Privacy Policy

How Beautforce collects, uses, and protects your personal information.

Last updated:

1. Introduction and Data Controller

This Privacy Policy describes how Beautforce ("we," "us," or "our") collects, processes, stores, and protects personal data when you visit our website at beautforce.world or interact with our educational consulting services related to daily execution systems.

The data controller responsible for your personal data is:

Beautforce
1000 3rd Ave, New York, NY 10022, United States
Email: hello@beautforce.world
Phone: +1 212-705-2000

We are committed to complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) for individuals in the European Economic Area (EEA), the UK GDPR, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and other relevant international privacy frameworks.

2. Scope of This Policy

This policy applies to all personal data we process through:

  • Our website and its subpages
  • Contact forms and email correspondence
  • Educational program enrollments and consulting inquiries
  • Cookie and similar tracking technologies (see our Cookie Policy)
  • Any other channel where we explicitly reference this Privacy Policy

This policy does not apply to third-party websites linked from our pages. We encourage you to review the privacy policies of any external sites you visit.

3. Categories of Personal Data We Collect

3.1 Data You Provide Directly

When you contact us or use our services, you may provide:

  • Identity data: full name
  • Contact data: email address, phone number, postal address
  • Communication data: message content, inquiry details, preferences
  • Consent records: GDPR consent checkbox confirmations and cookie preferences
  • Transaction data: purchase records for educational products (if applicable)

3.2 Data Collected Automatically

When you visit our website, we may automatically collect:

  • Technical data: IP address, browser type and version, operating system, device type
  • Usage data: pages visited, time spent, referral source, click patterns
  • Cookie data: as described in our Cookie Policy

3.3 Data We Do Not Collect

We do not intentionally collect sensitive personal data such as health information, biometric data, racial or ethnic origin, political opinions, religious beliefs, or genetic data. Our services relate to educational consulting on daily execution systems and do not require such information.

4. Legal Basis for Processing (GDPR)

For individuals in the EEA and UK, we process personal data under the following legal bases:

  • Consent (Article 6(1)(a)): When you submit a contact form with GDPR consent, accept non-essential cookies, or subscribe to communications
  • Contractual necessity (Article 6(1)(b)): When processing is required to fulfill an educational product purchase or consulting agreement
  • Legitimate interests (Article 6(1)(f)): For website security, fraud prevention, service improvement, and responding to general inquiries where consent is not required
  • Legal obligation (Article 6(1)(c)): When we must retain data to comply with tax, accounting, or regulatory requirements

5. Purposes of Data Processing

We use your personal data for the following specific purposes:

  • Responding to contact form submissions and email inquiries
  • Delivering educational consulting services and personalized planning guidance
  • Processing enrollments in educational programs and challenges
  • Managing refund requests in accordance with our Refund Policy
  • Improving website content, usability, and informational quality through analytics (with consent)
  • Sending relevant communications about our services (with consent)
  • Maintaining website security and preventing unauthorized access
  • Complying with legal obligations and resolving disputes

6. Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes described in this policy:

  • Contact form data: Retained for 24 months from the date of last communication, unless you request earlier deletion
  • Consulting session records: Retained for 36 months after the final session, for reference and quality purposes
  • Transaction and purchase records: Retained for 7 years to comply with tax and accounting obligations
  • Cookie consent preferences: Retained for 12 months, after which we will request renewed consent
  • Analytics data: Aggregated and anonymized after 26 months; raw data deleted per our analytics provider settings
  • Server logs: Retained for 90 days for security monitoring, then automatically purged

When retention periods expire, data is securely deleted or irreversibly anonymized.

7. Data Sharing and Third Parties

We do not sell your personal data. We may share data with:

  • Service providers: Hosting providers, email delivery services, and analytics platforms that process data on our behalf under strict data processing agreements
  • Legal authorities: When required by law, court order, or governmental regulation
  • Professional advisors: Lawyers, accountants, or auditors bound by confidentiality obligations

All third-party processors are required to implement appropriate technical and organizational security measures and process data only according to our documented instructions.

8. International Data Transfers

As a United States-based organization, your data may be transferred to and processed in the United States or other countries where our service providers operate. When transferring data from the EEA or UK, we implement appropriate safeguards including Standard Contractual Clauses (SCCs) approved by the European Commission, and we assess the data protection laws of recipient countries.

9. Security Measures

We implement technical and organizational measures to protect your personal data, including:

  • HTTPS encryption for all data transmitted between your browser and our servers
  • Access controls limiting personal data access to authorized personnel only
  • Regular security assessments of our website infrastructure
  • Secure storage with encryption at rest where technically feasible
  • Employee training on data protection principles and incident response
  • Incident response procedures for detecting, reporting, and addressing data breaches within 72 hours as required by GDPR

While we take reasonable precautions, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security.

10. Your Rights Under GDPR and Applicable Laws

Depending on your location, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your data when there is no compelling reason for continued processing
  • Right to restrict processing: Request that we limit how we use your data in certain circumstances
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent: Withdraw consent at any time without affecting the lawfulness of prior processing
  • Right to lodge a complaint: File a complaint with your local data protection authority

To exercise any of these rights, contact us at hello@beautforce.world. We will respond within 30 days. We may request identity verification before processing your request.

11. California Privacy Rights (CCPA/CPRA)

California residents have additional rights including the right to know what personal information is collected, the right to delete personal information, the right to opt out of the sale or sharing of personal information (we do not sell personal information), and the right to non-discrimination for exercising privacy rights. To submit a verifiable consumer request, contact us using the details in Section 1.

12. Children's Privacy

Our website and services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly.

13. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals. Any analytics we employ are used solely for aggregate website improvement.

14. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. Material changes will be indicated by updating the date at the top of this page. We encourage you to review this policy periodically. Continued use of our website after changes constitutes acknowledgment of the updated policy.

15. Contact and Data Protection Inquiries

For questions about this Privacy Policy, to exercise your data rights, or to report a concern:

Beautforce
1000 3rd Ave, New York, NY 10022, United States
Email: hello@beautforce.world
Phone: +1 212-705-2000

EEA residents may also contact their local supervisory authority. A list of EU data protection authorities is available at edpb.europa.eu.