Redstone Strategy Group Privacy Policy

Last Updated: December 15, 2022

This Privacy Policy (“Policy”) describes and governs the information collection, use, and sharing practices of Redstone Strategy Group, a division of Arabella Advisors (“Redstone,” “we,” “us,” and “our”), headquartered at 1828 L Street NW, Suite 300, Washington, DC 20036, with respect to both your use of the Redstone website at www.redstonestrategy.com and any other services that reference this Policy (collectively, the “Services”).

Before you use or submit any information through or in connection with the Services, please carefully review this Policy. By using any part of the Services, regardless of how you access the Services, you consent to the collection, use, and disclosure of your information as further outlined in this Policy. IF YOU DO NOT AGREE TO THIS POLICY, PLEASE DO NOT USE THE SERVICES. We will continue to evaluate this Policy as we update and expand the Services and our offerings, and we may make changes to the Policy accordingly. Any changes will be posted here and you should check this page periodically for updates. If we make material changes to this Policy, we will provide you with notice as required by law. Your continued use of the Services will signify acceptance of the terms of the updated Policy.

Undefined capitalized terms used herein shall have the definitions as set forth in our Terms of Use.

  1. Information We Collect

We collect information in multiple ways, including when you provide information directly to us, and when we passively collect information from you, such as from your browser or device.

a. Information You Provide Directly to Us

We may collect information from you in a variety of ways, such as when you:

  • Contact us through our website;
  • Become a client; or
  • Otherwise communicate with us, such as via email.

We will collect any information that you provide to us, which may include, but is not limited to: (i) name; (ii) email address; (iii) mailing address; (iv) phone number; and (v) workplace information.

You do not have a statutory or contractual obligation to provide us with your information through our site; however, certain information may be required in order to use specific functions of our site.

b. Information that Is Passively or Automatically Collected

     i. Device/Usage Information

We may automatically collect certain information about the computer or devices (including mobile devices or tablets) you use to access the Services. As described further below, we may collect and analyze information such as (a) IP addresses, location information, unique device identifiers, IMEI and TCP/IP address, and other information about your computer or device(s), browser types, browser language, operating system, mobile device carrier information, the state or country from which you accessed the Services; and (b) information related to the ways in which you interact with the Services, such as: referring and exit web pages and URLs, platform type, the number of clicks, domain names, landing pages, pages and content viewed and the order of those pages, statistical information about the use of the Services, the amount of time spent on particular pages, the date and time you used the Services, the frequency of your use of the Services, error logs, and other similar information. As described further below, we may use third-party analytics providers and technologies, including cookies and similar tools, to assist in collecting this information.

     ii. Cookies and Other Electronic Technologies

We may also collect data about your use of the Services through the use of Internet server logs, cookies and/or tracking pixels—such as Google Analytics. A web server log is a file where website activity is stored. A cookie is a small text file that is placed on your computer when you visit a website, that enables us to: (a) recognize your computer; (b) store your preferences and settings; (c) understand the web pages of the Services you have visited; (d), enhance your user experience by delivering content and advertisements specific to your inferred interests; (e) perform searches and analytics; and (f) assist with security administrative functions. Some cookies are placed in your browser cache. Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads and/or email, and that are designed to provide usage information like ad impressions or clicks, measure popularity of the Services and associated advertising, and to access user cookies. We also may include Web beacons in email messages, newsletters and other electronic communications to determine whether the message has been opened and for other analytics, personalization and advertising. As we adopt additional technologies, we may also gather additional information through other methods.

Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet ExplorerMicrosoft EdgeGoogle ChromeMozilla Firefox; or Apple Safari). Please note that by blocking any or all cookies, you may not have access to certain features or offerings of the Services.

     iii. Information from Social Networking Sites and Other Third Parties

Social networking sites, such as Facebook, have their own policies for handling your information. For a description of how these sites may use and disclose your information, including any information you make public, please consult the sites’ privacy policies. We have no control over how any third-party site uses or discloses the personal information it collects about you.

We may also collect information about you or others through non-affiliated third parties. For example, to the extent permitted by law, we may, in our sole discretion, ask for and collect supplemental information from third parties, such as information about your organization’s history, information to verify your identity or trustworthiness, or for other fraud or safety protection purposes. We may combine information that we collect from you through the Services with information that we obtain from such third parties and information derived from any other products or services we provide.

  1. How We Use Your Information

We may use the information we collect from and about you for the following purposes:

  • For the purposes for which you provided it;
  • To recognize and authenticate you on the Services;
  • To initiate or to provide the features, services and products available through the Services;
  • To send you information about your relationship or transactions with us, account alerts, or other communications, such as newsletters to which you have subscribed;
  • To contact you with information or surveys that we believe may be of interest to you both regarding our products and Services and those of third parties;
  • To process and respond to your inquiries or to request your feedback;
  • For internal research and reporting;
  • To improve the content and features of the Services or develop new Services;
  • For internal recruiting purposes;
  • With your consent, to call or send you SMS messages regarding your relationship with us or offers or services that may interest you;
  • To enforce the legal terms that govern your use of the Services; and
  • To administer and troubleshoot the Services.

Please note that we may combine information that we collect from you and about you (including automatically-collected information) with information we obtain about you from our affiliates and/or non-affiliated third parties, and use such combined information in accordance with this Policy.

We may aggregate and/or de-identify information collected through the Services. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also disclose such data to any third parties, including advertisers, promotional partners, and/or others.

  1. When We Disclose Your Information

We may disclose your information to certain categories of non-affiliated third parties under the following circumstances:

  • Consent. We may disclose your information to any third parties based on your consent to do so.
  • Service Providers. We may provide access or disclose your information to select third parties who perform services on our behalf, including without limitation marketing, market research, customer support, data storage, analysis and processing, and legal services.
  • Protection of Redstone and Others. You acknowledge, consent, and agree that Redstone may access, preserve, and disclose your information you submit or make available for inclusion on the Services, if required to do so by law or in a good faith belief that such access, preservation, or disclosure is permitted by this Policy or reasonably necessary or appropriate for any of the following reasons: (a) to comply with legal process; (b) to enforce this Policy or other contracts with you, including investigation of potential violations thereof; (c) to respond to claims that any content violates the rights of third parties; (d) to respond to your requests for customer service; and/or (e) to protect the rights, property, or personal safety of Redstone, its agents and affiliates, its users, and the public. This includes exchanging information with other companies and organizations for fraud protection, and spam/malware prevention, and similar purposes.
  • Organizational Transfers. As we continue to develop our organization, we may acquire, merge or partner with other organizations. In such transactions, (including in contemplation of such transactions, e.g., due diligence) user information may be among the transferred assets. If any of Redstone’s assets are sold or transferred to a third party, customer information (including your email address) would likely be one of the transferred business assets.
  1. Legal Basis for Processing Personal Data

The laws in some jurisdictions require companies to tell you about the basis for using or disclosing your personal data. To the extent those laws apply, our legal grounds for processing your personal data are as follows:

  • To Honor Our Contractual Commitments to You. Much of our processing of personal data is to meet our contractual obligations to our clients, or to take steps at clients’ request in anticipation of entering into a contract with them.
  • Legitimate Interests. In many cases, we handle personal data because it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals including the following:
    • Customer service
    • Marketing
    • Protecting our customers, personnel and property
    • Analyzing and improving our business
    • Managing legal issues

We may also process personal data for the same legitimate interests of our clients and business partners.

  • Legal Compliance. We need to use and disclose personal data in certain ways to comply with our legal obligations.
  • Consent. Where required by law, and in some other cases, we handle personal data on the basis of consent. Where we handle your personal data on the basis of consent, you have the right to withdraw your consent.
  1. Online Analytics

We may use third-party web analytics services (such as those of Google Analytics) on our Services to collect and analyze the information discussed above, and to engage in auditing, research or reporting. The information (including your IP address) collected by various analytics technologies described in the “Cookies and Other Electronic Technologies” section will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Services, including by noting the third-party website from which you arrive, analyzing usage trends, assisting with fraud prevention, and providing certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.

If you receive email from us, we may use certain analytics tools, such as clear GIFs, to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.

  1. Notice Concerning Do-Not-Track Signals

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We do not recognize or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT. You can learn more about Do Not Track here.

  1. Your Choices and Rights

All users can review and update certain user information by emailing us at [email protected]. You can unsubscribe from marketing emails by clicking the “unsubscribe” link they contain. You can also opt out of our sharing of your mailing information with other nonprofits by emailing us at [email protected] and describing your request.

  1. Geographic Scope

The website is operated in the United States and is intended for users located in the United States. The website is therefore operated in accordance with the laws of the United States. If you are located outside of the United States, please be aware that information you provide to us or that we obtain as a result of your use of the Services will be collected in the United States and/or transferred to the United States and will be subject to U.S. law.

By using the Services and/or providing us with information, you (a) consent to the transfer and/or processing of any information to and in the United States, (b) acknowledge that U.S. law may provide a lower standard of protection for information than the laws of your location, (c) understand that we will collect, transfer, store, process and disclose information from or about you in accordance with this policy and U.S. law.

  1. Children’s Privacy

The Services are intended for general audiences and not for children under the age of 13. If we become aware that we have collected personal information (as defined by the Children’s Online Privacy Protection Act) from children under the age of 13, we will take reasonable steps to delete it as soon as practicable.

  1. Security

We have implemented administrative, technical, and physical security measures to protect against the loss, misuse, and/or alteration of your information. These safeguards vary based on the sensitivity of the information that we collect and store. However, we cannot and do not guarantee that these measures will prevent every unauthorized attempt to access, use, or disclose your information since despite our efforts, no Internet and/or other electronic transmissions can be completely secure.

  1. Data Retention

We will hold your information for as long as necessary to fulfill the purposes set forth in this Policy or as long as we are legally required or permitted to do so. Information may persist in copies made for backup and business continuity purposes for additional time.

  1. Third-Party Links and Services

The Services may contain links to or “frame” third-party websites, applications, and other services. Please be aware that we are not responsible for the privacy practices of such other sites and services. We encourage our users to be aware when they leave our Services and to read the privacy statements of each and every site they visit that collects their information.

  1. “Shine the Light” Disclosure

California Law permits visitors who are California residents to request certain information once per year regarding our disclosure of “personal information” (as that term is defined under applicable California law) to third parties for such third parties’ direct marketing purposes. To make such a request, please send an email to [email protected] with “Shine the Light” in the subject line or write to us at Arabella Advisors c/o Redstone Strategy Group, 1828 L Street NW, Suite 300, Washington, DC 20036.

  1. Questions About this Policy

If you have any questions about our Policy, you can contact us by emailing us at [email protected].

ADDITIONAL PRIVACY NOTICE FOR CERTAIN U.S. RESIDENTS INCLUDING CALIFORNIA RESIDENTS

Privacy laws in certain U.S. states, including the California Consumer Privacy Act of 2018, as amended (“CCPA”), require us to make specific disclosures to state residents. This additional information section provides these legally-required disclosures in the form mandated by state law, but does not differ substantively from the information set forth  above in our Privacy Policy. Please see our main sections of our Privacy Policy above for complete information about our privacy practices including our collection, use, retention, and disclosure of that information.

In this section, the terms “personal information” (“PI”) and “sensitive personal information” (“SPI”) have the meanings set forth in applicable state privacy law. “Consumer” means the consumer to whom the PI or SPI relates.

1. PERSONAL INFORMATION WE COLLECT AND DISCLOSE

During the 12 months leading up to the effective date of this Policy, we have collected all of the types of PI and SPI described in Section 1,“Information We Collect”,  of the Policy above, and we used it for the purposes described in Section 2,  “How We Use Information”. We may collect the following categories of PI and SPI about consumers, and we may disclose this information to the categories of third parties listed below:

Categories of Personal Information We Collect Categories of Third Parties Recipients
Sensitive personal information

 

Please note:  We endeavor not to collect sensitive personal information. While we cannot control the information you send to us through your communications to us, we encourage you not to send us sensitive personal information.

 

N/A
Identifiers, such as name, username, password, email address, and IP address Corporate affiliates; service providers; third parties when sharing mailing lists with non-profits
Customer Records information, such as telephone number, mailing address, employment, or Corporate affiliates; service providers
Professional or employment related information, such as your resume when you apply for a job Corporate affiliates; service providers
Internet or other network or device activity, such as browsing history or a record of online Services usage Corporate affiliates; service providers; Data analytic providers.

 

2. SALES AND SHARING 

During the 12 months leading up to the effective date of this Policy, we did not and do not “sell” personal information. During the 12 months leading up to the effective date of this Policy, we did not and do not “share” personal information for targeted advertising purposes (as that term is defined under applicable state law).

To our knowledge, we do not and have not in the past 12 months “sold” or “shared” for targeted advertising purposes the personal information of individuals under 16 years of age.

While we take the position that we do not sell or share personal information as those terms are defined, you may prevent Google Analytics from using your information for analytics, by installing the Google Analytics Opt-out Browser Add-on by clicking here.

3. FINANCIAL INCENTIVES AND PROFILING

We do not offer financial incentives associated with our collection, use, or disclosure of your personal information.

We do not engage in profiling in furtherance of decisions that produce legal or similarly significant effects.

4. YOUR RIGHTS

Depending on your state of residence, you may have the following rights, subject to exceptions:

  • The Right to Know: You have the right to request that we provide you the categories of PI we have collected or disclosed about you in the last twelve (12) months; the categories of sources of such information; the business or commercial purpose for collecting or selling your PI; and the categories of third parties with whom we shared PI.
  • The Right to Access: You have the right to request we provide access to and/or a copy of certain PI we have held about you during the last twelve (12) months.
  • The Right to Correct: You have the right to request we correct inaccurate PI about you.
  • The Right to Delete: You have the right to request we delete PI you provided to us.
  • The Right to Limit Use and Disclosure of SPI: If we use or disclose your SPI for certain nonessential purposes, you will have the right to receive notice of such use or disclosure and the right to request we limit our use and disclosure of your SPI to only certain purposes.
  • The Right of Nondiscrimination: You have the right to not be discriminated against because you exercise your rights.

Certain information and business practices may be exempt from requests to exercise some of these rights. For example, we need certain types of information to provide the Services to you and to comply with applicable law. If you ask us to delete certain information, we may refuse the request for such reasons, or grant it only on the condition that you may no longer be able to access or use the Services.

To make such a request, please send an email to [email protected]. You may also exercise certain choices on your own. For example, to prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking HERE. You may also opt-out of receiving email through the unsubscribe link the email itself.

You may be required to verify your identity before we fulfill your request, which may include verifying your name, email address, mailing address, and/or phone number, depending on the nature of the request and the information we hold about you. If you have an online account with us, we might also require you to login to that account as part of the verification process. If you are a California resident, you can also designate an authorized agent to make a request on your behalf if that authorized agent has, and is able to furnish to us, written authorization from you. You may still need to verify your identity and confirm the agent’s authority directly with us if we are not convinced of the validity of the agent’s request. For security and legal reasons, we may refuse to accept requests that require us to visit an agent’s website.