Minimalist geometric logo: interlocking letters 'HP' in a clean sans-serif font, dark gray on white, vector high resolution.

Privacy Policy

Official Page

1. Data Controller and Contact Information

This Privacy Policy governs the collection, use, and disclosure of personal data by Peak Productivity Design, LLC (“Company”, “we”, “us”, “our”). For questions, contact our Data Protection Officer at [email protected] or via certified mail to 123 Ergonomics Lane, Suite 400, San Francisco, CA 94104.

2. Information We Collect

We process the following categories of personal data:

  • Contact Data: Full name, email address, phone number, and billing address.
  • Professional Data: Job title, company name, and work patterns description.
  • Technical Data: IP address, browser type, operating system, and page interaction heatmaps.
  • Biometric Data (with explicit consent): Posture analysis via webcam, EMG readings, and desk occupancy sensors.
  • Marketing Data: Newsletter subscription status, survey responses, and webinar attendance logs.

3. Legal Bases for Processing (GDPR Art. 6 & 9)

We rely on the following lawful bases:

  • Contractual Necessity (Art. 6(1)(b)): To fulfill consultation agreements and service orders.
  • Legitimate Interests (Art. 6(1)(f)): For analytics, fraud prevention, and direct marketing (with opt-out).
  • Consent (Art. 6(1)(a) & 9(2)(a)): For biometric data processing and cookie storage.
  • Legal Obligation (Art. 6(1)(c)): To comply with tax, employment, and ergonomic safety regulations.

4. Data Sharing and Third Parties

We share data only with:

  • Stripe (payment processing, PCI DSS Level 1 certified)
  • HubSpot (CRM, privacy shield certified)
  • Google Workspace (email hosting, DPA in place)
  • Subprocessors: Mailchimp (email marketing), Zapier (workflow automation)

We do not sell personal data as defined under CCPA. International transfers are safeguarded via Standard Contractual Clauses (SCCs) or Adequacy Decisions.

5. Data Retention and Security

We retain personal data for:

  • Contact data: 3 years after last interaction or 90 days after project completion (whichever later).
  • Biometric data: 1 year unless otherwise consented for research (anonymized).
  • Technical data: 26 months.

Security measures include AES-256 encryption at rest, TLS 1.3 in transit, annual penetration testing (conducted by Trustwave), and role-based access controls using zero-trust architecture.

6. Your Rights

Under GDPR and CCPA, you have the right to:

  • Access (Data Subject Access Request within 30 days)
  • Rectification of inaccurate data
  • Erasure (right to be forgotten) subject to legal holds
  • Portability in machine-readable format
  • Object to processing based on legitimate interests
  • Withdraw consent at any time without affecting service

To exercise rights, email [email protected] or submit a request via our portal. We will verify your identity using government ID (redacted) or digital signature. Complaints can be lodged with the ICO (UK) or respective EU supervisory authority.

7. Updates

This policy is reviewed quarterly. Changes will be notified via email within 14 days prior to implementation. Last updated: 2024-06-15.

Unlock Your Home Office Potential

Transform Your Workspace Today

Contact Us
external optimization optimization
modern static optimization

Investing in home office design can significantly impact your well-being and productivity. While we strive for optimal outcomes, individual results may vary. Our consultations are for informational purposes and do not constitute medical advice. Always consult with a healthcare professional for ergonomic concerns.