PRIVACY POLICY

Effective Date: April 6, 2026

Company: Minnie Downtown Media LLC

Address: 30 N Gould St Ste R, Sheridan, WY 82801, United States

Website: https://ugcexecutive.com/

Email: hello@ugcexecutive.com

1. Introduction and Scope

Minnie Downtown Media LLC (“Company,” “we,” “us,” or “our”) is committed to protecting the privacy and personal data of all individuals who interact with our Website at https://ugcexecutive.com/ and the UGC Executive Academy program (collectively, the “Services”).

This Privacy Policy explains what personal data we collect, how we collect it, the legal bases on which we process it, how we use and share it, how long we retain it, and what rights you have in relation to your personal data.

This Privacy Policy applies to:

  • All visitors to our Website.
  • All individuals who register interest in, enroll in, or participate in the Program.
  • All individuals who communicate with us via email, contact forms, or other channels.
  • All individuals whose personal data we process in connection with the delivery of our Services.

This Privacy Policy is designed to comply with applicable privacy laws including, but not limited to, the General Data Protection Regulation (GDPR) (EU) 2016/679, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and other applicable U.S. and international data protection laws.

By using our Website or purchasing the Program, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this Privacy Policy, you must not use our Website or Services.

2. Data Controller

For the purposes of GDPR and other applicable data protection laws, the data controller responsible for your personal data is:

Minnie Downtown Media LLC

30 N Gould St Ste R, Sheridan, WY 82801, United States

Email: hello@ugcexecutive.com

Website: https://ugcexecutive.com/

We do not have a designated EU establishment. EU residents may contact us directly at the email address above for all data protection matters. We aim to respond to all privacy-related inquiries within 30 days.

3. Categories of Personal Data We Collect

3.1 Data You Provide Directly

We collect personal data that you voluntarily provide to us when you:

  • Register or express interest in the Program via forms on our Website.
  • Complete the enrollment and payment process.
  • Contact us by email or through contact forms.
  • Participate in Zoom mentorship sessions or live calls.
  • Post content in community spaces (WhatsApp groups or other community platforms).
  • Submit portfolio materials or assignments as part of the Program.

The categories of data collected through these interactions include:

  • Full name.
  • Email address.
  • Country of residence.
  • Payment information (processed and stored by our payment processor; we do not store full card data).
  • Communications content (emails, messages, questions submitted to us).
  • Portfolio materials and video submissions.
  • Any other information you voluntarily provide in communications with us.

3.2 Data Collected Automatically

When you visit our Website, certain data is collected automatically through standard web technologies, including:

  • IP address.
  • Browser type and version.
  • Operating system.
  • Pages visited and time spent on each page.
  • Referring URL (the page you came from before visiting our Website).
  • Date and time of your visit.
  • Device type and screen resolution.
  • Cookie identifiers and similar tracking technologies (see Section 9 and our Cookie Policy for full details).

This data is collected using cookies, web beacons, and similar technologies, and may be processed by third-party analytics and advertising platforms as described in Section 7.

3.3 Data Collected from Third Parties

We may receive personal data about you from third parties in the following circumstances:

  • From payment processors (such as Stripe, Inc.) in connection with transaction verification and fraud prevention. This includes transaction identifiers, payment status, and billing country.
  • From analytics platforms (such as Google Analytics) regarding your interactions with our Website.
  • From advertising platforms if you interact with our advertisements on third-party platforms (such as Meta or Google Ads).

We will handle any such data in accordance with this Privacy Policy and applicable law.

3.4 Sensitive Personal Data

We do not intentionally collect or process special categories of personal data (sensitive personal data), including data revealing racial or ethnic origin, political opinions, religious beliefs, health data, biometric data, or data concerning sexual orientation. Please do not submit such information to us. If you inadvertently provide sensitive personal data, we will delete it as soon as we become aware of it.

4. Legal Basis for Processing (GDPR)

For individuals located in the European Union or European Economic Area, we process your personal data on the following legal bases under GDPR Article 6:

  • Performance of a contract (Article 6(1)(b)): We process your name, email address, and payment-related data to fulfill our contractual obligations when you purchase and access the Program.
  • Legitimate interests (Article 6(1)(f)): We process certain data (such as Website analytics and fraud prevention data) based on our legitimate interests in operating, improving, and securing our Services, provided such interests are not overridden by your fundamental rights and freedoms.
  • Consent (Article 6(1)(a)): Where we process data based on your consent (such as for marketing communications or non-essential cookies), you may withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal.
  • Compliance with a legal obligation (Article 6(1)(c)): We may process your data where required to comply with applicable legal obligations, such as financial recordkeeping requirements.

Where we rely on legitimate interests as the legal basis for processing, you may object to that processing as described in Section 11.

5. How We Use Your Personal Data

We use the personal data we collect for the following purposes:

  • Program delivery: To provide you with access to the UGC Executive Academy Program, including course materials, the Verified Creator Marketplace, mentorship sessions, community access, and all other Program components.
  • Account management: To create and manage your enrollment account, send you access credentials, and communicate Program updates.
  • Payment processing: To process your enrollment payment securely through our payment processor and to handle refund or dispute requests.
  • Customer support: To respond to your inquiries, support requests, and complaints.
  • Program improvement: To analyze usage patterns and participant feedback to improve the quality and content of the Program.
  • Legal compliance: To comply with applicable legal obligations, including tax and financial recordkeeping requirements.
  • Fraud prevention and security: To detect, investigate, and prevent fraudulent activity, unauthorized access, and other misuse of our Services.
  • Marketing communications: To send you information about Program updates, new offerings, or promotions, where you have provided consent or where we have a legitimate interest to do so. You may opt out of marketing communications at any time.
  • Analytics and Website optimization: To understand how visitors interact with our Website and to improve its performance, usability, and content.
  • Villa event coordination: To organize and coordinate logistics for the annual villa retreat event for selected Program participants.

We will not use your personal data for any purpose incompatible with the purposes described in this Privacy Policy without first notifying you and, where required, obtaining your consent.

6. How We Share Your Personal Data

We do not sell, rent, or trade your personal data to third parties for their own marketing purposes. We may share your personal data in the following limited circumstances:

6.1 Service Providers

We share personal data with trusted third-party service providers who assist us in operating our Services. These providers are contractually bound to process your data only on our instructions and in accordance with applicable data protection laws. Our current categories of service providers include:

  • Payment processors (Stripe, Inc.): To securely process enrollment payments and manage transaction records.
  • Email and communication platforms: To deliver transactional and marketing emails.
  • Video conferencing platforms (Zoom): To conduct mentorship and live sessions.
  • Community platforms (WhatsApp or similar): To facilitate the Program participant community.
  • Website hosting and infrastructure providers: To host and maintain the Website and Program platform.
  • Analytics providers (Google Analytics or similar): To analyze Website traffic and usage patterns.
  • Advertising platforms (Meta, Google Ads, or similar): To manage and optimize advertising campaigns.

6.2 Legal Requirements

We may disclose your personal data if required to do so by applicable law, court order, regulatory authority, or governmental request. We will make reasonable efforts to notify you of such disclosures where legally permitted.

6.3 Business Transfers

In the event of a merger, acquisition, sale of assets, or other business restructuring involving the Company, your personal data may be transferred to the acquiring entity. We will notify affected users via email or Website notice prior to any such transfer and will ensure that the receiving party is bound by privacy obligations at least as protective as those in this Privacy Policy.

6.4 Marketplace Connections

If you are selected for or gain access to the Verified Creator Marketplace, limited profile information (such as your name, portfolio materials, and contact information) may be shared with prospective clients through the Marketplace for the purpose of facilitating business introductions. You will be informed of this sharing prior to your Marketplace profile being made visible.

6.5 Consent-Based Sharing

We may share your personal data with third parties with your explicit prior consent, such as for testimonial or case study purposes. You may withdraw such consent at any time.

7. Third-Party Tools and Data Processors

The following third-party tools and platforms are used in connection with the delivery of our Services and may process your personal data:

  • Stripe, Inc.: Payment processing. Stripe’s Privacy Policy is available at https://stripe.com/privacy. Stripe is PCI DSS compliant and does not store full card data on our behalf.
  • Google Analytics: Website analytics. Data is processed under Google’s Privacy Policy at https://policies.google.com/privacy. We use IP anonymization where available.
  • Zoom Video Communications, Inc.: Live mentorship sessions. Zoom’s Privacy Policy is available at https://zoom.us/privacy.
  • Meta Platforms, Inc. (Facebook/Instagram): Advertising and social media. Meta’s Data Policy is available at https://www.facebook.com/privacy/policy/.
  • Google LLC (Google Ads): Advertising. Google’s Privacy Policy is available at https://policies.google.com/privacy.
  • WhatsApp (Meta Platforms): Community communication. WhatsApp’s Privacy Policy is available at https://www.whatsapp.com/legal/privacy-policy/.

We conduct reasonable due diligence on our third-party processors to ensure they maintain appropriate data protection standards. Where required by GDPR, we maintain Data Processing Agreements (DPAs) with relevant processors.

8. International Data Transfers

We are based in the United States. If you are located in the European Union, European Economic Area, United Kingdom, or another jurisdiction with data transfer restrictions, your personal data will be transferred to and processed in the United States.

The United States does not have an adequacy decision from the European Commission. We rely on the following safeguards for international data transfers:

  • Standard Contractual Clauses (SCCs) approved by the European Commission, incorporated into our agreements with EU-based data processors where applicable.
  • For transfers to third-party processors (such as Stripe, Google, and Zoom), we rely on those processors’ own transfer mechanisms, which may include participation in recognized data transfer frameworks or the use of SCCs.

You may request a copy of the transfer safeguards applicable to your personal data by contacting us at hello@ugcexecutive.com.

9. Cookies and Tracking Technologies

Our Website uses cookies and similar tracking technologies to enhance your experience, analyze Website usage, and support our marketing activities. A cookie is a small text file placed on your device when you visit our Website.

We use the following categories of cookies:

  • Strictly necessary cookies: Essential for the Website to function correctly. These cannot be disabled.
  • Analytics cookies: Used to collect information about how visitors use our Website (e.g., Google Analytics). This data is aggregated and anonymized where possible.
  • Marketing and advertising cookies: Used to deliver relevant advertisements and measure campaign effectiveness (e.g., Meta Pixel, Google Ads tags).
  • Functional cookies: Used to remember your preferences and settings.

For detailed information on the cookies we use, their purpose, duration, and how to manage your cookie preferences, please refer to our Cookie Policy, available at https://ugcexecutive.com/.

EU and UK users will be presented with a cookie consent banner upon first visiting the Website. You may withdraw or modify your cookie consent at any time via the cookie preference settings on the Website.

10. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Our standard retention periods are:

  • Enrollment and account data: Retained for the duration of your Program access period, plus a minimum of 3 years following the end of your access, for legal and compliance purposes.
  • Payment and transaction records: Retained for a minimum of 7 years in accordance with U.S. financial recordkeeping requirements and applicable tax laws.
  • Communication records (emails, support tickets): Retained for up to 3 years from the date of the last communication.
  • Website analytics data: Retained for up to 26 months, in line with standard analytics platform retention settings.
  • Marketing consent records: Retained for as long as the consent is active, plus 3 years following withdrawal or inactivity.
  • Portfolio and submission materials: Retained for the duration of your Program access, plus up to 2 years unless you request deletion.

Upon expiration of the applicable retention period, we will securely delete or anonymize your personal data. Where deletion is not immediately possible (for example, due to backup systems), data will be isolated from further active processing until deletion is completed.

You may request earlier deletion of your personal data subject to the limitations described in Section 11 and applicable legal requirements.

11. Your Privacy Rights

11.1 Rights of EU/EEA Residents (GDPR)

If you are located in the European Union or European Economic Area, you have the following rights under GDPR:

  • Right of access (Article 15): You have the right to request a copy of the personal data we hold about you and information about how it is processed.
  • Right to rectification (Article 16): You have the right to request correction of inaccurate or incomplete personal data.
  • Right to erasure (Article 17): You have the right to request deletion of your personal data in certain circumstances, including where data is no longer necessary for the purpose it was collected, where you withdraw consent, or where processing is unlawful.
  • Right to restriction of processing (Article 18): You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to data portability (Article 20): You have the right to receive personal data you have provided to us in a structured, commonly used, machine-readable format, and to request that we transmit it to another controller where technically feasible.
  • Right to object (Article 21): You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we have compelling legitimate grounds that override your interests or rights.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal.
  • Right not to be subject to automated decision-making: We do not make decisions about you based solely on automated processing that produce legal or similarly significant effects.

To exercise any of these rights, please contact us at hello@ugcexecutive.com with the subject line “GDPR Data Request.” We will respond within 30 days of receiving your request. In complex cases, we may extend this period by up to 60 additional days with notice.

You also have the right to lodge a complaint with your local supervisory authority. A list of EU data protection authorities is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

11.2 Rights of California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

  • Right to know: You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the sources from which it was collected, the business or commercial purposes for collection, and the categories of third parties with whom we share it.
  • Right to delete: You have the right to request deletion of personal information we have collected about you, subject to certain exceptions.
  • Right to correct: You have the right to request correction of inaccurate personal information.
  • Right to opt out of sale or sharing: We do not sell personal information for monetary consideration. We may share certain data with advertising platforms. You may opt out of such sharing by contacting us or using the opt-out mechanisms on our Website.
  • Right to limit use of sensitive personal information: We do not process sensitive personal information beyond the scope permitted by the CPRA.
  • Right to non-discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights.

To submit a CCPA/CPRA rights request, please contact us at hello@ugcexecutive.com with the subject line “California Privacy Request.” We will verify your identity before processing the request and will respond within 45 days, with a possible extension of 45 additional days where necessary.

Authorized agents may submit requests on behalf of California residents with written authorization.

11.3 Rights of Other Users

Users in other jurisdictions may also have privacy rights under applicable local laws. We will make reasonable efforts to accommodate privacy requests from all users where technically and legally feasible. Please contact us at hello@ugcexecutive.com for any privacy-related requests.

12. Children’s Privacy

Our Services are intended for individuals who are at least 18 years of age. We do not knowingly collect personal data from individuals under the age of 18. If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us immediately at hello@ugcexecutive.com and we will take prompt steps to delete such data.

If we become aware that we have inadvertently collected personal data from a person under the age of 18, we will delete that data as quickly as practicable.

13. Data Security

We implement and maintain reasonable technical and organizational security measures designed to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Secure HTTPS encryption for all data transmitted between your browser and our Website.
  • Use of PCI DSS-compliant third-party payment processors that handle payment card data under strict security standards.
  • Access controls limiting personal data access to authorized personnel only.
  • Regular review of our security practices and third-party processor security standards.
  • Secure data storage practices for digital records.

Despite our efforts, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security of your personal data. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and relevant regulatory authorities as required by applicable law.

You are responsible for maintaining the security of your account credentials. Please use a strong, unique password and notify us immediately if you suspect unauthorized access to your account.

14. Marketing Communications

With your consent, or where we have a legitimate interest, we may send you marketing communications about the Program, related educational offerings, and other services that may be of interest to you.

You may opt out of receiving marketing communications at any time by:

  • Clicking the unsubscribe link included in any marketing email.
  • Contacting us at hello@ugcexecutive.com with the subject line “Unsubscribe.”

Opting out of marketing communications will not affect transactional or service-related communications necessary for Program delivery.

For EU users, we will only send marketing communications where we have a valid legal basis for doing so (consent or legitimate interests), and we will honor opt-out requests promptly.

15. Do Not Track Signals

Some browsers offer a “Do Not Track” (DNT) setting that sends a signal to websites requesting that your browsing activity not be tracked. Our Website does not currently respond to DNT signals, as there is no uniform industry standard for how websites should handle such signals. We will update this policy if a recognized standard emerges.

You may control tracking through your cookie preferences as described in Section 9 and our Cookie Policy.

16. Links to Third-Party Websites

Our Website and Program materials may contain links to third-party websites, platforms, or services that are not operated or controlled by us. This Privacy Policy does not apply to third-party websites. We are not responsible for the privacy practices or content of any third-party website.

We encourage you to review the privacy policies of any third-party website you visit before providing any personal data. The inclusion of a link to a third-party website does not constitute our endorsement of that website or its privacy practices.

17. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or business operations. We will post the updated Privacy Policy on our Website with a revised Effective Date.

For material changes that significantly affect how we process your personal data, we will provide notice via email or a prominent notice on our Website at least 14 days before the changes take effect. Your continued use of our Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

18. Contact and Data Subject Requests

For any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us at:

Minnie Downtown Media LLC

30 N Gould St Ste R, Sheridan, WY 82801, United States

Website: https://ugcexecutive.com/

Email: hello@ugcexecutive.com

Please include your full name, country of residence, and a clear description of your request in all privacy-related communications. We will make reasonable efforts to respond to all inquiries within 30 days.

EU residents who are not satisfied with our response have the right to lodge a complaint with their national data protection authority. A list of EU supervisory authorities is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en.