Legal

Privacy Policy

Last updated: January 1, 2025

1. Introduction

Consistra LLC ("Consistra," "we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (consistra.com) or engage our services.

By using our website or services, you consent to the practices described in this policy. If you do not agree with this policy, please do not access our website or use our services.

2. Information We Collect

2.1 Information You Provide Directly

  • Contact Information: Name, email address, company name, and phone number when you fill out our contact form or communicate with us
  • Business Information: Details about your business operations, workflows, and technical requirements shared during consultations
  • Payment Information: Billing details processed through our payment processor (Stripe). We do not store credit card numbers on our servers
  • Communications: Content of emails, messages, and other communications you send to us

2.2 Information Collected Automatically

  • Device Information: Browser type, operating system, device type, and screen resolution
  • Usage Data: Pages visited, time spent on pages, referring URLs, and click patterns
  • Log Data: IP address, access times, and server logs
  • Cookies: Small data files stored on your device to improve your experience (see Section 7)

3. How We Use Your Information

We use the information we collect to:

  • Respond to your inquiries and provide customer support
  • Deliver and improve our services
  • Process payments and send transaction confirmations
  • Send service-related communications (project updates, invoices, support responses)
  • Analyze website usage to improve our site and user experience
  • Comply with legal obligations and enforce our terms of service
  • Protect against fraud and unauthorized access

We do not sell your personal information to third parties. We do not use your data for automated decision-making or profiling.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data under the following legal bases:

  • Consent: When you voluntarily submit your information through our contact form or accept cookies
  • Contract Performance: When processing is necessary to fulfill our contractual obligations to you
  • Legitimate Interest: For website analytics, fraud prevention, and improving our services, where such interests are not overridden by your rights
  • Legal Obligation: When processing is required to comply with applicable laws

5. Information Sharing and Disclosure

We may share your information in the following circumstances:

  • Service Providers: With trusted third-party vendors who assist in operating our website, processing payments (Stripe), and delivering services. These providers are contractually obligated to protect your data
  • Legal Requirements: When required by law, regulation, legal process, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction
  • Protection of Rights: When necessary to protect the rights, property, or safety of Consistra, our clients, or the public

6. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law. Specifically:

  • Contact form submissions: retained for up to 3 years after last communication
  • Client engagement data: retained for 7 years after engagement conclusion for legal and tax purposes
  • Website analytics data: retained for up to 26 months
  • Cookie data: retained according to the cookie type (see Section 7)

7. Cookies

Our website uses cookies and similar technologies to enhance your browsing experience. Types of cookies we use:

  • Essential Cookies: Required for the website to function properly. These cannot be disabled
  • Analytics Cookies: Help us understand how visitors interact with our website. These are only set with your consent

You can manage cookie preferences through your browser settings or our cookie consent banner. Disabling cookies may affect website functionality.

8. Your Rights Under GDPR

If you are located in the EEA, UK, or Switzerland, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data, subject to legal retention requirements
  • Right to Restriction: Request that we limit how we process your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at shilpa@consistra.com. We will respond within 30 days.

9. Your Rights Under CCPA

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you
  • Right to Delete: Request deletion of personal information we have collected, subject to exceptions
  • Right to Opt-Out: We do not sell personal information. If this changes, you will have the right to opt out
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

To exercise your CCPA rights, contact us at shilpa@consistra.com. We will verify your identity before processing requests.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Access controls and authentication requirements
  • Regular security assessments
  • Employee training on data protection
  • Incident response procedures

While we take reasonable precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, including standard contractual clauses approved by relevant authorities.

12. Children's Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

13. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing personal information.

14. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last updated" date. Material changes will be communicated to active clients directly. Your continued use of our website or services after changes are posted constitutes acceptance of the revised policy.

15. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us at:

Consistra LLC
Attn: Data Privacy
30 N Gould St Ste R
Sheridan, WY 82801
Email: shilpa@consistra.com