Privacy Policy for HatchWay Advisors LLC

Last Updated: April 17, 2025
Website: https://www.thehatchway.com
Contact Email: matthias@thehatchway.com

‍1. About Us
HatchWay Advisors LLC ("HatchWay Advisors", "we", "our", or "us") is a U.S.-based company that provides educational services focused exclusively on the teaching of business fundamentals, including topics such as business formation, contracts, taxes, compliance, and operational workflows. We offer this education through online modules, live advisory sessions, and written resources.

This Privacy Policy explains how we handle your personal data when you use our services, visit our website, or communicate with us. It is designed to comply with the data protection standards of the GDPR, UK GDPR, ePrivacy Directive, CCPA/CPRA, LGPD, PIPEDA, and other international privacy frameworks.

2. Scope and Audience
Our services are intended solely for individuals aged 18 years or older. This Privacy Policy applies to:

- Visitors of https://www.thehatchway.com
-Clients who use our education and advisory services
- Individuals who contact us or request information

We do not knowingly collect data from children under 18. If we become aware that such data has been collected, we will delete it promptly.

3. What Data We Collect
We collect the following types of personal data, depending on your interactions with us:

a) Data You Provide Directly
- Contact Information: Name, email address, phone number, billing address, country
- Professional Information: Job title, business name, and industry (where applicable)
- Course Participation Data: Registration details, session attendance, feedback or submissions
- Payment Data: Processed securely via Stripe; we only access billing metadata
- Communications: Emails, form responses, and support requests

b) Data Collected Automatically- Device & Usage Data: IP address (anonymized where required), browser, OS, pages visited, referring URL
- Cookies & Tracking: For analytics and performance, with your consent (see Cookie Policy)
- We do not process any sensitive personal data or special categories of data.

4. Why We Process Your Data
We only process your data when we have a legal basis under privacy law. These include:
‍

5. Cookies and Analytics
We use cookies and similar tracking technologies to:
- Maintain website functionality
- Remember your preferences
- Analyze aggregate user behavior

Non-essential cookies (e.g., Google Analytics, Hotjar) are only set with your prior consent, in line with GDPR and the ePrivacy Directive. You can update your preferences anytime using the "Cookie Settings" link in our site footer.

For details, see our full Cookie Policy.

6. Who We Share Data With
We do not sell your data. We only share it with:

a) Service Providers and ProcessorsAll third-party vendors are bound by strict Data Processing Agreements (DPAs) and only act under our instruction. These include:
- Stripe, Inc. – Secure payment processing
- Buildable.co – CRM and scheduling system
- Google LLC – Site analytics (with IP anonymization and consent)
- Hotjar Ltd. – UX analytics (if consented)

b) Legal and Regulatory Disclosures
‍We may disclose your information if legally required or necessary to protect our rights, users, or the public.

c) Business Transfers
‍In the event of a merger, acquisition, or sale, we may transfer your data, provided safeguards remain in place.

7. International Data Transfers
We operate in the United States and may transfer personal data internationally, including from the EU, UK, Brazil, or Canada.

To ensure legal transfers, we:
- Rely on Standard Contractual Clauses (SCCs) approved by the European Commission
- Use providers certified under the EU-U.S. Data Privacy Framework (DPF) (where applicable)Perform
- Transfer Impact Assessments (TIAs) where required

You may request a copy of our data transfer safeguards by contacting us.

8. How Long We Keep Your Data
We retain your personal data only as long as needed for legal or operational purposes, including:

‍Client account data: 5 years from last interaction
‍Payment records: 7 years (tax/accounting compliance)Cookies/analytics data: Per your consent settings, max 2 years
‍Support communications: Up to 2 years

After these periods, we securely delete or anonymize the data.

9. Your Rights
Depending on your jurisdiction, you may have the following rights:

Under the GDPR (EU/EEA/UK):
Access your dataCorrect or update inaccurate information
Request erasure ("right to be forgotten")Restrict or object to certain processing
Request data portability

Withdraw consent at any timeUnder the CCPA/CPRA (California):
Know what data we collect and why
Request access or deletion of personal data
Opt-out of sale or sharing (we do neither)Non-discrimination for exercising your rights

Under LGPD (Brazil) and PIPEDA (Canada):
Access, correction, and deletion rightsTransparency around use and disclosure
Consent managementTo exercise your rights, contact: matthias@thehatchway.com
We aim to respond within 30 days, or as required by law. We may request identity verification before fulfilling your request.

10. Data Security
We implement technical and organizational measures to protect your personal information, including:
- Encrypted website and data transmission (HTTPS/TLS)
- Access controls and staff training
- Data minimization and retention enforcement
- Regular reviews of our systems for vulnerabilities

‍Breach Notification: In the unlikely event of a data breach, we will notify affected users and supervisory authorities within legally mandated timeframes, in accordance with GDPR Articles 33–34, CPRA, or other applicable law.

11. Third-Party Links
Our website may contain links to external platforms (e.g., payment processors, learning tools). These are governed by their own privacy policies. We are not responsible for their data practices and encourage you to review them independently.

12. Terms of Use
This Privacy Policy is part of our broader legal terms. By using our website or services, you also agree to our Terms and Conditions, which govern acceptable use, limitations of liability, and other key terms.

13. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised “Last Updated” date. If we make material changes (such as changes to how we process your data), we will notify you via email if we have your contact details, or via a prominent website notice. We encourage you to review this Policy periodically to stay informed of how we protect your data.

14. Internal Compliance & Documentation
HatchWay Advisors LLC maintains a Record of Processing Activities (ROPA) as required under Article 30 GDPR. All third-party contracts include Data Processing Agreements (DPAs), and we have internal procedures for handling data subject access requests (DSARs), breach response, and international transfers.

15. EU Representative (Article 27 GDPR)
At this time, HatchWay Advisors LLC has not appointed a representative in the European Union pursuant to Article 27 of the General Data Protection Regulation (GDPR), as we do not regularly process personal data of individuals located in the EU, nor have we met the thresholds that require such representation. Should our operations expand to the extent that an EU representative becomes necessary under the GDPR, we will take appropriate steps to appoint one and update this policy accordingly.

16. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, you may contact us at:HatchWay Advisors LLC
Email: matthias@thehatchway.com
Website: https://www.thehatchway.com