Privacy Policy

Privacy Policy

Last updated: October 7, 2025

At Garac Business Group LLC (“Company”, “we”, “our”, or “us”), your privacy and trust are our priority.
This Privacy Policy explains how we collect, use, store, and protect personal and non-personal data when you interact with our website https://strahinjaergarac.com (the “Website”) or use our creative, production, and consulting services (the “Services”).

By accessing or using our Website or Services, you agree to the practices described herein.
If you do not agree, please discontinue use immediately.

1. Company Information

Garac Business Group LLC
30 N Gould St Ste R, Sheridan, WY 82801, USA
Email: [email protected]

We operate in compliance with applicable U.S. and international data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Information We Collect

We may collect both personal and non-personal information depending on your interaction with us, whether as a website visitor, prospective client, or active customer.

2.1 Personal Information

You may voluntarily provide personal data when:

  • Contacting us through forms, email, or social media
  • Requesting a quote or booking our Services
  • Making payments or completing a project

This can include:

  • Full name, email address, phone number, and company information
  • Billing address and payment details (processed through trusted third parties such as Stripe or PayPal — we never store your full payment data)
  • Creative briefs, references, or project details shared for production purposes
  • Social media handles or public profile links provided for project collaboration

We may also collect professional information such as:

  • Your job title, brand, or agency affiliation
  • Portfolio materials submitted for collaboration, casting, or crew applications

2.2 Non-Personal Information

Automatically collected data includes:

  • Browser type, operating system, and device identifiers
  • IP address and approximate geographic location (country or region level)
  • Referring websites, time spent on pages, and actions on the Website
  • Anonymous usage statistics from analytics tools (e.g., Google Analytics, Meta Pixel)
  • Technical logs and cookies (explained below)

2.3 Media Metadata

If you upload images or video files for project purposes, embedded metadata (EXIF data) may include information such as GPS location, device model, or author details.
We recommend removing metadata before uploading, unless it’s required for creative use.

3. How We Use Your Information

We use your information for legitimate business purposes, including:

  • Responding to your inquiries and managing client communication
  • Preparing and executing creative projects and production agreements
  • Processing bookings, payments, and invoices
  • Sending project updates, revisions, and delivery notifications
  • Maintaining internal records and tax compliance
  • Improving our Website, Services, and client experience
  • Protecting against fraud, abuse, or unauthorized access

We never sell, rent, or trade your personal information to third parties.

4. Legal Basis for Processing (GDPR Compliance)

For users in the EU/UK, our data processing relies on one or more of the following legal grounds:

  • Consent: You’ve explicitly agreed to specific uses (e.g., newsletter signup, contact form).
  • Contractual necessity: Processing is required to fulfill your booking or service agreement.
  • Legitimate interest: To maintain business operations, improve services, or market to existing clients.
  • Legal obligation: When processing is required for accounting, tax, or legal compliance.

5. Cookies and Tracking Technologies

Our Website uses cookies and similar technologies for:

  • Secure site operation
  • Visitor analytics and performance optimization
  • Remembering user preferences (e.g., language or session data)

You can adjust your browser settings to block or delete cookies. However, disabling cookies may affect site functionality.
For more details, please refer to our Cookie Policy.

6. Data Storage and Retention

Your data is stored securely on systems located in the United States and, when applicable, the European Union, using data centers and software providers that comply with recognized standards such as GDPR, SOC 2, and ISO 27001.

We retain personal information only as long as necessary to:

  • Complete your project and deliver final materials
  • Fulfill contractual and legal obligations (e.g., tax and accounting)
  • Handle disputes, claims, or warranty obligations

Afterward, your data is either anonymized or securely deleted.

Backup copies of certain business communications or invoices may be retained for audit or compliance reasons for up to 7 years.

7. Sharing of Information

We only share your information when necessary and with trusted parties, such as:

  • Service providers: Hosting companies, email servers, cloud storage, accounting platforms, and payment processors.
  • Project collaborators: Freelancers or subcontractors directly engaged in your project (e.g., editors, colorists, stylists) — all bound by confidentiality.
  • Legal or regulatory authorities: When required by law, court order, or government request.

We never share your information with advertisers, data brokers, or unrelated third parties.

8. Data Protection and Security

We use advanced technical and organizational measures to protect personal data, including:

  • SSL-encrypted connections and secure servers
  • Access restrictions based on least-privilege principles
  • Encrypted backups and multi-factor authentication for staff accounts
  • Regular audits, updates, and vulnerability checks

Despite these efforts, no system is 100% secure. You acknowledge that any data transmission involves some inherent risk.

9. International Data Transfers

As a U.S.-based company, some of your personal data may be transferred to and processed in countries outside your residence.
We ensure such transfers comply with GDPR, using Standard Contractual Clauses (SCCs) or other recognized safeguards to protect your information.

10. Rights of Data Subjects

Depending on your jurisdiction, you have the following rights:

Under GDPR (EU/UK)

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or outdated data.
  • Erasure (“Right to be Forgotten”): Request deletion of your personal data.
  • Restriction: Limit how we process your data.
  • Data portability: Obtain a copy in a structured, machine-readable format.
  • Objection: Object to data processing based on legitimate interests.
  • Withdraw consent: Revoke prior consent at any time.

Under CCPA (California)

  • Right to know: What data we collect and for what purpose.
  • Right to delete: Request deletion of personal information.
  • Right to opt out: We do not sell personal data, but you may still request confirmation.
  • Right to non-discrimination: You will not be penalized for exercising your rights.

To exercise these rights, contact us at [email protected].
We will respond within 30 days as required by law.

11. Client Files and Creative Materials

All project-related files (footage, photographs, edits, design drafts) are handled under strict confidentiality.
We use secure transfer platforms (e.g., WeTransfer Pro, Frame.io, Google Drive) for file exchange.

Unless otherwise agreed:

  • Raw materials may be archived for up to 12 months after project delivery.
  • Clients may request deletion of archives at any time after final delivery.
  • Deleted data cannot be restored once purged from our systems.

12. Communication Records

We may retain email or chat correspondence for quality assurance, project tracking, or legal compliance.
These records are stored securely and are never used for unsolicited marketing.

13. Third-Party Links and Integrations

Our Website may contain links or embedded content from third parties (e.g., Vimeo, Instagram, YouTube).
These platforms have their own privacy policies and data practices beyond our control.
We recommend reviewing their terms before interacting with external links or embedded content.

14. Children’s Privacy

Our Website and Services are not intended for children under 16 years of age.
We do not knowingly collect or store personal information from minors.
If we learn that such data has been provided, we will delete it immediately.

15. Changes to This Policy

We may modify or update this Privacy Policy periodically to reflect:

  • Changes in data protection laws
  • Updates to our business operations
  • Introduction of new technologies or services

All updates will be published on this page with a revised “Last updated” date.
Your continued use of our Website or Services after updates constitutes acceptance of the revised Policy.

16. Contact Us

If you have any questions, requests, or complaints about this Privacy Policy or our data handling practices, contact us at:

Garac Business Group LLC
30 N Gould St Ste R, Sheridan, WY 82801, USA
[email protected]
https://strahinjaergarac.com