This Privacy Policy describes how Less Boring (“we,” “us,” or “our”) collects, uses, discloses, and protects your personal information when you use our website (https://lessboring.io/) or engage with our services. This policy is designed to comply with the strictest state privacy laws, including those of California (CCPA), Colorado, Delaware, Maryland, and others, as well as the requirements of the European Union’s General Data Protection Regulation (GDPR).

1. Information We Collect

We may collect the following types of information:

Personal Information: Name, email address, phone number, mailing address, and other contact or identification details.

Usage Data: Information about your interactions with our website, including IP address, browser type, pages visited, and device information.

Communication Data: Any correspondence you send to us, including emails and messages submitted through our website.

Sensitive Data: In limited circumstances, we may collect data such as government-issued identification numbers, health information, or similar sensitive data, but only as necessary and with appropriate consent.

2. How We Use Your Information

We use your information to:

Provide and improve our services.

Respond to your inquiries and communicate with you.

Analyze website usage to enhance user experience.

Comply with legal obligations and protect our rights.

Personalize content and marketing communications (with your consent where required).

3. Sharing Your Information

We do not sell your personal information. We may share your information with:

Service Providers: Third parties who assist us in operating our website and delivering our services (e.g., hosting, analytics, marketing).

Legal Compliance: When required by law or to protect our rights, safety, or property.

We require all third parties to respect the security of your personal information and to treat it in accordance with applicable law.

4. Your Rights Under State and International Law

Depending on your location, you may have the following rights:

Access: Request a copy of the personal information we hold about you.

Correction: Request correction of inaccurate or incomplete information.

Deletion: Request deletion of your personal information.

Opt-Out: Opt out of targeted advertising (where applicable).

Restriction and Objection: Request restriction or object to certain processing of your data.

Data Portability: Request a portable copy of your personal information.

Withdraw Consent: Withdraw consent where processing is based on your consent.

Non-Discrimination: Not be discriminated against for exercising your privacy rights.

5. Sensitive Data and Special Protections

Sensitive Data: We will not process sensitive data (such as health, biometric, or precise geolocation data) without your explicit consent, unless required by law.

Children’s Data: Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These measures include encryption, access controls, and regular security assessments.

7. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law.

8. International Data Transfers (GDPR Compliance)

If you are located in the European Union, United Kingdom, or other jurisdictions with similar data protection laws, we ensure that your personal information is protected in accordance with GDPR requirements. This includes using standard contractual clauses or other approved mechanisms for international data transfers.

9. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy on our website and, where required by law, by other means.

10. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us using the Contact form provided on our website.

Additional Compliance Notes

Maryland-Specific Requirements: We do not sell personal data. If we collect sensitive data, we only process it as strictly necessary for the requested service, and we conduct privacy impact assessments for high-risk processing activities.

California (CCPA/CPRA): We provide clear opt-out mechanisms for the sharing of personal information and targeted advertising, and we do not discriminate against consumers who exercise their rights.

GDPR: We provide data subject rights, data portability, and ensure lawful bases for processing personal data, including consent where required.