top of page

PRIVACY POLICY

A legal disclaimer

This Privacy Policy explains how Create Refine Studio, LLC ("Create Refine Studio," "we," "us," or "our") collects, uses, discloses, and safeguards personal information when you visit our websites, use our products and services, communicate with us, or otherwise interact with us (collectively, the "Services").

​

If you do not agree with this Privacy Policy, please do not use the Services. If you have questions, contact us at info@createrefinestudio.com.

1) Who we are

Controller: Create Refine Studio LLC, United States.
Contact: info@createrefinestudio.com

 

2) Scope

This Policy covers personal information we process as a controller through the Services. It does not cover information processed on behalf of our clients as their processor (see Section 12), or third-party services that link to/from our Services.

 

3) Information we collect

We collect information directly from you, automatically from your device/browser, and from third parties.

A. Information you provide

  • Identity & contact data: name, company, job title, email address, phone number, billing/shipping address.

  • Account credentials: usernames and passwords (hashed & salted).

  • Communications & content: messages, emails, support requests, survey responses, and any files you upload.

  • Payment information: processed by our payment processors (we do not store full card numbers).

  • Professional information: portfolio links, resumes, project briefs, statements of work.

  • Preferences: marketing and communication preferences.

B. Information collected automatically

  • Usage data: pages viewed, links clicked, features used, time spent, referring/exit pages.

  • Device & technical data: IP address, browser type/version, device IDs, operating system, language, time zone.

  • Location data: approximate location derived from IP.

  • Cookies & similar technologies: first- and third-party cookies, pixels, and SDKs (see Section 8).

C. Information from third parties

  • Payment & fraud partners: payment status, chargeback signals.

  • Analytics/advertising partners: aggregated or inferred interests, campaign performance.

  • Social & integrations: information from platforms you connect or interact with.

  • Public & enterprise sources: business contact data, professional profiles, and customer referrals.

 

4) How we use information (purposes & legal bases)

We use personal information to:

  1. Provide and maintain the Services (create/manage accounts, deliver features, process transactions, provide support).

  2. Communicate with you (service messages, updates, security alerts).

  3. Personalize and improve the Services (analytics, research, troubleshooting, debugging).

  4. Marketing & advertising (with your consent where required): send newsletters, measure and deliver ads, and promote relevant content.

  5. Security & fraud prevention (detect, prevent, and respond to security incidents).

  6. Legal & compliance (enforce terms, comply with law, protect rights and safety).

Legal bases (EEA/UK/Switzerland where applicable): performance of a contract, legitimate interests (e.g., product improvement, fraud prevention, direct marketing), consent, and compliance with legal obligations.

 

5) Processing as a service provider/processor

When our clients send us personal information to process on their behalf (e.g., assets to render, contact lists for approved communications), we act as a processor/service provider under applicable law and process such data pursuant to our contract and the client’s instructions. Clients are responsible for providing applicable privacy disclosures to their end users and obtaining necessary permissions.

 

6) Disclosures of information

We disclose personal information to:

  • Service providers and vendors (e.g., hosting, cloud storage, payment processing, analytics, email delivery, customer support, security).

  • Professional advisors (lawyers, accountants, auditors).

  • Business transfers (in connection with a merger, acquisition, financing, or sale of assets).

  • Legal, safety, and compliance (to comply with law, respond to lawful requests, or protect rights, property, or safety).

  • With your direction or consent.

We do not sell personal information for money. We may share limited information (e.g., online identifiers, device data, usage) with advertising/analytics partners which could be considered a "sale" or "share" under some U.S. state laws—see Section 10 for your choices.

 

7) Data retention

We retain personal information only as long as necessary to fulfill the purposes described in this Policy, including to meet legal, accounting, or reporting requirements. Retention periods vary by category and context (e.g., account data for the life of the account plus up to 6 years; contract and billing records up to 7 years; marketing data until you opt out or after a defined inactivity period). We may anonymize data for statistical use.

 

8) Cookies, analytics, and advertising

We and our partners use cookies, pixels, and similar technologies to operate the Services, remember preferences, understand usage, and—where permitted—deliver/measure advertising. You can manage cookies in your browser settings and via our cookie banner or preferences center (where available). Blocking some cookies may impact functionality.

Analytics: We may use analytics providers to help us understand how the Services are used.
Advertising: We may use ad partners to show ads and measure performance. Depending on your jurisdiction, we will obtain consent before setting non-essential cookies.

 

9) Your rights & choices

Your rights depend on your location. Subject to applicable law, you may have the right to:

  • Access your personal information and obtain a copy.

  • Correct inaccurate or incomplete information.

  • Delete your information.

  • Restrict or object to certain processing, including direct marketing.

  • Data portability (receive in a structured, commonly used, machine-readable format).

  • Withdraw consent where processing is based on consent.

  • Appeal our decision if we decline your request (where applicable).

To exercise rights, contact info@createrefinestudio.com. We may verify your identity before responding. You may also manage marketing emails by using the "unsubscribe" link.

 

10) U.S. state privacy disclosures (including California)

Some U.S. state laws (e.g., California, Colorado, Connecticut, Virginia, Utah, Oregon, Texas) provide residents specific rights.

A. Notice at collection — categories & purposes

We collect the following categories (as defined under state laws):

  • Identifiers (e.g., name, email, IP address, device IDs) — to provide Services, security, marketing.

  • Customer records (contact, billing) — transactions, support, compliance.

  • Commercial information (purchases, transactions) — accounting, analytics.

  • Internet or network activity (browsing, usage) — security, analytics, improvement, advertising.

  • Geolocation data (approximate) — analytics, security, localization.

  • Professional/employment info (for B2B contacts) — sales, service delivery.

  • Inferences (preferences) — personalization, marketing (where permitted).

B. "Selling" or "sharing" and targeted advertising

We do not sell personal information in exchange for money. We may engage in activities considered a sale or share (CPRA) or targeted advertising (other state laws) when using analytics/ads partners. ​

C. California-specific rights

California residents may request access, correction, deletion, and to limit the use/disclosure of sensitive personal information (to necessary purposes). We do not use sensitive personal information for inferring characteristics.

D. Non-discrimination

We will not discriminate against you for exercising rights.

E. Metrics & verification

If required, we will publish request metrics. We will verify requests using information we maintain about you.

 

11) International data transfers

If you access the Services from outside the United States, your information may be transferred to and processed in the U.S. and other countries that may not provide the same level of protection. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for such transfers.

 

12) Our role with client data (B2B)

For content or personal information provided by clients for project execution (e.g., creative assets, lists for approved outreach), we act as a processor/service provider and will: (a) process only on documented instructions, (b) implement appropriate security, (c) assist with data subject requests directed to the client, and (d) delete/return data at the end of the engagement, unless law requires retention. These commitments are further described in our contracts and, if applicable, a Data Processing Addendum (DPA).

 

13) Security

We implement administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit, access controls, vulnerability management, and workforce training. No system is 100% secure. If we learn of a breach affecting your information, we will notify you and regulators as required by law.

 

14) Children’s privacy

Our Services are not directed to children. We do not knowingly collect personal information from children under 18. If you believe a child provided us information, contact us and we will take appropriate steps to delete it.

 

15) Third-party links & features

The Services may contain links to third-party websites, plug-ins, or integrations. We are not responsible for those third parties. We encourage you to review their privacy policies.

 

16) Your responsibilities

If you share personal information of others with us (e.g., team members, end users), you must ensure you have a lawful basis to do so and provide appropriate notices to those individuals.

 

17) Changes to this Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective date" and, where required, provide additional notice. Your continued use of the Services after an update constitutes acceptance.

 

18) How to contact us

Email: info@createrefinestudio.com

bottom of page