Legal Policies

Privacy Policy

Effective date: October 14, 2025

This Privacy Policy explains Kastner & Partners, Inc. dba Kastner Los Angeles (“Kastner,” “we,” “us,” or “our”) online and offline data practices, including the kinds of personal data we collect, how we collect and use it, and to whom we disclose it. This Privacy Policy applies to information we collect in the course of providing our services, including information about our enterprise customers and visitors to our informational website https://www.kastner-los-angeles.agency. It does not apply to third-party websites, applications, products, services, or other properties, even if our Services link to them or vice versa. We recommend that you review the privacy practices of those third parties before sharing personal data with them.

For the purposes of many privacy laws, we are the data controller of personal data subject to this Privacy Policy. Our contact information in the “Contact Us” section of this Privacy Policy (Section 10).

Please note that we are providing the following disclosures in this Privacy Policy in the interest of transparency. Such disclosures are not intended to waive any applicable exemptions under state and federal law.

‍1. Personal Data Collection
As used in this Privacy Policy, “personal data” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with an identifiable individual. Personal data includes “personal information” as that term is defined in applicable privacy laws. Personal data does not include publicly available information, which includes information that is made available from federal, state, or local government records; information that a business has a reasonable basis to believe is lawfully available to the general public, either through widely distributed media, or by the individual; and information that is made available by a person to whom the individual has disclosed the information if the individual has not restricted the information to a specific audience.

We may collect personal data from the following sources:

· Our enterprise customers. We collect information directly from our enterprise customers in furtherance of offering our services, including first and last name; phone number; business address; business email address; and professional or employment information.

· Service providers. We may collect personal data via our service providers, including those providing hosting, analytics, customer and technical support, and other services.

· Other third parties. We may also collect personal data from business and marketing partners and affiliates.

We may combine the personal data we receive from third parties with personal data we otherwise collect. We may also create aggregated, deidentified, or anonymous information from data by removing certain data components that makes the data identifiable, or through aggregation, obfuscation, or other means. Subject to applicable law, our use and disclosure of such aggregated, deidentified, and anonymized information is not personal data or subject to this Privacy Policy.

2. Personal Data Use
We use the personal data we collect for the following purposes:

To provide, operate, maintain, improve, personalize, and expand our services;
To provide customer service and support;
To communicate with you in accordance with your preferences to provide you with updates and other information relating to our services and our policies, and for marketing and promotional purposes;
To perform internal analytics;
To market our services;
For internal business purposes, including general business administration;
For systems and data security, including to prevent unauthorized, improper, or illegal activities;
To comply with our legal obligations, including responding to subpoenas, court orders, or legal process; and to establish or exercise our legal rights or defenses against legal claims;
To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal data held by us about the users of our Services is among the assets transferred;
For purposes disclosed at the time you provide your information or as otherwise set forth in this Privacy Policy or for any other legal purpose not inconsistent with this Privacy Policy; and
For any other purpose consistent with your consent and expressed preferences.

3. Personal Data Disclosure

We may disclose personal data to the following categories of third parties:

· Our affiliates. We may disclose personal data to our affiliates to provide our services and for internal business purposes.

· Service providers. We may disclose personal data to our service providers to provide services on our behalf, such as hosting, analytics, customer and technical support, and other services. These service providers are bound by our instructions and are regularly monitored by us.

Business transferees. If we or our affiliates are involved in a merger, acquisition, asset sale, or other corporate combination, personal data may be transferred to the acquiring or surviving entity.

· Professional advisors. We may disclose personal data to our professional advisors, including lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services they render to us.

Authorities for compliance and harm prevention. Under certain circumstances, we may be required to disclose personal data if required to do so by law or in response to valid requests by public authorities, and/or in response to a threat of harm involving an individual’s health and/or safety.
Other parties with your consent. We may disclose personal data to other parties with your consent.

‍4. Legal Bases for Processing

We rely on one or more legal bases to process personal data under applicable law. We may process personal data (i) as necessary to perform our contractual obligations to you, including, but not limited to, those obligations in our Terms of Service; (ii) as necessary to pursue our legitimate business interests as further detailed below; (iii) as necessary for our compliance with our legal obligations such as a request or order from courts, law enforcement or other government authorities; and/or (iv) with your consent.

We may collect, process, and maintain personal data to pursue the legitimate business interests outlined below. To determine these legitimate interests, we balance our legitimate interests against the legitimate interests and rights of you and others and only process personal data in accordance with those interests where they are not overridden by your data-protection interests or fundamental rights and freedoms. Our legitimate interests generally include:

Providing, improving, and developing our services, including to deliver your requested services, send you messages and provide user support, customize the Sites to better fit your needs as a user, develop new products and services, and perform internal analytics and research and development. This also includes sharing personal data with our trusted service providers that provide services on our behalf.
Protecting you and others and to create and maintain a trusted environment, such as to comply with our legal obligations, to ensure compliance our agreements with you and other third parties, to ensure safe, secure, and reliable services, and to detect and prevent wrongdoing and crime, assure compliance with our policies, and protect and defend our rights, interests, and property. In connection with the activities above, we may conduct internal research and profiling based on your interactions on various services, content you submit to us, and information obtained from third parties.

Providing, personalizing, measuring, and improving our marketing, including sending you promotional messages and other information that may be of interest to you with your consent. We may also use personal data to understand our user base and the effectiveness of our marketing. This processing is done pursuant to our legitimate interest in undertaking marketing activities to offer products or services that may be of interest to you.

5. International Transfers
We may transfer, store, and use information we collect and maintain about you, including personal data outside of your state, province, country, or other governmental jurisdiction. For such transfers, we take the necessary measures to ensure that your personal information receives an adequate level of protection. Please note that the data protection laws in the jurisdiction in which we process personal data may differ from those of your jurisdiction, and in certain circumstances, your personal data may be subject to access requests from governments, courts, law enforcement agencies or regulatory agencies in those other jurisdictions.

‍6. Security and Retention

The security of your personal data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. We maintain appropriate technical, administrative and physical safeguards to help protect the security of your personal data against unauthorized access, destruction, loss, alteration, disclosure or misuse.

We retain personal data only for as long as is necessary to provide our services, to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. We also retain certain personal data for internal analysis purposes. This personal data is generally retained for a shorter period, except when it is used to strengthen the security or to improve the functionality of our services, or we are legally obligated to retain this data for longer time periods. Our determination of precise retention periods will be based on (a) the length of time we have an ongoing relationship with you; (b) whether there is a legal obligation to which we are subject; and (c) whether retention is advisable given our legal position, including regard to applicable statutes of limitations, litigation, or regulatory investigations.

7. Children's Privacy
Our services are not intended for anyone under the age of 18, and we do not knowingly collect personal data from anyone under the age of 18. If you are a parent or guardian and you are aware that a child has provided us with personal data, please contact us, and we will take steps to remove that information from our servers.

8. Notice to Individuals in the EEA, UK, and Switzerland

This Notice applies to any individuals located within the European Economic Area (“EEA”), the United Kingdom (“UK”), and Switzerland about whom we may have collected personal data from any source, including through your use of the Sites. We provide this Notice in addition to the disclosures throughout the rest of this Privacy Policy to comply with applicable privacy laws, including the General Data Protection Act (“GDPR”), the UK GDPR, Switzerland’s Federal Act on Data Protection, and related laws, regulations, and guidance from the European Union and/or its member states (collectively, “European Privacy Laws”).

In certain circumstances, individuals located within the EEA, UK, and Switzerland are entitled to the following privacy rights:

Right to Access. You have the right to request confirmation of whether we process personal data relating to you, and if so, to request a copy of that personal data.
Right to Erasure. You have the right to request that we erase your personal data in certain circumstances provided by law.
Right to Rectification. You have the right to request to have your personal data corrected or updated if that information is inaccurate, outdated, or incomplete.
Right to Object to Processing. You have the right to object to our processing of your personal data.
Right to Restrict Processing. You have the right to request that we restrict the processing of your personal data.
Right to Data Portability. You have the right to request that we provide you with a copy of your personal data in a structured, machine-readable and commonly used format.
Right to Withdraw Consent. You also have the right to withdraw your consent at any time where we rely on your consent to process your personal data.
Right to Lodge Complaint. You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority.
- A list of EU supervisory authorities is available here.
- The relevant UK supervisory authority is the UK Information Commissioner’s Office r.
- The relevant Swiss supervisory authority is the Federal Data Protection and Information Commissioner.

To exercise your privacy rights described above, please email us at losangeles@us.kastner.agency. Any request you submit to us is subject to an identification and residency verification process as permitted under applicable law. Additionally, all requests are subject to certain exceptions under applicable law, which may vary.

9. Changes To This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We will let you know via email and/or a prominent notice on our website, prior to the change becoming effective and will update the "effective date" at the top of this Privacy Policy. We recommend reviewing this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

‍10. Contact Us
If you have any questions about this Privacy Policy, please contact us at losangeles@us.kastner.agency.

Controller Information
Kastner Los Angeles
3107 S. La Cienega Blvd.

Los Angeles, CA 90016
USA
Phone: 310.458.2000
E-mail: losangeles@us.kastner.agency

Company information

Privacy Policy