suggesting a training tier) are assistive only and do not constitute binding decisions.
We do not permit personal information to be used by third-party AI vendors for their own independent model training unless we have obtained appropriate permissions or de-identified the data so it cannot reasonably be linked to an individual.
Your Choices & Rights
You may exercise the following rights by contacting us at [email protected]:
Request access to personal information we hold about you.
Obtain a copy of your data in a portable, machine-readable format.
Request correction of inaccurate or incomplete personal information.
Request deletion of your data, subject to legal obligations.
Object to our use or disclosure of your data for certain purposes.
Opt out of targeted advertising via Cookie Preferences or by contacting us.
Unsubscribe via the link in any promotional email. Service emails may still be sent.
Reply STOP to any promotional text message.
Revoke consent at any time. Revocation may affect our ability to provide services.
We recognize Global Privacy Control (GPC) signals as required by law.
Appeal any declined privacy request. If denied, contact your state Attorney General.
We will ask you to verify your identity before fulfilling any request. You may also designate an authorized agent. We will require:
- Signed Authorization — A statement signed by you and the agent confirming the agent's authority to act on your behalf.
- Business Proof (if applicable) — If the agent is a business, proof of registration with the Secretary of State in California.
Requests missing either piece of information will be denied.
Data Security
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access and disclosure. Access is restricted to employees and contractors who need the information to provide services to you. We maintain physical, electronic, and procedural safeguards to limit access to non-public personal information.
⚠️ Security Limitation: No method of transmission over the internet or electronic storage is completely secure. Although we use reasonable efforts to protect your information, we cannot guarantee its security. Any electronic transmission is at your own risk. If required by law to inform you of a breach, we will notify you electronically, in writing, or by telephone.
How We Retain Your Personal Information
We hold personal information for as long as you are a client and use our services, or as required for legal, regulatory, fraud prevention, and legitimate business purposes.
| Data Type | Retention Period | Reason |
|---|---|---|
| General client records | Duration of relationship + reasonable period after | Service fulfillment, dispute resolution |
| Payment & tax documentation | Typically 7 years | Tax, financial, and audit law compliance |
| Account & login data | Duration of account + 2 years | Fraud prevention, account recovery |
| Web logs & analytics | Up to 2 years | Security monitoring, service improvement |
| Marketing preferences | Until opt-out or deletion request | Honoring communication preferences |
| Support / feedback records | Up to 3 years | Quality improvement, dispute resolution |
In some circumstances we may anonymize your personal information for research or statistical purposes. Anonymized data may be retained indefinitely without further notice.
International Data Transfers
Buddy Brand Fitness, LLC is located in the United States (Parker, Colorado). Personal information we collect may be transferred to and stored in destinations outside your home country. By providing your personal information, you acknowledge this potential transfer.
Our service providers and third parties may be located in the United States and other countries. Where possible, we treat personal information using the same privacy principles that apply in the country where we first received your information.
To the extent personal information is transferred out of the European Economic Area (EEA) or the United Kingdom (UK), we use one or more of the following legal mechanisms:
- Standard Contractual Clauses with data recipients outside the EEA or UK.
- International Data Transfer Agreements (IDTA) or addenda issued by the ICO for UK transfers.
- Verification that the recipient has implemented Binding Corporate Rules.
- Other legal methods available to us under applicable law.
Other Important Information
Third-Party Providers
Some applications or services embedded within or linked from our website are controlled by third-party providers (e.g., maps, social media, analytics). These third parties may collect information about you under their own privacy policies, which we do not control. Contact them directly with questions about their practices.
Non-Personal Information
This Privacy Policy does not restrict our collection, use, or disclosure of aggregated information or information that does not identify, or cannot reasonably be linked to, any individual.
Accessibility
If you are visually impaired, you may access this notice through your browser's audio reader or other assistive technology.
Changes to This Policy
We will post any changes to this Privacy Policy on our website. If we make material changes to how we treat personal information, we may notify you by email or through a notice on our website homepage. The date this policy was last revised is identified at the top of this page.
Children's Policy
We comply with the Children's Online Privacy Protection Act of 1998 (COPPA) and applicable state laws protecting the privacy of children. We do not knowingly contact or collect personal information from children under the age of 16. Our website is not intended to solicit information of any kind from children under 16.
If we are notified that we have received information from a child under 16, we will immediately obtain parental consent or delete the information from our servers. To notify us, email [email protected].
Contact Information
Questions, concerns, or privacy rights requests should be directed to us using the information below. Identity verification will be required for privacy rights requests.
Parker, CO 80138
United States State Privacy Laws
This section describes our additional information practices under applicable state laws. It does not cover information exempted by the Gramm-Leach-Bliley Act (GLBA) or HIPAA.
Connecticut residents have rights under the Connecticut Data Protection Act in addition to those described in "Your Rights" above, including the right to opt out of targeted advertising and to appeal a declined request. We do not "sell" personal information or engage in profiling with legal or similarly significant effects. To opt out of targeted marketing, adjust your Cookie Preferences or contact us. Declined requests may be appealed; if denied, you may contact the Connecticut Attorney General.
Nevada law permits marketing calls to existing customers, but you may opt out by emailing [email protected]. You may also contact: Nevada Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington St., Ste 3900, Las Vegas, NV 89101; (702) 486-3132; [email protected].
First contact us at www.buddybrand.fitness/privacy-policy or [email protected]. For unresolved complaints regarding money transmission or currency exchange, contact: Texas Department of Banking, 2601 North Lamar Blvd, Austin, TX 78705-4294; (877) 276-5554 (toll-free); www.dob.texas.gov.
Utah residents have rights under the Utah Consumer Privacy Act in addition to those in "Your Rights" above, including the right to opt out of targeted advertising. We do not "sell" personal information or engage in profiling with legal or similarly significant effects. To opt out, adjust Cookie Preferences or contact us.
In accordance with Vermont law, we will not share information about you with companies outside of Buddy Brand Fitness, LLC, except as required or permitted by law — for example, to service your account, complete transactions, or provide benefits to which you are entitled.
Virginia residents have rights under the Virginia Consumer Data Protection Act in addition to those in "Your Rights" above. We do not "sell" personal information or engage in profiling with legal or similarly significant effects. To opt out of targeted marketing, adjust Cookie Preferences. Declined requests may be appealed; if denied, you may contact the Virginia Attorney General.
Other Jurisdictions
If you are an Australian resident and are dissatisfied with how we handle a complaint, you may contact the Office of the Australian Information Commissioner.
Personal information processed by our affiliates and service providers in the U.S. or other foreign jurisdictions may be subject to disclosure pursuant to lawful access requests. We will not share your information with third parties for marketing purposes without your prior consent. Contact us with questions or correction requests using the Contact section above.
If you are located in the EEA or UK, we comply with applicable laws providing an adequate level of data protection for transfers to the US. We use Standard Contractual Clauses, IDTA, Binding Corporate Rules, or other lawful mechanisms as required. EEA residents may contact the Office of the Data Protection Commissioner; UK residents may contact the Information Commissioner's Office (ICO).
California Privacy Notice
Last Updated: November 15, 2023
Scope
This California Privacy Notice ("CA Notice") supplements our Privacy Policy and applies solely to California residents. It describes how we collect, use, disclose, and process personal information within the scope of the CCPA as amended by the CPRA. It does not apply to information we process as a service provider on behalf of third-party clients.
Sensitive Personal Information
We may collect "Sensitive Personal Information" under California law — such as Social Security Numbers or financial account information — primarily in connection with payments and billing. We use this information only for permitted purposes: processing payments, preventing fraud, and complying with financial obligations. We do not use or disclose Sensitive Personal Information for profiling or automated decision-making.
Selling or Sharing for Targeted Advertising
We do not "sell" personal information in the traditional sense. We may allow third-party partners to collect information through our services for analytics and ad optimization. To the extent this constitutes a "sale" or "sharing" under the CCPA, see our Cookie Policy for opt-out rights.
Additional Rights for California Residents
- Right to Know — Request disclosure of categories and specific pieces of personal information collected, sources, business purposes, and third parties to whom it is disclosed.
- Right to Delete — Request deletion of personal information, subject to certain exceptions.
- Right to Correct — Request correction of inaccurate personal information.
- Right to Opt-Out of Sale/Sharing — Direct us not to sell or share your personal information.
- Non-Discrimination — The right not to be discriminated against for exercising privacy rights. We will not deny goods or services, charge different prices, or provide different quality because you exercised a right.
- Right to Limit Sensitive PI Use — Limit use of Sensitive Personal Information to permitted purposes under the CPRA.
How to Exercise Your California Rights
Submit your request to [email protected]. We will acknowledge within 10 days and respond within 45 days. If we require additional time (up to another 45 days), we will notify you. Authorized agent requirements are described in the "Your Rights" section above.
Categories of Personal Information Collected — Last 12 Months
| Category | Disclosed to Third Parties for Business Purposes |
|---|---|
| Identifiers (name, email, IP address, device ID, account name) | Advertising networks, affiliates, data analytics providers, government entities, internet service providers, operating systems, other service providers, payment processors, social media platforms |
| Financial Information (payment/account numbers, transaction history) | Government entities, internet service providers, other service providers, payment processors, service fulfillment companies |
| Protected Characteristics (where voluntarily provided) | Affiliates, government entities, other service providers |
| Commercial Information (products/services purchased, browsing history) | Advertising networks, affiliates, business partners, data analytics providers, government entities, internet service providers, other service providers, payment processors, social media platforms |
| Geolocation Data (approximate location) | Data analytics providers, internet service providers, other service providers |
| Electronic & Sensory Data (audio/visual from support calls) | Government entities, other service providers |
| Professional / Employment Information (job applicants) | Government entities, other service providers |
| Inferences drawn from the above (preferences, behaviors) | Affiliates, data analytics providers, other service providers |
Contact for California Requests
For questions related to this CA Notice, email [email protected].