// LEGAL

Studios Privacy Policy

This page mirrors the Underbelly privacy policy (last updated: November 3, 2020) so Studios visitors know how their data is collected, used, and protected.

Definitions Data Collection How We Use Data Retention & Transfer Your Rights Contact

Key Definitions

Some important terms used throughout this policy:

  • Company: Underbelly, 343 W 400 S, Salt Lake City, UT 84101. Acts as the Data Controller under GDPR and the Business under CCPA.
  • Personal Data: Any information that can identify you directly or indirectly (name, email, IP address, etc.).
  • Usage Data: Device, browser, and interaction data collected automatically when you visit our sites.
  • Cookies: Small files stored on your device that help remember preferences, authenticate sessions, and analyze usage.
  • Service Providers: Trusted vendors (analytics, payments, email) who process data on our behalf under contract.

What We Collect

  • Provided info: Email, first/last name, purchase details, and anything you submit via forms.
  • Automatic info: IP address, browser/device type, pages visited, timestamps, and mobile identifiers.
  • Cookies & tracking: Session cookies for essential functionality, persistent cookies for preferences, analytics cookies for traffic insights, and optional marketing pixels.

You can disable cookies in your browser, but key features may stop working.

How We Use Personal Data

  • Provide and maintain the website, products, and support experience.
  • Manage your account and fulfill contracts (project work, memberships, purchases).
  • Send service updates, security notices, and—with your consent—marketing emails.
  • Analyze performance, improve offerings, and detect fraud or abuse.
  • Facilitate business transfers such as mergers or acquisitions.

We share data with service providers (Google Analytics, Mailchimp, PayPal/Square) solely to perform the services described. They may have their own privacy policies you can review.

Retention, Transfer & Security

  • We keep Personal Data only as long as needed for the stated purposes or legal obligations.
  • Usage Data may be retained longer for security and analytics.
  • Data may be processed in the U.S. or other countries where our vendors operate; we enforce contractual safeguards for international transfers.
  • We use commercially reasonable security measures, but no method is 100% secure.
  • We disclose data only when required by law, to protect our rights, or to prevent wrongdoing.

Your Privacy Rights

GDPR (EU/EEA)

  • Access, correct, or delete your Personal Data.
  • Object to processing or request portability of your data.
  • Withdraw previously granted consent at any time.
  • Lodge a complaint with your local data protection authority.

CCPA (California)

  • Know what categories of data we collect, why we collect it, and with whom it’s shared or sold.
  • Request deletion of Personal Data (with limited exceptions).
  • Opt out of data “sales” and non-essential sharing.
  • Receive equal service and price even after exercising your rights.

Contact + Requests

To exercise any privacy rights or ask questions, email hello@underbelly.is. We may need to verify your identity before fulfilling requests. Expect responses within 45 days (CCPA) or sooner whenever possible.