Privacy Policy

1. Scope

This Privacy Policy applies to genreagency.com and the marketing, advisory, and ad-management services provided by Yu Company LLC, a California limited liability company ("we," "us," "our"). It covers information collected from visitors to our website, prospects who book consultations, and clients who engage us for services.

2. Information we collect

Information you provide

• Consultation bookings via our embedded calendar (powered by GoHighLevel / LeadConnector): name, email, phone, business name, and any notes you submit.
• Direct contact via SMS, KakaoTalk, or email: the content of your message and your contact identifier.
• Client onboarding: business address, billing contact, brand assets, and credentials you choose to delegate (e.g., Google Business Profile manager access).
• Payment information: processed by Stripe directly. We do not store full card numbers; we receive only the last four digits and brand of the card from Stripe.

Information collected automatically

• Anonymized traffic analytics via Fathom Analytics: page URL, referrer, screen size, country, anonymized IP. Fathom is cookieless and does not track individuals across sites.
• Server logs from our hosting provider (Netlify): request URL, timestamp, IP address (truncated), user-agent. Retained for security and abuse prevention.

We do not currently use session-recording tools, fingerprinting, or behavioral advertising trackers on this website.

3. How we use information

• Respond to consultation requests and provide our services.
• Bill for services and process refunds.
• Communicate with you about your account, scheduled work, and service updates.
• Improve our website, services, and content based on aggregate usage.
• Comply with legal obligations and enforce our Terms of Service.
• Detect and prevent fraud, abuse, or security incidents.

We do not sell personal information to third parties for their marketing use. We do not engage in cross-context behavioral advertising as those terms are defined under the CCPA/CPRA.

4. Legal basis (GDPR / UK GDPR)

If you are in the EU, EEA, UK, or another jurisdiction with comparable law, we rely on the following bases:

• Contract (Art. 6(1)(b)) — to respond to your booking and deliver services you request.
• Legitimate interests (Art. 6(1)(f)) — to run anonymized analytics, prevent abuse, and improve our site.
• Legal obligation (Art. 6(1)(c)) — to keep tax and business records.
• Consent (Art. 6(1)(a)) — for any future marketing emails you opt into.

5. Sharing with third parties

We share the minimum information needed with the following categories of processors:

• GoHighLevel / LeadConnector — booking widget, CRM, client communication.
• Stripe, Inc. — payment processing. See Stripe's Privacy Policy.
• Fathom Analytics — anonymized traffic statistics. See Fathom's Privacy Policy.
• Netlify, Inc. — website hosting + edge CDN.
• Google (Workspace, Google Business Profile) — internal communication and the GBP platforms we manage on clients' behalf.
• Meta Platforms (Facebook / Instagram) — only when we manage paid campaigns or content for a client account at that client's request.
• KakaoTalk Channel — only when you initiate contact via our Kakao channel.

We share information with law enforcement only if required by valid legal process or to protect the safety of users or the public.

6. Cookies & analytics

Our public website uses no cookies for tracking. Fathom Analytics is cookieless. Functional cookies set by Netlify or the GHL booking iframe are strictly necessary for site operation and security.

The embedded booking calendar (link.onevision.agency) may set first-party cookies within its iframe to manage the booking session. Those cookies are scoped to the booking widget domain and are described in GHL's documentation.

7. Retention

• Prospect bookings & messages: retained for 24 months from last contact, or until you ask us to delete.
• Client records: retained for the duration of the engagement plus 7 years for tax and audit purposes (US federal recordkeeping standard).
• Server / abuse logs: 30 days.
• Anonymized analytics: aggregate data may be retained indefinitely; no individual identifiers attached.

8. Security

We use reasonable administrative, technical, and physical safeguards to protect your information, including TLS 1.2+ for all data in transit, role-based access to our CRM, and encrypted backups. No method of transmission or storage is 100% secure; we do our best, but we cannot guarantee absolute security.

If we become aware of a security incident affecting your personal information, we will notify you and the relevant regulators as required by law.

9. Your rights

California (CCPA / CPRA)

California residents may request to:

• Know what personal information we have collected, used, disclosed, or sold about you.
• Delete personal information we hold (subject to legal exceptions).
• Correct inaccurate personal information.
• Limit the use and disclosure of sensitive personal information.
• Opt out of "selling" or "sharing" personal information — note that we do not sell or share personal information as those terms are defined under the CCPA/CPRA.
• Not be discriminated against for exercising these rights.

EU / EEA / UK (GDPR)

You may request access, rectification, erasure, restriction of processing, data portability, and objection to processing. You also have the right to lodge a complaint with your local supervisory authority.

How to exercise your rights

Email info@genreagency.com with the subject line "Privacy Request." We will respond within 45 days (CCPA) or 30 days (GDPR), with one possible extension as permitted by law. We may need to verify your identity before fulfilling the request.

10. Children's privacy

Our services are intended for business owners and are not directed at children under 16. We do not knowingly collect personal information from anyone under 16. If you believe a child has submitted information to us, contact info@genreagency.com and we will delete it.

11. International users

We operate from the United States. If you access our site from outside the US, your information will be transferred to and processed in the US. By using our site, you consent to this transfer. We use commercially reasonable safeguards for cross-border transfers from regulated regions.

12. Changes to this policy

We may update this Privacy Policy from time to time. The "Effective" date at the top of this page indicates the latest version. Material changes will be highlighted on the homepage or sent to active clients by email. Continued use of the site after changes take effect constitutes acceptance.

13. Contact

Yu Company LLC
3450 Wilshire Blvd
Los Angeles, CA 90010
United States

Email: info@genreagency.com
SMS: (877) 365-8999