Legal

Privacy Policy

Last updated: June 2026

At Di Fiore Creative LLC, your privacy matters. This policy explains what data we collect, how we use it, who we share it with, and your rights — including for our website visitors, free trial subscribers, and paying customers. By using our website, submitting our forms, or subscribing to our services, you agree to this policy.

01

Who We Are

Di Fiore Creative LLC is an AI-powered marketing studio offering video ad production, performance marketing, and subscription creative services. Our website is located at difiorecreative.com and we are based in Los Angeles, California, USA.

For any privacy-related questions or to exercise your rights under this policy, contact us at: support@difiorecreative.com

02

What Data We Collect

We collect different categories of data depending on how you interact with us.

Information You Provide

When you submit our forms, book a call, sign up for a free trial, or subscribe to a paid plan, we collect:

  • First and last name
  • Email address and phone number
  • Business name, business type, industry, and monthly ad spend
  • Advertising platforms you use and your current marketing challenges
  • Billing address and country
  • How you heard about us
  • Communications you send to us (emails, support requests, meeting notes)

Payment Information

When you start a free trial or subscribe to a paid plan, payment information (credit or debit card number, expiration date, CVC) is collected and processed directly by Stripe, our PCI-compliant payment processor. Di Fiore Creative does not store full card details on its own servers. We retain only limited transaction metadata (last 4 digits, card brand, billing address, transaction amount, transaction date, invoice ID) for accounting and tax purposes.

Subscription & Account Data

If you become a subscriber, we collect and retain data related to your account: subscription tier, billing history, invoice records, payment status, login email, communications with our team, project briefs, brand assets you share with us, and (if you cancel) the cancellation reason you optionally provide.

Technical & Usage Data

When you visit our website, we automatically collect: IP address, browser type, device type, operating system, pages visited, referring URL, time spent on each page, and interactions with our content. This is collected through cookies and tracking technologies described in Section 05.

03

How We Use Your Data

We process your data for the following purposes:

  • Service delivery — to produce and deliver the creative work you've subscribed to, communicate about your project, and provide customer support
  • Billing & payments — to process subscription payments, send invoices and receipts, manage trials and discounts, and prevent fraud
  • Account management — to give you access to your Customer Portal, manage your subscription, handle cancellations, and respond to billing inquiries
  • Marketing communications — to send the free resources you requested and (with your consent) occasional marketing emails about AI ads and performance marketing
  • Website improvement — to analyze how visitors use our site and improve content, layout, and user experience
  • Legal compliance — to meet our tax, accounting, and regulatory obligations under applicable laws

We will only send you marketing emails if you explicitly consented (e.g., by checking the consent box on a form). Transactional emails — such as invoices, receipts, and subscription notifications — are sent to all active customers regardless of marketing consent because they are necessary to provide the service.

04

Who We Share Your Data With

We do not sell or rent your personal data. We share your data only with trusted service providers that help us operate our business, and only to the extent necessary for them to perform their function:

All third-party processors above are bound by their own privacy policies and applicable data protection regulations (GDPR, CCPA, etc.). We may also disclose data when required by law, to comply with legal process (such as a subpoena), to protect our rights, or in connection with a business transfer (such as a merger or acquisition).

05

Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to provide functionality, analyze usage, and deliver relevant advertising. Cookies fall into the following categories:

Essential Cookies

Required for the website and payment processing to function. These include session cookies, checkout cookies set by Stripe, and security cookies. These cannot be disabled.

Analytics Cookies

Help us understand how visitors use our site. We use Google Analytics and Google Tag Manager to collect aggregated, anonymized usage data such as page views, session duration, and traffic sources.

Marketing & Advertising Cookies

Used to deliver and measure the performance of our advertising. We use the Meta Pixel to track conversions from our paid campaigns, build retargeting audiences, and optimize ad delivery on Meta platforms.

Your Choices

You can manage your cookie preferences through your browser settings or our cookie consent banner where available. You can also opt out of Google Analytics via the Google Analytics opt-out browser add-on, and adjust your Meta ad preferences in your Meta account settings. Disabling non-essential cookies will not affect your access to our services but may reduce your ability to receive personalized content.

06

How Long We Keep Your Data

We retain different categories of data for different periods, based on legal requirements and the purpose of collection:

  • Marketing data (email subscribers, lead form submissions) — until you unsubscribe, plus up to 30 days for processing
  • Customer billing data (invoices, transaction records, tax-relevant data) — 7 years after the end of the customer relationship, as required by US tax law
  • Subscription account data (project briefs, brand assets, communications) — up to 2 years after cancellation, unless you request earlier deletion
  • Calendly booking records — up to 2 years
  • Website analytics data — up to 14 months (Google Analytics default retention)
  • Cancellation reason responses — retained in aggregate, anonymized form indefinitely for service improvement

If you request deletion of your data, we will honor your request within 30 days, except for data we are legally required to retain (such as billing and tax records).

07

International Data Transfers

Di Fiore Creative LLC is based in the United States, and most of our service providers are located in the United States or other jurisdictions. If you access our services from outside the United States (including from the European Union, United Kingdom, or other regions with data protection laws), your data will be transferred to and processed in the United States.

We rely on appropriate safeguards — including Standard Contractual Clauses (SCCs) approved by the European Commission and the data processing terms of our service providers — to ensure that international transfers of personal data are conducted in compliance with applicable law.

08

Your Rights

Depending on where you live, you have the following rights regarding your personal data:

Rights Available to All Users

  • Right to access — request a copy of the personal data we hold about you
  • Right to correction — request correction of inaccurate or incomplete data
  • Right to deletion — request deletion of your data, subject to our legal retention obligations
  • Right to withdraw consent — withdraw your marketing consent at any time, including via the unsubscribe link in any email
  • Right to portability — request your data in a machine-readable format

Additional Rights for California Residents (CCPA / CPRA)

If you are a California resident, you also have the right to:

  • Know what categories of personal data we have collected, used, disclosed, and sold (we do not sell personal data)
  • Opt out of the sale or sharing of personal data — we do not sell or share personal data for cross-context behavioral advertising as defined by the CPRA
  • Limit the use of sensitive personal information
  • Non-discrimination for exercising your rights

Additional Rights for EU / UK Residents (GDPR / UK GDPR)

If you are located in the European Union or United Kingdom, you also have the right to:

  • Object to processing of your data for direct marketing
  • Restrict processing of your data in certain circumstances
  • Lodge a complaint with your local data protection authority

How to Exercise Your Rights

To exercise any of these rights, email us at support@difiorecreative.com with the nature of your request. We will respond within 30 days, or sooner where legally required. We may need to verify your identity before fulfilling certain requests.

09

Children's Privacy

Our website and services are intended for businesses and adults aged 18 and older. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16 without verified parental consent, we will delete that information promptly. If you believe we have collected information from a child, please contact us at support@difiorecreative.com.

10

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, technologies, legal requirements, or business operations. When we do, we will update the date at the top of this page. Material changes affecting active subscribers (such as changes in how we process payment or subscription data) will be communicated by email at least 30 days in advance. We encourage you to review this policy periodically.

Questions about your privacy?

We're happy to help. Reach out and we'll get back to you within 5 business days.

support@difiorecreative.com