Privacy Policy

1. Scope

This Privacy Policy covers personal information we collect from and about visitors, prospects, clients, and users of our tools. It does not cover the privacy practices of third-party websites, services, or providers we link to or integrate with, which are governed by their own policies.

If you are a client and we are processing personal information on your behalf as part of an engagement (for example, content you upload to a tool), we generally act as a service provider or processor with respect to that information, and your own privacy commitments to your end users govern that data. The terms of the applicable engagement and our Terms of Service control in that scenario.

2. Information We Collect

2.1 Information You Provide Directly

• Contact and inquiry information: name, email address, phone number, company, role, and the contents of messages you send through forms, scheduling tools, or email.
• Engagement information: information you share when entering into a paid engagement, such as billing contact details, project requirements, business context, and materials you provide for review.
• Audit and tool inputs: text, documents, URLs, descriptions, and other content you submit to our digital audits, calculators, or interactive tools, including content processed by AI models as part of those tools.
• Communications: emails, call notes, scheduling exchanges, and feedback you share with us.
• Payment-related details: billing name and address provided to us. Full payment card details are handled by third-party payment processors and are not stored on our systems.

2.2 Information Collected Automatically

When you interact with the Site or our tools, we and our service providers may collect certain information automatically, such as:

• Device and connection data: IP address, browser type and version, operating system, device identifiers, language preference, and referring URL.
• Usage data: pages viewed, time spent, links clicked, navigation paths, and similar interaction patterns.
• Cookies and similar technologies: described in Section 6.

2.3 Information from Third Parties

We may receive information about you from third parties, such as:

• Business contact and enrichment data from publicly available sources or vetted business data providers
• Referrals from existing clients or partners
• Information you make available on professional networking platforms

3. How We Use Information

We use the information described above for the following purposes:

• Providing the Services: responding to inquiries, scheduling, delivering audits and consulting, processing inputs through our tools, and fulfilling engagements.
• Communications: sending transactional and service-related communications, responding to support requests, sharing engagement updates, and providing requested information.
• Marketing, with appropriate consent or other lawful basis: sending newsletters, case studies, and information about offerings that may interest you. You can opt out at any time through the unsubscribe link in our emails or by contacting us.
• Improvement and analytics: understanding how the Site and tools are used, measuring performance, debugging, and improving the design, content, and functionality of our Services. Where we use information for this purpose, we generally rely on aggregated, anonymized, or de-identified data. Paid clients may request, through the applicable Engagement Document, that their Client Materials be excluded from any use for service improvement, training, evaluation, or model fine-tuning, and we will honor that exclusion within the scope and timeframes specified in the Engagement Document.
• Security and fraud prevention: detecting, preventing, and responding to fraud, abuse, security incidents, and unlawful activity.
• Legal and compliance: complying with applicable laws, regulations, legal process, and lawful requests, and enforcing our Terms of Service and other agreements.
• Business operations: invoicing, accounting, internal record-keeping, and managing our relationships with clients, prospects, and vendors.

We do not sell personal information for monetary consideration. For information about your right to opt out of any "sale" or "sharing" of personal information under California or other applicable state privacy law, see our Do Not Sell or Share My Personal Information page.

4. Legal Bases for Processing

Where applicable law requires a legal basis for processing personal information, we rely on one or more of the following:

• Performance of a contract with you, or to take steps at your request before entering into a contract
• Consent, which you may withdraw at any time
• Legitimate interests in operating, securing, and improving our Services, communicating with prospects and clients, and growing our business, balanced against your rights and interests
• Compliance with legal obligations

5. How We Share Information

We share personal information only as described below:

5.1 Service Providers

We share information with third-party service providers that help us operate the Services, including infrastructure and hosting providers, communication platforms, scheduling tools, payment processors, analytics providers, customer relationship management tools, marketing and email platforms, AI model providers and infrastructure partners, accounting and professional advisors, and security providers. These providers are authorized to use personal information only as necessary to provide services to us, subject to appropriate confidentiality and data protection commitments.

5.2 AI Model Providers and Engagement-Specific Data Handling

The AI models, infrastructure, and data-handling approach used in any given service are scoped to the requirements of that service or engagement. Our default consumer-facing tools (such as audits and calculators on the Site) may transmit inputs to third-party AI model providers and infrastructure partners for processing, and we reserve the right to change those providers, models, or methodologies.

For engagements with elevated regulatory, confidentiality, or compliance requirements — including HIPAA-covered workloads, engagements requiring a Business Associate Agreement (BAA), or other regulated data categories — the applicable Engagement Document will define the data-handling scope, including whether processing occurs on-premises, on dedicated client infrastructure, on isolated compute, or without transmission to third-party model APIs. Where an Engagement Document specifies such constraints, those constraints control over the default language in this section.

You are responsible for the content you submit and should not submit regulated or sensitive data through default Site tools unless we have specifically agreed in writing — through an Engagement Document or executed BAA — to handle that category of data under appropriate safeguards.

5.3 Legal and Compliance

We may disclose information when we reasonably believe disclosure is necessary to comply with applicable law, regulation, legal process, or governmental request; to enforce our Terms of Service or other agreements; to protect the rights, property, or safety of Golden Horizons, our users, or others; or to detect, prevent, or address fraud, security, or technical issues.

5.4 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, sale of assets, or similar transaction, personal information may be transferred as part of that transaction. We will provide reasonable notice where required by law.

5.5 With Your Direction or Consent

We may share information with other parties at your direction or with your consent.

5.6 Aggregated and De-Identified Information

We may share aggregated, anonymized, or de-identified information that does not identify you for any lawful purpose, including research, benchmarking, marketing, and improvement of our Services.

6. Cookies and Similar Technologies

We and our service providers use cookies, pixels, local storage, and similar technologies to operate the Site, remember your preferences, understand how the Site is used, and support marketing efforts. These technologies generally fall into the following categories:

• Essential: required for the Site to function properly, such as security, network management, and accessibility. These cannot be disabled without breaking core functionality.
• Preference: remember choices you make, such as language or display preferences, to provide a more personalized experience.
• Analytics: help us understand how visitors interact with the Site so we can measure performance and improve content and design.
• Marketing: used, where applicable and with appropriate consent, to deliver relevant content and measure the effectiveness of campaigns.

Most browsers let you control cookies through their settings. Disabling certain cookies may affect Site functionality. Where required by law, we present a cookie banner or preference center allowing you to manage non-essential cookies.

We do not currently respond to "Do Not Track" browser signals in a uniform way. We do honor the Global Privacy Control (GPC) browser signal as a valid opt-out request for the device and browser session in which it is transmitted, in accordance with applicable law. See our Do Not Sell or Share My Personal Information page for additional opt-out methods.

7. Your Rights and Choices

Depending on where you live and applicable law, you may have rights regarding your personal information, including:

• Access: request confirmation of whether we process your personal information and a copy of that information
• Correction: request that we correct inaccurate or incomplete personal information
• Deletion: request deletion of your personal information, subject to certain exceptions
• Portability: request a copy of certain personal information in a portable format
• Restriction or objection: request that we restrict or object to certain processing
• Withdrawal of consent: where we rely on your consent, withdraw it at any time
• Opt out of marketing: unsubscribe from marketing emails through the link in any marketing message
• Opt out of certain sharing or targeted advertising: where applicable law provides this right

To exercise these rights, contact us at contact@goldenhorizons.io. We will respond within the timeframes required by applicable law. We may need to verify your identity before fulfilling a request, and certain rights are subject to legal exceptions and limits.

You may also have the right to lodge a complaint with a supervisory authority in your jurisdiction. If you are an authorized agent submitting a request on behalf of a consumer, we may require proof of authorization.

We do not discriminate against you for exercising your privacy rights.

For information about the accessibility of our website and how to request alternative formats or accommodations, see our Accessibility Statement.

8. Data Retention

We retain personal information for as long as needed to fulfill the purposes described in this Privacy Policy, including providing the Services, complying with legal obligations, resolving disputes, and enforcing agreements. Retention periods vary depending on the type of information, the nature of the relationship, applicable legal and tax requirements, and operational needs. When personal information is no longer needed, we take reasonable steps to delete, anonymize, or aggregate it.

9. Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and loss. However, no system is perfectly secure, and we cannot guarantee the absolute security of personal information. You are responsible for maintaining the confidentiality of any credentials and for the security of devices and networks you use to access the Services.

Breach notification. In the event of a confirmed security incident affecting personal information, we will notify affected individuals and applicable regulatory authorities in accordance with applicable law and within the timeframes required, including state-level breach notification statutes and, where applicable, international data protection laws. Notifications will describe the nature of the incident, the categories of information involved, and the steps we are taking to mitigate harm and prevent recurrence.

10. International Data Transfers

We are based in the United States. If you access the Services from outside the United States, your information may be transferred to, stored, and processed in the United States or other jurisdictions where our service providers operate, which may have data protection laws different from those in your country. Where required by law, we use appropriate safeguards for international transfers, such as standard contractual provisions or other lawful transfer mechanisms.

11. Children's Privacy

The Services are not directed to, and we do not knowingly collect personal information from, children under the age of 13. If we learn that we have collected personal information from a child under 13 without parental consent, we will take steps to delete it. If you believe a child has provided personal information to us, please contact contact@goldenhorizons.io.

12. AI Tools, Audit Inputs, and User Responsibility

When you use our default digital audits, calculators, knowledge assistants, or other interactive tools available on the Site, the content you submit may be transmitted to AI model providers and infrastructure partners for processing as part of generating outputs. By using these tools, you acknowledge and agree:

• You are responsible for ensuring you have the right to submit any content you upload, including any personal information, confidential information, intellectual property, or content owned by others.
• You should not submit sensitive personal information, protected health information, payment card data, government identifiers, classified information, or other regulated data through default Site tools unless we have specifically agreed in writing — through an Engagement Document or executed Business Associate Agreement — to handle that category of data under appropriate safeguards.
• AI-generated outputs may contain inaccuracies and should be reviewed before being relied upon. See the AI Output Disclaimer in our Terms of Service.
• We may use anonymized or de-identified inputs and outputs to evaluate, debug, and improve our Services.
• Different third-party AI providers may handle data differently, and we reserve the right to change providers without notice.

Custom and regulated engagements. Where a paid engagement involves regulated data — including HIPAA-covered protected health information, financial data subject to specific compliance regimes, or other sensitive categories — the data-handling architecture is defined in the applicable Engagement Document. This may include on-premises or dedicated-infrastructure processing, isolated compute environments, processing without transmission to third-party model APIs, and execution of a Business Associate Agreement or comparable data-processing agreement. The Engagement Document controls the data-handling scope for that engagement.

13. Third-Party Sites and Services

The Site may contain links to third-party websites, services, or content that are not operated by us. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party services you visit or use.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. The most current version will be posted on the Site with an updated "Last Updated" date. Material changes will be communicated through reasonable means. Your continued use of the Services after changes take effect constitutes acceptance of the revised Privacy Policy.

15. Contact Us

Questions, requests, or concerns about this Privacy Policy or our privacy practices:

Golden Ratio Services LLC, a Wyoming limited liability company
doing business as Golden Horizons
c/o United States Corporation Agents, Inc.
159 N Wolcott St, Ste 133
Casper, WY 82601, USA
Email: contact@goldenhorizons.io
Website: goldenhorizons.io

We aim to respond to privacy inquiries promptly and within the timeframes required by applicable law.