Privacy Policy

Effective Date: September 29, 2025
Last Updated: September 29, 2025
Contact: privacy@skeletonkeystrategies.com

1. Introduction

Skeleton Key Strategies LLC (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://skeletonkeystrategies.com (the “Site”) or interact with us through other channels.

This policy applies to all visitors and users of our Site and services. By using our Site or services, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Information You Provide Directly

We collect information you voluntarily provide to us, including:

• Contact Information: When you submit a contact form, we collect your name, organization name, email address, and phone number
• Email Subscription Information: When you sign up for email alerts, we collect your email address
• Event Registration Information: When you register for events or request follow-up conversations through social media platforms, we collect information you provide through those interactions

Information Collected Automatically

When you visit our Site, we automatically collect certain information through analytics tools:

• Analytics Data: We use Google Analytics, which collects information such as your IP address, browser type, operating system, referring URLs, pages viewed, and time spent on pages
• Cookies: Google Analytics uses cookies to collect this information. Cookies are small data files stored on your device that help us understand how visitors interact with our Site

3. How We Use Your Information

We use the information we collect to:

• Respond to your inquiries and requests for information
• Send newsletters and marketing communications (with your consent)
• Provide and improve our consulting services
• Analyze Site usage and improve user experience
• Comply with legal obligations
• Protect our rights and prevent fraud or illegal activities

4. Legal Basis for Processing (GDPR)

For individuals in the European Economic Area (EEA) or United Kingdom, we process your personal data based on:

• Consent: When you provide explicit consent for marketing communications
• Legitimate Interests: For analytics and improving our services
• Contract Performance: When necessary to provide requested services
• Legal Obligations: When required by law

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information with:

• Service Providers: Third-party companies that help us operate our business, such as cloud storage providers, customer relationship management systems, and email marketing platforms (when implemented)
• Legal Requirements: When required by law or to respond to legal process
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Protection of Rights: To protect our rights, privacy, safety, or property

6. Data Storage and Retention

Your information is stored in secure cloud infrastructure maintained by our service providers. We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

We retain personal information described under Section 2, Information You Provide Directly, for up to 5 years, unless a longer retention period is required by law or you request deletion sooner.

We retain personal information described under Section 2, Information Collected Automatically, for up to 2 years, unless a longer retention period is required by law or you request deletion sooner.

7. Your Rights and Choices

Rights Under GDPR (EEA Residents) and UK GDPR (UK Residents)

If you are in the EEA or UK, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data
• Restriction: Request restriction of processing
• Portability: Receive your data in a portable format
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time

Rights Under CCPA (California Residents)

California residents have the right to:

• Know what personal information we collect, use, and disclose
• Request deletion of personal information
• Opt-out of the sale of personal information (we do not sell personal information)
• Non-discrimination for exercising privacy rights

Rights Under Other State Laws

Residents of Colorado, Connecticut, Utah, Virginia, and other states with privacy laws have similar rights including access, correction, deletion, and portability of personal information. We will honor these requests in accordance with applicable law.

Marketing Communications

We use double opt-in for email subscriptions. You can unsubscribe from marketing emails at any time by:

• Clicking the “unsubscribe” link in any marketing email
• Contacting us at privacy@skeletonkeystrategies.com

Cookies

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of our Site.

8. International Data Transfers

As we serve clients internationally, your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

9. Children’s Privacy

Our Site and services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected information from a child under 13, we will delete that information promptly.

10. Data Security

We implement robust technical and organizational security measures to protect your personal information, including requiring team members to use multi-factor authentication, encryption of digital communications and other data at rest and in transit, access controls, and regular security assessments. We monitor and update our security practices to address evolving threats.

11. Third-Party Links

Our Site may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to read the privacy policies of any websites for which you provide personal information.

12. Do Not Track Signals

Our Site does not currently respond to Do Not Track browser signals or similar mechanisms.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date. You are advised to review this Privacy Policy periodically for any changes.

14. Contact Information

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at:

Email: privacy@skeletonkeystrategies.com

For GDPR inquiries, EU/UK residents may also contact their local data protection authority.

15. Accessibility

We are committed to ensuring this Privacy Policy is accessible to individuals with disabilities. If you need this policy in an alternative format, please contact us.

By using our Site or services, you acknowledge that you have read and understood this Privacy Policy.