Privacy policy

 

BEYOND SLIM, LLC

ENTERPRISE PRIVACY & DATA GOVERNANCE FRAMEWORK

Effective Date: February 26, 2026

 

==============================

SECTION 1 – ENTERPRISE PRIVACY POLICY

==============================

 

1.1 Overview

Beyond Slim, LLC (“Company,” “we,” “us,” or “our”) maintains this Enterprise Privacy & Data Governance Framework to comply with the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and other applicable data protection laws.

 

1.2 Scope

Applies to all Personal Information collected via websites, mobile, advertising platforms, CRM systems, payment systems, email, SMS, and offline interactions.

 

1.3 Definitions

Personal Information: Information reasonably capable of identifying a consumer or household.

Sensitive Personal Information: Includes payment data, account credentials, precise geolocation.

Share: Disclosure for cross-context behavioral advertising.

Service Provider / Contractor: Entity processing data under written agreement.

 

1.4 Categories Collected (Past 12 Months)

• Identifiers

• Commercial Information

• Internet/Network Activity

• Financial Information

• Geolocation (approximate)

• Inferences

• Limited Sensitive Personal Information

 

1.5 Business Purposes

• Order fulfillment

• Payment processing

• Advertising & analytics (including Meta Pixel & Conversions API)

• Fraud prevention

• Legal compliance

• Operational improvement

 

1.6 Meta Technologies Disclosure

We use Meta Pixel and Meta Conversions API. These tools transmit identifiers and event data to Meta Platforms, Inc. for measurement and cross-context behavioral advertising. Such disclosure may qualify as “sharing” under California law.

 

1.7 Disclosure Categories

Disclosed to:

• Service Providers (payment, hosting, shipping)

• Advertising partners

• Analytics vendors

• Legal authorities

• Successor entities

 

We do not sell Personal Information for monetary consideration.

 

1.8 California Rights

Consumers may:

• Know

• Delete

• Correct

• Opt-out of Sale/Share

• Limit Sensitive Personal Information

• Receive Non-Discriminatory Treatment

 

Requests: support@beyondslim.com

 

1.9 Data Retention

See Retention Schedule below.

 

1.10 Security Safeguards

See Security Controls section below.

 

==============================

SECTION 2 – DATA RETENTION SCHEDULE

==============================

 

Category | Retention Period | Purpose

Customer Orders | 7 Years | Tax & financial compliance

Marketing Data | 24 Months | Campaign analytics

Web Analytics Logs | 14 Months | Performance analysis

Support Tickets | 36 Months | Customer service records

Payment Data | Stored by Processor | PCI compliance

Account Data | Duration of Account + 24 Months | Business continuity

 

==============================

SECTION 3 – INFORMATION SECURITY CONTROLS (SOC2-STYLE SUMMARY)

==============================

 

Administrative Controls:

• Written data governance policies

• Access control policies

• Vendor due diligence

• Incident response plan

 

Technical Controls:

• Encryption in transit (TLS 1.2+)

• Role-based access control

• Multi-factor authentication (where applicable)

• Network monitoring

• Logging & anomaly detection

 

Physical Controls:

• Secure hosting environments

• Restricted access facilities (via vendors)

• Environmental safeguards

 

Incident Response:

We maintain a documented incident response plan and will notify affected individuals as required by law.

 

==============================

SECTION 4 – DATA PROCESSING ADDENDUM (TEMPLATE)

==============================

 

This Data Processing Addendum (“DPA”) forms part of any agreement between Beyond Slim and a Service Provider.

 

Processor Obligations:

• Process data only on documented instructions

• Maintain confidentiality

• Implement appropriate security measures

• Assist with consumer rights requests

• Delete or return data upon termination

• Permit reasonable audit rights

 

Subprocessors:

Processor must provide notice and ensure equivalent contractual protections.

 

International Transfers:

Where applicable, standard contractual clauses or lawful transfer mechanisms must be implemented.

 

==============================

SECTION 5 – COOKIE POLICY

==============================

 

We use the following categories of cookies:

• Essential Cookies – Site functionality

• Performance Cookies – Analytics (Google Analytics, etc.)

• Advertising Cookies – Meta Pixel, remarketing tools

• Functional Cookies – Preference storage

 

Users may manage cookie settings via browser controls or cookie banner tools.

 

Advertising cookies may result in sharing under California law. Users may opt out via “Do Not Sell or Share” mechanisms.

 

==============================

SECTION 6 – CALIFORNIA NOTICE AT COLLECTION (Banner Language)

==============================

 

We collect Personal Information for business and advertising purposes, including identifiers, purchase data, and online activity. We may share certain data for cross-context behavioral advertising. You may opt out of the sale or sharing of Personal Information by clicking “Do Not Sell or Share My Personal Information” or contacting support@beyondslim.com.

 

==============================

CONTACT

==============================

 

Beyond Slim, LLC

8776 E Shea Blvd

Scottsdale, AZ 85260

support@beyondslim.com