Privacy Policy

This Privacy Policy applies to Fix the Front Office (fixthefrontoffice.com), operated by Misfit Island LLC ("we," "us," or "our").

We are committed to protecting your privacy and being transparent about how we collect, use, and protect your personal information. This policy explains your rights and our obligations regarding your data.

1. Information We Collect

We collect very little personal information, and most of our website can be used without providing any.

1.1 Information You Provide Directly

We collect information you choose to provide to us, including:

• Name, email address, phone number, and business contact details
• Company or organization name and job title
• Information you submit when you contact us, book a session, or share the results of an assessment with us

1.2 The Find the Gap Assessment

Our Find the Gap assessment shows you your results immediately and does not require you to create an account or provide an email address to see them. We only receive identifying information from the assessment if you choose to share your contact details to receive follow-up.

1.3 Usage and Technical Information

We use Cloudflare Web Analytics to understand how our website is used. Cloudflare Web Analytics is privacy-focused and does not use cookies or collect personal data such as your IP address for tracking purposes. It provides us with aggregate information such as page views, referral sources, and general performance metrics, without identifying individual visitors.

1.4 Cookies and Tracking Technologies

Because we use cookieless analytics, our website uses minimal or no tracking cookies. See our Cookie Policy for detailed information.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Service Delivery and Operations

• Respond to inquiries, booking requests, and service questions
• Provide and improve our facilitation and advisory services
• Communicate with you about a session or engagement

2.2 Communication

• Send messages related to a session, booking, or inquiry you initiated
• Send occasional updates or relevant content, only where you have agreed to receive them; you may opt out at any time

2.3 Analytics and Improvement

• Analyze aggregate, non-identifying usage patterns to improve our website and services

2.4 Legal and Security

• Ensure security and protect against malicious activity
• Comply with legal obligations, enforce our terms, and protect our rights

2.5 Legal Basis for Processing (GDPR)

For users in the EU/UK, we process your data based on:

• Consent: You have given clear consent for us to process your data for specific purposes
• Contract: Processing is necessary to fulfill our engagement with you
• Legal Obligation: Processing is required by law
• Legitimate Interests: Processing is necessary for our legitimate business interests (such as improving our services and security) and does not override your rights

3. How We Share Your Information

We do not sell or rent your personal information to third parties.

We may share your information with:

3.1 Service Providers

We share data with trusted third-party service providers who perform services on our behalf:

• Email and Scheduling: Zoho (for business communications and session scheduling)
• Hosting and Analytics: Cloudflare (for website hosting and privacy-focused, cookieless analytics)

These providers are bound to protect your data and use it only for the purposes we specify. Each maintains its own privacy practices.

3.2 Payment

We do not process payments on this website. Any payment for services is arranged separately, and any payment processor used for an engagement will handle your payment information under its own privacy practices.

3.3 Business Transfers

If Misfit Island LLC is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

3.4 Legal Requirements

We may disclose your information if required by law or in response to valid legal processes, enforcement of our terms, protection of our rights or safety, or investigation of fraud or illegal activity.

3.5 With Your Consent

We may share your information for other purposes with your explicit consent or at your direction.

4. Your Privacy Rights

Depending on your location, you have various rights regarding your personal data:

4.1 General Rights (All Users)

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data (subject to legal obligations)
• Opt-Out: Unsubscribe from any non-essential communications at any time
• Data Portability: Receive your data in a structured, machine-readable format

4.2 GDPR Rights (EU/UK Users)

If you're in the European Union or United Kingdom, you also have the right to restrict processing, object to processing based on legitimate interests, withdraw consent, and lodge a complaint with your local data protection authority.

4.3 CCPA/CPRA Rights (California Residents)

California residents have additional rights, including the right to know what personal information we collect, the right to delete it, the right to opt out of the sale or sharing of personal information (note: we do not sell personal information), the right to non-discrimination, the right to correct inaccurate information, and the right to limit the use of sensitive personal information.

4.4 How to Exercise Your Rights

To exercise any of these rights, contact us at privacy@fixthefrontoffice.com. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

5. Data Security

We implement reasonable technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (HTTPS/TLS)
• Access controls and authentication requirements
• Secure hosting infrastructure with reputable providers

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

5.1 Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will notify you promptly as required by applicable law, and will notify relevant supervisory authorities where required.

6. Data Retention

We retain your personal information only as long as necessary for:

• Providing our services and fulfilling the purposes described in this policy
• Complying with legal, tax, accounting, or regulatory requirements
• Resolving disputes and enforcing our agreements

When we no longer need your personal information, we will securely delete or anonymize it. Specific retention periods vary based on the type of data and applicable legal requirements.

7. International Data Transfers

Misfit Island LLC operates in the United States. If you are located outside the U.S., your information will be transferred to, stored, and processed in the United States, which may not have the same data protection laws as your country.

For EU/UK residents, we take steps to ensure adequate protection of your data and comply with applicable data transfer mechanisms.

8. Children's Privacy

Our services are directed to sports organizations and professionals, not to children. Our services are not directed to individuals under the age of 13 (or 16 in the EU), and we do not knowingly collect personal information from children.

If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete it promptly. If you believe we have collected information from a child, please contact us at privacy@fixthefrontoffice.com.

9. Third-Party Links and Services

Our website may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party sites before providing them with your personal information.

10. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature. There is currently no industry standard for how to respond to DNT signals. We do not currently respond to DNT signals, but we respect your privacy choices as described in this policy. Because we use cookieless analytics, we do little tracking in the first place.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make changes, we will update the "Last Updated" date at the top of this policy, and for material changes we will provide a prominent notice on our website.

Continued use of our services after changes become effective constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: