Privacy Policy

1. Who we are

Oriana Ventures LLC ("we", "us", "our") is a California boutique studio offering product & revenue operations, technical/ERP consulting, custom AI‑based application development, and 1:1 & group coaching. We also operate a small real‑estate investing portfolio.

2. Scope

This Policy explains how we handle personal data across our site, contact and newsletter forms, payments, and any apps we build or host.

3. Data we collect

• Contact: name, email, phone (optional), message, selected services.
• Newsletter: name, email, consent and subscription events.
• Payments metadata: city/state, amount, memo; we do not store card or bank details (processed by Stripe).
• Files: documents you upload for a request (e.g., invoices/receipts).
• Usage: pages viewed, referrers, device/browser, coarse location (lightweight analytics).

4. Sources

We collect data directly from you, from your use of our site, and from processors acting on our behalf (e.g., Stripe, email providers).

5. How we use data

• Respond to inquiries and deliver consulting/coaching engagements.
• Process tenant payments and issue receipts via Stripe.
• Send newsletters (only with consent; unsubscribe anytime).
• Maintain security (spam checks, rate limiting) and site reliability.
• Improve templates, artifacts, and processes without using client‑confidential content.

6. Legal bases

Where required (e.g., GDPR/UK GDPR), we rely on consent, contract performance, and legitimate interests (security, service improvement).

7. Sharing & processors

We do not sell personal data. We share limited data with processors to run our services: Stripe (payments), email providers (notifications/newsletters), hosting and analytics vendors. These providers process data under their own terms and our instructions.

8. International transfers

Data may be processed in the United States and other locations with appropriate safeguards where applicable.

9. Security

We implement reasonable technical and organizational measures (parameterized queries, input validation, access controls, spam/honeypot checks). No method is 100% secure.

10. Retention

We keep personal data only as long as needed for the purposes above or to comply with law, then delete or anonymize it.

11. Your rights

Depending on your location, you may have rights to access, correct, delete, or restrict processing; to object; and to data portability. Contact us to exercise these rights. We may verify your identity.

12. California privacy (CCPA/CPRA)

California residents may request access, deletion, and information about disclosures for business purposes. We do not sell personal information.

13. Cookies & analytics

We use minimal cookies and lightweight analytics to understand aggregate usage. You can control cookies in your browser settings.

14. AI/ML and templates

For custom AI work, we do not use your confidential inputs to train models without explicit permission. We maintain our own proprietary templates (product management, BSA, revenue/financial/accounting/sales/customer‑success ops) built from company‑neutral knowledge and experience; we do not include employer IP in our templates.

15. Coaching

Coaching sessions may involve optional notes or artifacts you share. You control what you provide. Coaching is not therapy, legal, or medical advice.

16. Children

Our site and services are not directed to children under 13.

17. Changes

We may update this policy; continued use means you accept the changes.