Datenschutzerklärung

This summary is provided for convenience only and does not replace, limit, or modify the Privacy Policy below. If anything in this summary conflicts with the operative Privacy Policy, the operative Privacy Policy controls. Entreflux collects and uses information to operate a business-facing consulting, advisory, management, growth, sales, marketing, technology, intake, payment, and platform-support business. That includes information you submit through our website, scheduling pages, payment pages, intake forms, communications, calls, shared documents, and third-party platforms used in connection with actual or potential engagements. We use information to evaluate fit, provide services, manage client relationships, process payments, administer intake and onboarding, support outbound and business development operations, improve our systems, prevent abuse, preserve evidence, comply with law, and enforce our rights. We may share information with service providers, payment processors, advisors, contractors, representatives, affiliates, managed entities, and transaction parties where useful for those purposes. This Policy is intended to work with the Terms of Service, any applicable non-disclosure agreement, engagement agreement, security requirement, platform rule, and other written terms. Privacy rights are honored where applicable, but requests may be limited where we need to retain information for legal, tax, accounting, fraud prevention, security, payment dispute, confidentiality, evidence preservation, contractual, or legitimate business purposes.

This Privacy Policy, this Policy, describes how Entreflux collects, uses, discloses, retains, and protects information in connection with the Services. This Policy is issued under the Entreflux Group name on behalf of itself and the broader Entreflux operating structure, including any current or future divisions, business units, affiliates, successors, permitted assignees, managed entities, sponsored entities, special purpose vehicles, operating partners, subcontractors, representatives, and any present or future entity operating under the Entreflux brand or business, collectively, Entreflux, we, us, or our. You means the individual, company, organization, representative, user, visitor, client, prospective client, counterparty, partner, vendor, contractor, applicant, or other person or entity accessing, receiving, purchasing, using, evaluating, or interacting with any Entreflux Service. If you provide information on behalf of an entity, you represent that you have authority to provide such information and to permit Entreflux to process it as described in this Policy and any applicable agreement. This Policy should be read together with the Entreflux Terms of Service, any applicable non-disclosure agreement, engagement agreement, statement of work, security requirement, payment term, platform term, or other written agreement with Entreflux. If a signed written agreement imposes stricter confidentiality, security, restricted-use, retention, deletion, access, or data-handling obligations, the stricter obligation controls to the extent of the conflict.

WHEREAS, Entreflux provides business-facing consulting, advisory, management, growth, sales, marketing, finance, operations, technology, payment, intake, platform, and related services, including through digital properties and third-party services. WHEREAS, Entreflux may receive or generate information through websites, forms, intake flows, payment pages, scheduling pages, email, phone, video calls, messaging platforms, shared drives, analytics, proposals, invoices, contracts, workspaces, and third-party platforms used for client work, contractor coordination, business development, and service delivery. WHEREAS, Entreflux desires to establish the privacy practices, operational controls, retention standards, and rights-request procedures applicable to information processed in connection with the Services. NOW, THEREFORE, Entreflux issues this Policy to describe how information is collected, used, disclosed, retained, and protected in connection with the Services.

This Policy describes how Entreflux collects, uses, discloses, retains, safeguards, and otherwise processes information in connection with the Services, including website activity, intake submissions, payment and transaction records, communications, scheduling information, client materials, operational records, analytics, and information received from or through third-party platforms. This Policy is intended to supplement, not replace, the Terms of Service and any applicable confidentiality, intellectual property, security, acceptable-use, contractor, employment, representative, client-specific, platform-specific, or engagement-specific obligations.

This Policy applies to information processed in connection with the Services, including information collected from website visitors, prospective clients, clients, vendors, contractors, representatives, applicants, referral sources, business partners, and other persons interacting with Entreflux. For certain services, Entreflux may act as an independent business, controller, service provider, processor, contractor, consultant, management layer, or other role depending on the applicable law, contract, and processing context. Where a signed written agreement designates Entreflux's role for a specific engagement, that designation controls for that engagement to the extent required by law. This Policy does not apply to third-party websites, platforms, processors, tools, or services that Entreflux does not control, even if they are linked, embedded, integrated, referenced, or used in connection with the Services.

You should not provide regulated, sensitive, privileged, export-controlled, health, payment-card, government-ID, child-related, biometric, consumer-credit, special-category, or third-party confidential information unless Entreflux expressly requests or approves it in writing for the relevant purpose. If you provide such information without approval, you do so at your own risk and represent that you have all rights, consents, authorizations, and lawful bases necessary for Entreflux to process it as described in this Policy and any applicable agreement. Entreflux may delete, quarantine, restrict, return, or decline to process information that it determines is unnecessary, excessive, prohibited, high-risk, or outside the approved scope of Services.

Entreflux may use information to evaluate potential engagements, conduct intake, prepare proposals, price services, perform risk review, conduct compliance review, verify identity or authority, provide consulting and advisory services, manage platforms, administer payment links, issue invoices, process payments, fulfill purchases, support clients, coordinate Representatives, perform outbound and business development activity, maintain records, improve Services, train internal systems and personnel, prevent fraud and abuse, detect security incidents, preserve evidence, resolve disputes, enforce agreements, protect rights, comply with law, and support business operations. We may also use information to personalize communications, maintain CRM records, analyze service performance, improve sales and marketing processes, measure website and funnel activity, troubleshoot technical issues, conduct internal reporting, manage quality control, administer promotions, and support corporate transactions, financing, reorganization, sale, merger, acquisition, or transfer of assets. Entreflux may use information to develop, support, or publish testimonials, references, public statements, case studies, portfolio materials, or similar public-facing materials only with the consent or authorization required by the Terms of Service, the applicable agreement, and applicable law.

Where applicable law requires a legal basis, Entreflux processes information based on one or more of the following grounds: performance of a contract or pre-contractual steps, legitimate interests, consent, compliance with legal obligations, protection of rights and safety, fraud prevention, security, and other lawful bases available under applicable law. Our legitimate interests include operating and improving the Services, evaluating and performing business engagements, documenting communications and decisions, protecting confidential information, preventing fraud and abuse, enforcing agreements, preserving evidence, managing Representatives, and maintaining secure and reliable business systems.

Entreflux may use cookies, pixels, tags, local storage, analytics scripts, email tracking technologies, session identifiers, and similar technologies to operate websites and forms, remember preferences, secure sessions, measure traffic, understand funnel performance, improve content, detect abuse, attribute marketing activity, and support business development. Cookie and tracking technologies may include session cookies that are automatically deleted when you close your browser, persistent cookies stored for a longer period, local storage used to remember settings or state, pixels or tags used to measure page and email activity, and third-party analytics or advertising technologies used by service providers according to their own policies. You can control cookies through your browser settings. Some features may not function properly if cookies or similar technologies are disabled. Third-party tools may also use cookies or similar technologies according to their own policies.

Payments may be processed by Stripe or other payment processors depending on the checkout flow, payment method, jurisdiction, and transaction type. Payment method availability may vary by platform, device, location, configuration, risk review, and processor eligibility. Accepted payment methods may include cards such as Visa, Mastercard, American Express, and other processor-supported card brands; digital wallets such as Apple Pay and Google Pay; ACH, bank debit, bank transfer, wire transfer, or other payment methods displayed at checkout or on the applicable invoice or payment link. Entreflux does not control every payment method available to you; the checkout experience may be determined by the processor and applicable eligibility rules. Stripe states that it is a PCI-DSS Level 1 service provider. PCI compliance is a shared responsibility: Stripe and other processors may provide PCI-compliant infrastructure, and Entreflux operates its payment integrations in reliance on processor-supported security controls and its own applicable security practices. We do not intentionally store full card numbers, full magnetic-stripe data, CVV/CVC, or full bank account credentials on Entreflux servers. Payment information is encrypted and handled through processor-supported security protocols. Payment processors may provide us with limited payment attributes, transaction records, invoices, dispute data, fulfillment evidence, card brand, last four digits, billing country or postal code, and chargeback or dispute metadata. Payment, currency, fulfillment, cancellation, refund, return, and chargeback terms are governed by the Terms of Service and any applicable transaction terms.

Information submitted to Entreflux may also constitute Confidential Information under the Terms of Service, a non-disclosure agreement, an engagement agreement, or applicable law. This Policy does not reduce confidentiality obligations, restricted-use obligations, ownership rights, return/destruction obligations, no-publicity obligations, security obligations, or remedies available under any applicable agreement. Where information is both Personal Information and Confidential Information, Entreflux will process it in a manner designed to satisfy applicable privacy obligations while preserving confidentiality, legal, tax, accounting, evidence, security, payment, and contractual rights to the fullest extent permitted by law.

Entreflux uses administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, alteration, disclosure, and destruction. Safeguards may include access controls, role-based permissions, logging, monitoring, password requirements, multi-factor authentication, encryption, secure storage, vendor review, endpoint governance, access revocation, offboarding controls, incident response, security review, compliance confirmation, and policy restrictions. No system, transmission, platform, endpoint, device, storage method, or communications channel is completely secure. Entreflux does not guarantee absolute security and is not responsible for third-party platforms, providers, devices, networks, or services outside its control.

Entreflux retains information for as long as reasonably necessary for the purposes described in this Policy, including to provide Services, maintain records, support clients, manage Representatives, administer payments, comply with legal, tax, accounting, employment, contractor, platform, and regulatory obligations, preserve evidence, resolve disputes, enforce agreements, prevent fraud and abuse, maintain security, and support legitimate business operations. Retention periods vary by data type, context, sensitivity, legal requirement, contractual requirement, system configuration, and business need. Some records may be retained longer in backups, archives, legal files, compliance files, tax records, accounting records, dispute files, chargeback files, security logs, and ordinary-course business records.

Entreflux and its service providers, Representatives, clients, counterparties, vendors, systems, and operational networks may process, access, transfer, disclose, and store information globally in jurisdictions selected by Entreflux from time to time depending on the Services, providers, systems, engagement, staffing, sourcing, market, vendor, talent, security, payment, enforcement, and operational needs. By accessing or using the Services, submitting information, communicating with Entreflux, sharing Client Materials, making a payment, scheduling a call, joining a workspace, clicking through a payment or intake flow, or otherwise engaging with Entreflux after this Policy is made available, you authorize and direct Entreflux to process, access, transfer, store, disclose, and make available information through this global operating model to the fullest extent permitted by law. If you do not want information processed through this model, you should stop using the Services, decline to submit information, request a written restriction before disclosure, or discontinue the applicable engagement. Entreflux is not obligated to accept a restriction that would impair its Services, rights, records, compliance, security, payment, enforcement, or business operations. Where legally required and applicable, Entreflux may use transfer mechanisms or other measures that Entreflux determines appropriate for cross-border processing, without limiting Entreflux's rights to rely on contract performance, legitimate interests, consent, legal obligations, establishment or defense of claims, payment administration, security, enforcement, or other lawful bases available under applicable law.

Depending on your jurisdiction and relationship with Entreflux, you may have privacy rights only where and to the extent applicable law requires them to apply to the Services, the relevant information, and your relationship with Entreflux. Such rights may include requests for access, correction, deletion, portability, restriction, objection, withdrawal of consent, opt-out of certain processing, appeal of certain decisions, or similar rights. These rights vary by jurisdiction, role, data type, context, relationship, and lawful basis, and they do not override Entreflux's rights to retain, use, disclose, or process information for legal, tax, accounting, payment, chargeback, fraud-prevention, security, evidence-preservation, confidentiality, trade-secret, contractual, operational, compliance, dispute, enforcement, or legitimate business purposes. Where notice of categories is required by applicable law, Entreflux's categories of Personal Information may include identifiers, business contact information, internet or network activity, commercial information, professional or employment-related information, inferences, communications, payment-related records, contractor/vendor records, representative records, operational records, and other information described in this Policy. Sources may include you, your organization, public sources, service providers, Representatives, platforms, processors, clients, counterparties, vendors, referral sources, and business partners. Purposes and disclosure categories are described in Sections 4 through 14 and include Entreflux's core and satellite team model, global operations, service delivery, security, payment administration, enforcement, business development, and ordinary-course business operations. Entreflux does not sell Personal Information for money and does not knowingly share Personal Information for cross-context behavioral advertising where prohibited by applicable law without providing legally required notice or choice. To exercise privacy rights, contact [email protected]. We may need to verify your identity, authority, relationship to the relevant entity, and the scope of your request. Authorized agents may be required to provide proof of authority. We will respond to verified requests within 30 days or within the timeframe required by applicable law, subject to permitted extensions. We may deny, limit, defer, or condition requests where permitted by law, including where information must be retained for legal, tax, accounting, payment dispute, chargeback, fraud prevention, security, evidence preservation, confidentiality, trade secret, contractual, operational, or legitimate business purposes, or where fulfilling the request would adversely affect the rights and freedoms of others.

You may opt out of marketing emails by using the unsubscribe mechanism in the relevant email or by contacting Entreflux. Even if you opt out of marketing, we may still send service, transactional, legal, security, payment, scheduling, support, and relationship-related communications. If you communicate with Entreflux through email, phone, messaging platforms, social platforms, or other channels, you are responsible for the privacy and security settings of those channels.

The Services are intended for business, commercial, professional, and organizational use and are not directed to children. You may not submit information about children unless expressly requested or approved by Entreflux in writing for a lawful purpose. If you believe a child has provided information to Entreflux without appropriate authorization, contact [email protected].

The Services may link to, integrate with, rely on, or be delivered through third-party platforms and services, including payment processors, scheduling tools, email systems, video conferencing platforms, analytics providers, CRMs, cloud providers, advertising platforms, social platforms, AI tools, document systems, and client-managed systems. Entreflux is not responsible for the privacy, security, availability, accuracy, policies, practices, acts, omissions, outages, or changes of third-party platforms or services. You should review the applicable third-party policies and terms. Where Entreflux uses contractors, Representatives, vendors, operators, service providers, or subprocessors located internationally, those persons may access information from their jurisdictions for the purposes described in this Policy. Such jurisdictions may include any location used by Entreflux, its clients, service providers, counterparties, vendors, processors, systems, or Representatives.

Entreflux may amend, restate, supplement, or replace this Policy at any time to reflect changes in its practices, technology, legal requirements, service providers, Services, security measures, or other factors. Entreflux will post the updated version with a revised effective date and may provide additional notice where required by law or where Entreflux determines additional notice is appropriate. This Policy is effective as of the date indicated at the top. Updated policies become effective when posted or on the effective date stated in the update. Your continued access to or use of the Services after an updated Policy becomes effective constitutes acceptance of the updated Policy to the fullest extent permitted by law.

Any dispute arising out of or relating to this Policy, privacy practices, data handling, the Services, any website, any payment, any communication, any proposal, any engagement, or any related transaction will be resolved under the dispute resolution, arbitration, class action waiver, jury trial waiver, governing law, venue, limitation of liability, indemnification, remedies, and miscellaneous provisions of the Terms of Service, which are incorporated into this Policy by reference to the fullest extent permitted by law. Without limiting the foregoing, this Policy and any dispute not subject to arbitration shall be governed by and construed in accordance with the laws of the State of New York, without regard to conflict of laws principles, and subject to the court carve-outs and forum provisions in the Terms of Service.

Privacy requests should be sent to [email protected]. Legal notices to Entreflux must be sent by email to [email protected] with a copy to [email protected]. General business inquiries may be sent to [email protected]. Mail may be sent to Entreflux Group, Legal Department, 100 Park Avenue, New York, NY 10017, USA, or to any updated address posted by Entreflux or stated in an applicable agreement. Phone inquiries may be directed to +1 (914) 463-1972, but legal notices and privacy rights requests must be submitted in writing as described above. Notices shall be deemed given when sent on a Business Day between 9:00 a.m. and 5:00 p.m. New York time, and otherwise on the next Business Day, in each case provided no bounceback or undeliverable notice is received. Entreflux may provide notice to you by email, posting, account message, invoice note, payment-page notice, website notice, or other contact information you provide.