Privacy Policy

1) Overview

Cleancell Oratory (“we”, “us”) provides informational content and services through our website. This policy covers information processed when you browse, communicate with us, or submit forms. It also explains cookie choices and how to exercise privacy rights.

Controller/business: Cleancell Oratory.
Scope: Website interactions, contact forms, and privacy requests.
Key principle: We collect only what we need to operate, secure, and improve the site.

2) Data we collect

We may collect information you provide directly, information collected automatically when you use the site, and information necessary to comply with legal obligations.

Contact data: name, email, phone (if provided), message content, and related metadata when you submit a form.
Request verification data: details needed to verify your identity when you submit a data request (e.g., email verification and request context).
Device & usage: IP address (may be stored in server logs), approximate location (derived from IP), browser type, pages viewed, timestamps, and referring/exit pages.
Cookie preferences: your consent choices (e.g., cookie_consent_v1), stored locally to respect your settings.

We do not intentionally collect special categories of data (e.g., health, biometrics). Please avoid sending sensitive information in free-text fields.

3) How we use data

We use personal data only for legitimate, transparent purposes. Depending on your interaction, we may process data to:

Provide and operate site features, respond to inquiries, and handle requests.
Improve quality by understanding usage patterns and optimizing performance.
Secure the service by detecting abuse, preventing fraud, and maintaining system integrity.
Comply with law and enforce policies (e.g., retaining certain logs when required).

When required, we rely on consent for non-essential cookies. For essential processing (e.g., security), we may rely on legitimate interests or contractual necessity depending on context.

4) Cookies & similar technologies

Cookies are small text files stored on your device. We use essential cookies to make core features work and preference cookies to remember your choices. If analytics cookies are enabled, they help us understand site usage.

Essential cookies: required for core functionality and security (cannot be disabled via our banner).
Preferences: remembers theme and cookie choices.
Analytics: optional; helps measure traffic and feature adoption.

You can also control cookies in your browser settings. Note that disabling certain cookies may affect site experience.

5) Sharing & disclosures

We do not sell personal information. We may share limited data only as necessary to operate the service, comply with law, or protect rights and safety.

Service providers: hosting, security, and email delivery services (acting under instructions).
Legal: to comply with applicable laws, lawful requests, or enforce agreements.
Business changes: in a merger, acquisition, or asset sale, data may be transferred subject to appropriate safeguards.

6) Data retention

We retain information only for as long as needed for the purposes described in this policy, unless a longer period is required or permitted by law.

Contact messages: typically retained up to 24 months to provide support continuity.
Privacy requests: retained as needed to fulfill and document the request (typically up to 36 months).
Server logs: typically retained for a limited period for security and troubleshooting.

7) Security

We use administrative, technical, and organizational measures designed to protect personal information. No method of transmission or storage is 100% secure, but we work to reduce risk through layered controls.

Access controls and least-privilege practices where applicable.
Monitoring and rate-limiting to help detect abuse.
Secure handling of form submissions and retention policies.

8) Your rights

Depending on your location, you may have rights such as access, correction, deletion, portability, and objection or restriction of processing. You may also have the right to opt out of certain processing.

Typical response window: 30 days

GDPR (EEA/UK): access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.
CCPA/CPRA (California): right to know, delete, correct, and opt out of “sale”/“sharing” where applicable.
Verification: we may request additional information to confirm identity and protect against fraud.

9) International transfers

If you access the site from outside the country where our servers or providers operate, your information may be transferred across borders. Where required, we use appropriate safeguards to protect your information.

We limit access to data on a need-to-know basis.
We apply contractual and technical safeguards where applicable.

10) Children’s privacy

Our website is not directed to children under 13 (or older where required by local law). We do not knowingly collect personal information from children. If you believe a child has provided information, contact us to request deletion.

If we learn we collected data from a child, we will take steps to delete it.
Parents/guardians may contact us for assistance.

11) Changes to this policy

We may update this policy from time to time. We will revise the “Last updated” date and, when appropriate, provide additional notice (e.g., a banner on the site).

Material changes may require renewed cookie consent for non-essential cookies.
We recommend reviewing this page periodically.

12) Contact

For privacy questions, requests, or concerns, contact us using the details below or open the data-request modal.

Email: [email protected]
Phone: +1 (415) 836-2497
Response: we aim to respond within a reasonable timeframe, typically within 30 days where required by law.