Legal

Privacy Policy

Last updated: May 17, 2026

Digital Upwelling Inc., a Florida corporation (“Digital Upwelling,” “we,” “our,” or “us”), respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit www.digitalupwelling.com or otherwise interact with us through the website (collectively, the “Site”).

By using the Site, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Site.

This Privacy Policy applies to information we collect through the Site. It does not apply to information collected by third parties, including third-party websites or services that may link to or be accessible from the Site. Engagements with Digital Upwelling under separate written agreements are governed by the confidentiality and data-handling provisions of those agreements rather than by this Privacy Policy.

1. Scope of This Policy

This Privacy Policy applies to information we collect through the Site, including the website, contact forms, email communications, and any related features that link to this Privacy Policy. The Site is operated from the United States. If you access the Site from outside the United States, please review the International Data Transfers section below.

2. Information We Collect

We collect information in three ways: information you provide directly, information collected automatically as you use the Site, and information we receive from third parties.

Information You Provide Directly

When you submit our Expression of Interest form, contact form, subscribe to communications, or otherwise interact with the Site, you may provide:

  • Contact information, including your name, email address, company name, and company website URL.
  • Engagement inquiry information, including descriptions of the business situation, challenges, or objectives you are considering for an engagement, along with information about timeline, scope, role, and budget where you choose to provide it.
  • Communications, including emails, messages, and other correspondence you send to us.
  • Marketing preferences, including subscription choices for any newsletter or update services we may offer.
  • Direct correspondence, including any information contained in emails, calls, or other communications you initiate with us.

We do not collect payment information on the Site. Engagements that result in financial transactions are handled through separate billing arrangements outside the Site.

Information Collected Automatically

When you access the Site, we and our service providers automatically collect:

  • Device and connection data, including IP address, device identifiers, operating system, browser type, language settings, and referring URLs.
  • Usage data, including pages viewed, the order in which they were viewed, time spent on each page, click paths, session timing, and interaction with Site features.
  • Location data, including approximate location derived from IP address (we do not collect precise GPS location).
  • Cookie and similar technology data, as described in the Cookies and Tracking Technologies section below.

Information from Third Parties

We may receive information about you from:

  • Analytics providers offering aggregated insights about Site usage.
  • Service providers assisting with security, fraud prevention, or customer support.
  • Public business databases or professional networking platforms, in cases where we research a prospect’s business context after they have initiated contact.

3. Sensitive Personal Information

We do not knowingly collect Sensitive Personal Information as defined under the California Privacy Rights Act (CPRA) or comparable state laws. We do not collect government-issued identification numbers, financial account credentials, precise geolocation, racial or ethnic origin, religious beliefs, union membership, genetic data, biometric identifiers, health information, or information about sex life or sexual orientation.

If you voluntarily submit any such information through communications with us, we will treat it consistently with your reasonable expectations and applicable law.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • Responding to inquiries, including evaluating engagement fit, scheduling discovery calls, and communicating with you about potential or active engagements.
  • Service delivery, including providing information about our services and supporting communications with prospective and active clients.
  • Customer support, including responding to questions about the Site or about our services.
  • Communications, including transactional notices, responses to inquiries, newsletters or updates (where you have requested them), and survey invitations.
  • Analytics and improvement, including understanding how visitors use the Site, measuring content performance, identifying trends, and improving the Site over time.
  • Security and protection, including detecting unauthorized access, preventing abuse, and enforcing our Terms of Use.
  • Legal compliance, including responding to lawful requests, defending legal claims, and complying with applicable regulatory obligations.
  • Business operations, including auditing, internal reporting, and corporate transactions.

We do not use information collected through the Site for cross-context behavioral advertising, interest-based advertising, or other forms of advertising that share information with third-party advertising platforms.

5. Legal Bases for Processing (EEA, UK, and Switzerland)

If you are located in the European Economic Area, United Kingdom, or Switzerland, we process your personal data under the following legal bases:

  • Performance of a contract or pre-contractual measures, when processing is necessary to respond to your inquiry or to provide services you have requested.
  • Legitimate interests, including operating, securing, and improving the Site, and conducting business communications where we have assessed that your rights and freedoms do not override our interests.
  • Consent, including for certain marketing communications and non-essential cookies, which you may withdraw at any time.
  • Legal obligation, when processing is required to comply with applicable law.

6. How We Share Your Information

We share information only as described below. We do not sell personal information for monetary consideration. We do not share personal information for cross-context behavioral advertising.

Service Providers

We share information with vendors that perform services on our behalf, including:

  • Cloud hosting and content delivery providers.
  • Email service providers and marketing automation tools.
  • Analytics and product measurement providers.
  • Customer relationship management (CRM) platforms.
  • Security and fraud prevention service providers.
  • Professional advisors, including legal counsel and accountants.

These providers are bound by contractual obligations to use your information only for the purposes we direct and to maintain appropriate security safeguards.

Legal and Safety Disclosures

We may disclose information when we believe in good faith that disclosure is necessary to:

  • Comply with applicable law, court orders, subpoenas, or other legal process.
  • Respond to lawful requests from public authorities, including for national security or law enforcement purposes.
  • Protect the rights, property, or safety of Digital Upwelling, our visitors, our clients, or others.
  • Investigate, prevent, or take action regarding suspected fraud, security breaches, or violations of our Terms of Use.

Business Transfers

If Digital Upwelling is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

With Your Direction

We share information when you direct us to do so.

7. Cookies and Tracking Technologies

We and our service providers use cookies, web beacons, pixels, and similar technologies to operate and improve the Site. The categories include:

  • Strictly necessary cookies, required for security and core Site functionality.
  • Performance and analytics cookies, helping us understand how the Site is used so we can improve it.
  • Functionality cookies, remembering your preferences and prior interactions.

We do not currently use advertising cookies, advertising identifiers, or tracking technologies that support cross-context behavioral advertising.

You can control cookies through your browser settings. Disabling certain cookies may limit Site functionality.

We honor opt-out preference signals as described in the Global Privacy Control section below.

8. Data Retention

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, including responding to your inquiry, providing requested information, complying with legal obligations, resolving disputes, and enforcing agreements. Specific retention periods include:

  • Inquiry and engagement-evaluation information, retained for up to 36 months after the most recent interaction to support relationship continuity, follow-up communications, and reference for future engagements.
  • Active engagement records, retained for the duration of the engagement and for a reasonable period after conclusion, subject to the terms of any applicable Services Agreement.
  • Marketing records, retained until you unsubscribe or object, plus a brief suppression period to honor your preference.
  • Server logs and security records, typically retained for 12 to 24 months.
  • Customer support communications, retained for up to three years.
  • Records required by law, retained for as long as required by applicable tax, accounting, or other regulatory obligations.

After applicable retention periods expire, we delete, anonymize, or aggregate the information.

9. Data Security

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. These include encryption of data in transit, access controls, network monitoring, vendor due diligence, and employee training.

No method of transmission or storage is completely secure. While we strive to protect your information, we cannot warrant absolute security, and you provide information at your own risk. If we become aware of a security incident affecting your personal information, we will notify you in accordance with applicable law.

10. International Data Transfers

We operate the Site from the United States. If you access the Site from outside the United States, your information will be transferred to, stored, and processed in the United States and other countries where we or our service providers operate.

For transfers from the European Economic Area, United Kingdom, or Switzerland, we rely on appropriate transfer mechanisms, including the European Commission’s Standard Contractual Clauses and the EU-US Data Privacy Framework where applicable. You may request a copy of the safeguards we apply by contacting privacy@digitalupwelling.com.

The data protection laws in the United States may differ from those in your country of residence. By using the Site or providing us with any information, you consent to this transfer, processing, and storage.

11. Your Privacy Rights

Depending on where you live, you may have the following rights regarding your personal information:

  • Right to know or access, including the categories and specific pieces of information we hold about you.
  • Right to delete or erase, subject to legal exceptions.
  • Right to correct or rectify, including inaccurate or incomplete information.
  • Right to data portability, in a structured, commonly used format.
  • Right to opt out of sale or sharing of personal information for cross-context behavioral advertising (note: Digital Upwelling does not sell or share personal information for these purposes).
  • Right to limit use of Sensitive Personal Information (note: Digital Upwelling does not knowingly collect Sensitive Personal Information).
  • Right to opt out of certain automated decision-making, including profiling that produces legal or similarly significant effects.
  • Right to non-discrimination for exercising your rights.
  • Right to withdraw consent, where processing is based on consent.
  • Right to lodge a complaint with a data protection authority.

How to Exercise Your Rights

You may submit a request by emailing privacy@digitalupwelling.com or by writing to the address in the Contact Us section. We will verify your identity before responding, typically by confirming information associated with your inquiry or correspondence.

You may use an authorized agent to submit a request on your behalf, subject to verification requirements under applicable law.

We will respond within the timeframes required by applicable law. We will not discriminate against you for exercising your rights.

California Residents

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides additional rights. The categories of personal information we have collected, the sources, the purposes for collection, and the categories of recipients are described throughout this Privacy Policy.

In the preceding 12 months, we have collected the following CCPA categories of personal information: identifiers, customer records, commercial information, internet or other electronic network activity, geolocation data (approximate), and inferences. We may share these categories with service providers and as otherwise described in this Privacy Policy.

We do not sell personal information for monetary consideration. We do not share personal information for cross-context behavioral advertising.

We do not knowingly sell or share the personal information of consumers under 16 years of age.

Other US State Residents

Residents of Colorado, Connecticut, Delaware, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia, and other states with comprehensive privacy laws have rights similar to those described above, subject to state-specific exceptions and verification procedures. To exercise these rights, contact us using the methods above.

You may appeal a denial of a privacy rights request by replying to our response or by emailing privacy@digitalupwelling.com with the subject line “Privacy Rights Appeal.”

EEA, UK, and Swiss Residents

In addition to the rights above, you may lodge a complaint with your local data protection authority. We encourage you to contact us first so we can address your concerns.

12. Global Privacy Control and Opt-Out Signals

We honor the Global Privacy Control (GPC) and similar opt-out preference signals as required by California, Colorado, Connecticut, and other state privacy laws. When we detect a valid signal from your browser or device, we treat it as a request to opt out of the sale or sharing of personal information for that browser or device. To apply your preference across all sessions and devices, please also submit a request by contacting privacy@digitalupwelling.com.

13. Automated Decision Making

We do not engage in automated decision-making that produces legal or similarly significant effects on you. We use automated processing for analytics and Site personalization, but these processes do not result in decisions that meaningfully restrict your access to services, employment, credit, housing, education, or similar opportunities. If our practices change, we will update this Privacy Policy and provide any required disclosures.

14. Children’s Privacy

The Site is not directed at children, and we do not knowingly collect personal information from children under 13 in the United States, or under 16 in the European Economic Area and other jurisdictions where a higher age applies. If we become aware that we have collected personal information from a child below the applicable threshold without verifiable parental consent, we will delete it.

If you believe we have collected information from a child without appropriate consent, please contact privacy@digitalupwelling.com.

15. Third-Party Links and Services

The Site may contain links to third-party websites, applications, or services that we do not operate or control. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy practices of any third party before providing information to them.

16. Disclaimer

By consenting to the Terms of Use and this Privacy Policy, you acknowledge that no data transmission over the Internet is completely secure. We cannot guarantee or warrant the security of any information you provide to us, and you transmit such information to us at your own risk.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated Privacy Policy on the Site with a revised “Last Updated” date and, where required, by providing additional notice. We encourage you to review the Privacy Policy periodically.

Your continued use of the Site after changes take effect constitutes acceptance of the revised Privacy Policy, except where additional steps are required by law.

18. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Digital Upwelling Inc.
Attn: Privacy
512 W. 7th Avenue
Tallahassee, Florida
United States

Email: privacy@digitalupwelling.com

For privacy rights requests, please use the subject line “Privacy Rights Request” so we can route your inquiry promptly.

This Privacy Policy was last updated on May 17, 2026.