Legal
PRIVACY POLICY
Effective Date: January 1, 2026 | Last Updated: March 2026
The Emporium Agency is a cybersecurity, social media, and digital brand protection consultancy. We handle sensitive client information as a core part of our work, and we hold ourselves to the same standard of data protection we recommend to our clients. This policy explains clearly what we collect, why, how it's protected, and your rights.
1. Who We Are
The Emporium Agency LLC ("TEA," "we," "our," or "us") operates at TheEmporiumAgency.com. We provide cybersecurity consulting, social media management and automation, and digital brand protection services to individuals, self-proprietors, and small-to-medium businesses.
As a consultancy that advises clients on data protection and privacy matters, integrity in how we handle personal information is foundational to everything we do.
2. Information We Collect
Information You Provide Directly
- Contact and inquiry information: name, email address, business name, and the details you provide in consultation request forms
- Client engagement information: business context, operational details, and background shared during the course of our advisory work
- Communication records: emails, meeting notes, and correspondence related to service delivery
Information Collected Automatically
- Website usage data: pages visited, time on site, and navigation paths — collected via privacy-respecting analytics
- Technical data: IP address (anonymized where possible), browser type, and device category
- Cookie data: limited to functional and analytics cookies as described in Section 6
Information We Do Not Collect
We do not collect payment card data directly — all transactions are handled by PCI-compliant third-party processors. We do not purchase, import, or use third-party marketing lists.
3. How We Use Your Information
We use the information we collect for the following purposes:
- Responding to consultation requests and communications
- Delivering contracted cybersecurity, social media, and brand protection services
- Maintaining accurate client records and fulfilling contractual obligations
- Improving our website and service offerings based on aggregated, anonymized usage data
- Complying with applicable laws and legal obligations
We do not use your information for automated decision-making, profiling, or any purpose beyond what is described above.
4. How We Protect Your Information
Given our role as a cybersecurity consultancy, we maintain security practices that exceed standard commercial requirements:
- All data in transit is encrypted using TLS 1.3 or higher
- Client engagement data is stored in access-controlled environments with role-based permissions
- Sensitive client information is subject to the same security controls we recommend in our advisory engagements
- We conduct regular internal security reviews of our own systems and processes
- Third-party vendors and processors are assessed for security posture before onboarding
5. Information Sharing
We do not sell, rent, or trade your personal information. We share information only in the following limited circumstances:
- Service delivery: With sub-processors or specialist partners necessary to deliver contracted services, under strict confidentiality obligations
- Legal compliance: When required by applicable law, court order, or lawful government request
- Protection of rights: Where necessary to protect the rights, property, or safety of TEA or our clients
Any third party with whom we share information is contractually bound to handle it in accordance with this policy and applicable privacy law.
6. Cookies
Our website uses a minimal, privacy-first approach to cookies:
- Functional cookies: Required for basic site operation. Cannot be disabled.
- Analytics cookies: Anonymized usage data to understand how visitors interact with the site. No cross-site tracking. Can be opted out of.
We do not use advertising cookies, tracking pixels, or any third-party behavioral profiling tools.
7. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate information
- Request deletion of your information (subject to legal retention obligations)
- Object to or restrict processing of your information
- Receive a portable copy of your data
- Withdraw consent where processing is based on consent
To exercise any of these rights, contact us at the address below. We will respond within 30 days.
8. Data Retention
We retain personal information only for as long as necessary to fulfill the purpose for which it was collected, comply with legal obligations, and resolve any disputes. Client engagement records are typically retained for 7 years following the conclusion of an engagement in accordance with standard business record-keeping requirements. Website inquiry data is retained for 24 months unless a client relationship is established.
9. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify active clients of material changes via email. Continued use of our website or services following notice of changes constitutes acceptance of the updated policy. The effective date at the top of this page indicates when it was last revised.
10. Contact Us
For any privacy-related questions, requests, or concerns: