Data Processing and GDPR Compliance Statement

Effective Date: February 10, 2026

Company Name: Fifth and Tee LLC
Company Address: 75 E 3rd St, Sheridan, WY 82801, United States
Website: https://fifthandtee.com/
Email: info@fifthandtee.com

Introduction

This Data Processing and GDPR Compliance Statement ("Statement") explains how Fifth and Tee LLC ("Company," "we," "us," or "our") collects, processes, stores, transfers, and protects personal data in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other applicable data protection laws.

This Statement applies to personal data processed in connection with our website, https://fifthandtee.com/ (the "Website"), and all consulting, branding, development, automation, and related services (the "Services").

We are committed to ensuring that personal data is processed lawfully, fairly, transparently, and securely.

Data Controller Information

For purposes of GDPR and applicable data protection laws, the data controller is:

Fifth and Tee LLC
75 E 3rd St, Sheridan, WY 82801, United States
Email: info@fifthandtee.com
Website: https://fifthandtee.com/

Scope of Data Processing

We may process personal data of:

• website visitors
• clients and prospective clients
• business contacts
• service users
• individuals interacting with our digital platforms
• individuals whose data is provided by our clients

This processing may include collection, recording, organization, storage, adaptation, retrieval, consultation, use, transmission, restriction, or deletion of personal data.

Categories of Personal Data Processed

We may process the following categories of personal data:

Identification data

• name
• company name
• job title

Contact data

• email address
• phone number

Technical data

• IP address
• device information
• browser information
• usage data

Business-related data

• project information
• brand and marketing information
• communication content

Financial and billing data

• billing contact details
• transaction records

We do not intentionally collect sensitive personal data unless explicitly required and authorized.

Legal Basis for Processing

We process personal data under one or more of the following legal bases under GDPR:

Contractual necessity
Processing is necessary to perform Services or enter into agreements.

Legitimate interests
Processing is necessary for legitimate business purposes, including:

• providing and improving Services
• maintaining Website functionality
• ensuring security
• preventing fraud

Consent
Processing is based on your consent, including for marketing or analytics where required.

Legal obligation
Processing is necessary to comply with legal or regulatory obligations.

Purpose of Processing

We process personal data for purposes including:

• providing Services
• managing client relationships
• responding to inquiries
• communicating with users
• processing payments and invoices
• improving Website performance
• maintaining security
• complying with legal obligations

Data Minimization and Purpose Limitation

We collect and process only personal data necessary for legitimate business purposes.

We do not process personal data in ways incompatible with the purposes for which it was collected.

Accuracy of Data

We take reasonable steps to ensure that personal data is accurate and up to date.

Users may request correction of inaccurate or incomplete data.

Data Retention

We retain personal data only for as long as necessary for:

• service delivery
• legal compliance
• dispute resolution
• enforcement of agreements

Retention periods depend on the nature of the data and applicable legal requirements.

When personal data is no longer required, it is securely deleted or anonymized.

Data Security Measures

We implement appropriate technical and organizational measures to protect personal data, including:

• encryption of data in transit
• secure infrastructure
• access control systems
• authentication mechanisms
• limited access to authorized personnel
• monitoring and security procedures

Despite these measures, absolute security cannot be guaranteed.

Data Processors and Third Parties

We may engage third-party service providers ("Processors") to assist with operations, including:

• hosting providers
• payment processors such as Stripe
• analytics providers
• communication platforms
• scheduling tools
• infrastructure providers

Processors are contractually required to:

• process personal data only as instructed
• implement appropriate security measures
• comply with applicable data protection laws

International Data Transfers

Personal data may be transferred to and processed in the United States and other countries.

When transferring data outside the European Economic Area, we implement appropriate safeguards, including:

• Standard Contractual Clauses (SCCs)
• contractual data protection obligations
• secure processing measures

By using our Website or Services, you acknowledge and consent to such transfers where applicable.

Data Subject Rights

Under GDPR, individuals have the following rights:

• Right of access - You may request access to your personal data.
• Right to rectification - You may request correction of inaccurate or incomplete data.
• Right to erasure - You may request deletion of personal data, subject to legal limitations.
• Right to restriction of processing - You may request limitation of processing under certain conditions.
• Right to data portability - You may request a portable copy of your personal data.
• Right to object - You may object to processing based on legitimate interests.
• Right to withdraw consent - You may withdraw consent at any time where processing is based on consent.
• Right to lodge a complaint - You may lodge a complaint with a supervisory authority.

To exercise your rights, contact us at info@fifthandtee.com.

Verification of Identity

We may require identity verification before processing requests to protect personal data from unauthorized access.

Data Breach Notification

In the event of a personal data breach, we will:

• investigate the incident
• take appropriate remedial action
• notify affected individuals and authorities when required by law

Automated Decision-Making

We do not engage in automated decision-making or profiling that produces legal or similarly significant effects.

Data Protection Principles

We adhere to the following GDPR principles:

• lawfulness, fairness, and transparency
• purpose limitation
• data minimization
• accuracy
• storage limitation
• integrity and confidentiality
• accountability

Third-Party Data Provided by Clients

Clients may provide personal data of third parties as part of Services.

Clients are responsible for ensuring that:

• such data is lawfully obtained
• proper authorization is provided
• applicable privacy laws are followed

Data Protection by Design and by Default

We implement data protection measures during system design and operation to ensure privacy protection.

Children's Data

Our Website and Services are not intended for individuals under the age of 18.

We do not knowingly collect personal data from children.

Supervisory Authority

Individuals located in the European Economic Area have the right to contact their local data protection authority.

Changes to This Statement

We reserve the right to update this Statement at any time.

Updated versions will be posted on this page with a revised Effective Date.

Continued use of the Website or Services constitutes acceptance of updated terms.

Contact Information

Fifth and Tee LLC
75 E 3rd St, Sheridan, WY 82801, United States
Email: info@fifthandtee.com
Website: https://fifthandtee.com/