Privacy Policy

1) Scope & Audience

This Privacy Policy describes how Confused Productions, LLC (“Confused Productions,” “we,” “us,” or “our”) collects, uses, discloses, and otherwise processes information relating to identified or identifiable individuals in connection with:

ConfusedIdealist.com, including its public pages and a weekly-updated paywalled writing section (collectively, the “Sites”);

• Any associated pages and experiences we operate that link to this Privacy Policy, including embedded or linked third-party content and players (e.g., YouTube, podcast platforms); and

• Our offline activities related to in-person services, events, sales, and commissions.

Certain site terms govern your use of the Sites and Services. Please review our Terms of Use for contractual terms and our Accessibility Statement for accessibility commitments. Where those documents cover a topic, we cross-reference rather than repeat it here.

Some features are provided or hosted by third parties (e.g., Squarespace storefront, Printful fulfillment, Etsy marketplace, Patreon memberships, YouTube and podcast players, social media platforms, payment processors). Those providers process information under their own privacy notices and terms.

2) Defined Terms

For clarity and consistency:

  • Controller” means the entity that determines the purposes and means of processing Personal Information. Confused Productions is the Controller for processing described in this Policy.

  • Processor,” “Service Provider,” or “Contractor” refers to an entity that processes Personal Information on our behalf, subject to contractual restrictions (terminology varies by law).

  • Personal Information” / “Personal Data” means information that identifies, relates to, describes, can reasonably be associated with, or could reasonably be linked (directly or indirectly) with an individual or household.

  • “Sensitive Personal Information” (or similar statutory term) may include, for example, precise geolocation, government IDs, financial account credentials, health data, or information about a person’s protected characteristics, depending on applicable law.

  • Processing” means any operation performed on Personal Information (collection, storage, use, disclosure, etc.).

  • Business Purpose” refers to use reasonably necessary and proportionate to operate our business and provide requested Services.

  • Commercial Purpose” refers to marketing or advertising activities, including cross-context behavioral advertising (sometimes called “Targeted Advertising”).

  • Sell” / “Share” follow U.S. state law definitions. “Sell” generally means disclosing Personal Information for monetary or other valuable consideration. “Share” (CA) means disclosing Personal Information to a third party for cross-context behavioral advertising.

  • Profiling” means automated processing to evaluate certain personal aspects (e.g., interests, preferences) as defined under certain laws.

  • Sites” means ConfusedIdealist.com (public and paywalled sections) and any associated pages we control that link to this Policy.

  • Services” means our online and offline creative offerings, including paywalled writing, filmmaking and writing services (in-person and virtual), and related customer support.

  • Members” are subscribers to our paywalled content or patrons via Patreon tiers.

  • Orders” are purchases of goods or services via our storefronts (Squarespace, Etsy, Patreon merchandise), social-commerce, and in-person sales.

  • User-Generated Content” or “UGC” means content a user posts, uploads, or otherwise submits to us or publicly on our Sites or community spaces.

3) Categories of Personal Information Collected

We collect the following categories, the specifics of which depend on how you interact with us:

1. Identifiers and Contact Information

Names, display names/handles, email addresses, postal addresses, phone numbers, usernames, membership IDs, limited government ID details if legally required for payments/tax (generally collected by processors).

2. Commercial Information

Products/services purchased or considered; Order details; fulfillment and shipping data; Patreon tier participation; membership status; donation or tip history; limited payment metadata (e.g., payment method type, last four digits) provided by processors.

3. Internet or Network Activity

Device identifiers; IP address (approximate geolocation); cookie/SDK IDs; pages viewed; referring/exit pages; timestamps; language and browser settings; crash logs; performance and diagnostic data.

4. Approximate Geolocation

Derived from IP address or general device settings; we do not seek precise geolocation unless you explicitly provide or enable it (e.g., for a location-based service).

5. Audio-Visual and Media Interaction Data

Interactions with embedded players (e.g., YouTube), podcast listens/plays as reported by distribution platforms, and imagery you submit (e.g., UGC).

6. User-Generated Content (UGC)

Public posts, comments, messages to us, submissions for collaborations, testimonials, or other materials you provide.

7. Inferences

Potential inferences about interests or preferences inferred from your interactions where permitted by law and our cookie/SDK settings.

8. Professional/Employment Data (if applicable)

If you inquire about work, contract, or collaboration: resume/CV data, portfolio links, rates, and related correspondence.

9. Sensitive Personal Information (limited and conditional)

Generally not sought. If required for a specific lawful purpose (e.g., tax documentation for contractors handled by processors), we will collect the minimum necessary and apply heightened protections.

Note: Full payment card numbers and security codes are not collected or stored by us; those are handled by payment processors (e.g., Squarespace Payments, PayPal, Stripe, Square).

4) Sources of Personal Information

  • Directly from you (forms, Orders, memberships, UGC, messages, bookings/commissions, in-person sales).

  • Automatically through cookies, pixels, SDKs, logs, and similar technologies on our Sites and mobile browsers.

  • From our processors/platforms (e.g., Squarespace, Printful, Etsy, Patreon, YouTube/podcast distributors, payment processors, analytics/security/CDN providers such as Cloudflare, and shipping carriers).

  • From publicly available sources (e.g., social media profiles you make public, public records).

  • From social platforms when you interact with our pages, ads, or community spaces (e.g., Instagram, X/Twitter, Facebook Pages, Discord, Twitch, Snapchat).

5) Purposes of Processing

We process Personal Information for:

  • Service Delivery & Operations (Business Purposes): Provide the Sites and Services; operate paywalled content; process Orders; fulfill and ship products; maintain accounts and memberships; provide customer support; authenticate users; ensure accessibility objectives (see our Accessibility Statement).

  • Payments & Fraud Prevention (Business Purposes): Facilitate payments through processors; verify transactions; detect, prevent, and respond to fraud, abuse, and security incidents.

  • Communications (Business/Commercial): Send transactional messages (e.g., receipts, service notices) and, where permitted, marketing/promotional messages (opt-out available).

  • Analytics, Performance & Security (Business): Measure usage; diagnose performance; improve features; enforce Terms of Use; maintain the availability and integrity of our systems.

  • Marketing & Advertising (Commercial): Show or measure ads, including cross-context behavioral advertising/Targeted Advertising where allowed and subject to your choices.

  • Compliance & Recordkeeping (Business): Comply with legal obligations (tax/audit), respond to lawful requests, maintain appropriate business records, and establish/exercise/defend legal claims.

  • Safety & Rights (Business): Protect our users, personnel, property, and rights; moderate UGC; prevent violations of policies or law.

6) Lawful Bases for EEA/UK Processing

Where the GDPR/UK GDPR applies, our processing relies on:

Contract: To provide requested Services, memberships, and Orders.

Consent: For certain marketing communications, cookies/SDKs not strictly necessary, and where required by law. You may withdraw consent at any time without affecting prior lawful processing.

Legitimate Interests: To secure and improve the Sites and Services; perform analytics; prevent fraud; and promote our offerings, balanced against your interests and rights.

Legal Obligation: To comply with bookkeeping, tax, and other mandatory requirements.

7) Cookies, Tracking Technologies, and Online Identifiers

We use cookies, pixels, SDKs, local storage, and server logs to operate the Sites, remember preferences, analyze usage, and (where permitted) support advertising/measurement. This may involve third-party platforms (for example, advertising or analytics partners and social networks such as Meta and X/Twitter) receiving or setting identifiers on our pages.

Categories typically include:

Strictly Necessary (site functionality, security, paywall access, cart/checkout);

Functional (preferences, improved experience);

Analytics (traffic, performance, session measurement);

Advertising (ad delivery, cross-context behavioral advertising/Targeted Advertising, measurement).

Your Choices:

• Use our cookie controls at [Cookie Settings URL] to manage categories (other than strictly necessary).

• Manage cookies via browser settings and mobile OS ad settings.

• We recognize Global Privacy Control (GPC) signals where required by applicable U.S. laws. If your browser sends a GPC signal, we treat it as a valid request to opt out of “sale”/“sharing”/Targeted Advertising for that browser, to the extent required.

Do Not Track (DNT): Industry standards for DNT are not uniform; we generally do not respond to DNT signals, but we do honor GPC as stated above.

8) Disclosure of Personal Information

We disclose Personal Information as reasonably necessary for the purposes described above:

Service Providers/Processors/Contractors:

Hosting/Storefront: Squarespace.

Fulfillment: Printful.

Marketplaces/Memberships: Etsy, Patreon.

Payment Processors: Squarespace Payments, PayPal, Stripe, Square.

Shipping Carriers: e.g., USPS, UPS, FedEx or local couriers.

CDN/Security/Performance: e.g., Cloudflare.

Analytics/Advertising Partners: as configured from time to time.

Professional Advisors: auditors, accountants, legal counsel.

These parties are restricted from using Personal Information for purposes other than providing services to us, per contract and applicable law.

Independent Third Parties (Separate Controllers):

Social networks, app stores, video and podcast platforms (e.g., YouTube and podcast distributors), and marketplace platforms (e.g., Etsy, Patreon) that you choose to interact with operate under their own privacy notices and may independently collect or receive information via plugins, embeds, or when you engage with our official pages.

Legal & Safety:

If required or permitted by law, to competent authorities, courts, or third parties to protect rights, safety, or property, to enforce our Terms of Use, or in connection with claims/disputes.

Corporate Transactions:

In connection with (or during negotiations of) any merger, sale, asset transfer, financing, acquisition, reorganization, bankruptcy, or similar event.

Selling/Sharing/Targeted Advertising:

We do not “sell” Personal Information in the literal sense of exchanging lists for money. However, some U.S. state laws define “sale” and “sharing” broadly to include certain advertising and analytics disclosures via cookies/SDKs. To the extent those laws apply, you may opt out of “sale”/“sharing”/Targeted Advertising via [Cookie Settings URL] and your browser’s GPC signal. Additional opt-out rights are described in Section 14.

9) International Data Transfers

We are based in the United States and may process information in the U.S. and other countries with different data protection laws than your country. Where required for EEA/UK transfers, we rely on Standard Contractual Clauses (SCCs) (and, where applicable, the UK Addendum) and implement supplementary measures appropriate to the nature of the data and processing. Third-party platforms (e.g., YouTube, social networks, payment processors) may process data globally as described in their own notices.

10) Data Retention

We retain Personal Information for as long as reasonably necessary to:

• Provide the Sites/Services and maintain your account/membership;

• Fulfill Orders and handle returns, support, and disputes;

• Meet legal, tax, accounting, and auditing obligations;

• Enforce our Terms of Use and protect rights and safety.

Because needs vary, we apply principled criteria (e.g., the nature of data, legal requirements, ongoing relationships, and security needs) rather than fixed retention periods, unless the law requires otherwise.

11) Security

We employ administrative, organizational, and technical safeguards proportionate to the risks presented by our processing (e.g., access controls, encryption in transit where appropriate, least-privilege practices, vendor due diligence). No security program can guarantee absolute security. You are responsible for maintaining the confidentiality of your credentials and for using secure networks and devices when accessing the Sites.

12) Children’s Privacy

Our Sites and Services are not directed to children under 13. We do not knowingly collect Personal Information from children under 13. If we learn we have inadvertently collected such information, we will delete it. Parents or guardians who believe a child has provided Personal Information may contact us at Parents@ConfusedProductions.com.

13) Your Privacy Rights (U.S. State Laws)

Residents of certain U.S. states (including California [CCPA/CPRA], Colorado [CPA], Virginia [VCDPA], Connecticut [CTDPA], Utah [UCPA], and substantially similar regimes) may have some or all of the following rights, subject to exceptions:

Right to Know/Access: Request access to the Personal Information we maintain about you.

Right to Correction: Request we correct inaccuracies.

Right to Deletion: Request we delete Personal Information we collected from or about you.

Right to Portability: Request a copy of your Personal Information in a portable format.

Right to Opt Out: Opt out of the “sale” of Personal Information, “sharing” for cross-context behavioral advertising, Targeted Advertising, and (where applicable) Profiling in furtherance of decisions that produce legal or similarly significant effects.

Right to Limit Use/Disclosure of Sensitive Personal Information (CA): Where applicable, request limits on certain uses/disclosures of Sensitive Personal Information.

Non-Discrimination: We will not discriminate against you for exercising your rights.

Global Privacy Control (GPC): Where required, we treat a valid GPC signal as an opt-out of “sale”/“sharing”/Targeted Advertising for the browser on which the signal is present.

How to Submit a Request (DSAR):

• Web form: [DSAR Webform URL]

• Email: DSAR@ConfusedProductions.com

• Postal mail: Confused Productions

1500 N Grant St

Denver, CO 80203

Please include sufficient information to verify your identity. We may ask for reasonable additional information solely to verify and locate the data. You may designate an authorized agent (CA) to submit a request on your behalf, subject to verification and proof of authorization.

Response Time: We will respond within the timelines required by applicable law (e.g., generally 45 days with the possibility of a lawful extension).

Appeals Process (required in several states, including Colorado):

If we deny your request, you may appeal by replying to our decision or contacting us at PrivacyAppeal@ConfusedProductions.com with “Privacy Appeal” in the subject line. We will explain our decision in writing and inform you of further remedies available under applicable law.

14) EU/UK GDPR Rights (EEA/UK Individuals)

Where the GDPR/UK GDPR applies, you may have the following rights, subject to conditions and exemptions:

Access to your Personal Data;

Rectification of inaccurate or incomplete data;

Erasure (“right to be forgotten”);

Restriction of processing;

Portability of certain data;

Objection to processing based on our legitimate interests (including direct marketing); and

Withdrawal of Consent where processing is based on consent (without affecting prior lawful processing).

Controller: Confused Productions, LLC.

Contact to Exercise Rights: [Contact Email], [Postal Address].

EU Representative: [EU Representative].

UK Representative: [UK Representative].

Data Protection Officer (if appointed): [Data Protection Officer].

You also have the right to lodge a complaint with a supervisory authority. Guidance on identifying your authority is available here: [Supervisory Authority Contact Guidance].

15) Marketing Communications & Automated Decision-Making

Email/SMS Marketing: We send marketing communications with your consent or as otherwise permitted (e.g., soft opt-in to existing customers where lawful). You may unsubscribe via links in our emails or by contacting [Contact Email]. If we offer SMS, you will be informed of frequency and data rates; consent is not a condition of purchase; you may opt out per message instructions.

Automated Decision-Making/Profiling: We do not rely on solely automated decisions that produce legal or similarly significant effects about you. If this changes, we will provide required notices and choices.

16) Payments & Financial Data

Payments are processed by Squarespace Payments, PayPal, Stripe, and/or Square. We do not collect or store full card numbers or security codes on our systems. Your use of these processors is subject to their privacy notices and terms. Please consult those providers for more information.

17) Social Features, Embeds, and External Links

Our Sites may include YouTube or other video/podcast embeds, social widgets, and links to third-party sites and services (e.g., Instagram, X/Twitter, Facebook Pages, Discord, Twitch, Snapchat, Etsy, Patreon). Your interactions with these features are governed by the privacy notices of those third parties, which may independently collect or receive information (including via cookies/SDKs) when you view or interact with embedded content or our official pages.

18) User-Generated Content (UGC) & Public Activities

If you post or submit UGC (e.g., comments, testimonials, creative submissions), it may be publicly visible and indexed by search engines. Do not submit sensitive data in public channels. We may moderate or remove UGC consistent with our Terms of Useand community guidelines.

19) Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will post updates on this page and revise the “Last Updated” date. Where required, we will provide additional notice or obtain consent.

20) Contact Information

Please direct privacy inquiries, requests, or complaints to:

Email: [Contact Email]

Mailing Address: [Postal Address]

Data Subject Request (DSAR) Web Form: [DSAR Webform URL]

Business Hours/Time Zone: [Business Hours/Time Zone]

If you are in the EEA/UK, you may also contact our [EU Representative] or [UK Representative] (if appointed) or lodge a complaint with a supervisory authority (see [Supervisory Authority Contact Guidance]).

21) Additional Notices & Cross-References

• This Policy should be read together with our Terms of Use and Accessibility Statement.

• For content rules, license terms, and acceptable conduct (including UGC), see the Terms of Use.

• For accessibility commitments and contact channels related to accessibility, see the Accessibility Statement.

22) Practical Implementation Notes (Actionable)

To operationalize this Privacy Policy, Confused Productions should:

Configure a Consent & Preference Center: Implement a cookie banner and [Cookie Settings URL] with category toggles (strictly necessary, functional, analytics, advertising), region-aware consent, and GPC recognition.

Publish DSAR Intake: Stand up [DSAR Webform URL], confirm [Contact Email] and [Postal Address], and document a verification workflow (including authorized agent procedures).

Create a Rights Appeals Flow: Implement a tracked email alias (e.g., privacy-appeals@…) and internal SOP to meet state-law appeal deadlines; template responses for approvals/denials.

Maintain a Vendor Inventory & DPAs: Keep an up-to-date list of processors/contractors (e.g., Squarespace, Printful, Etsy, Patreon, Cloudflare, payment processors, analytics/ads partners), with signed data protection agreements and configured data minimization settings.

Advertising/Analytics Governance: Catalog all pixels/SDKs; enable regional consent; set appropriate retention, IP masking (if offered), and data-sharing limits; document whether any disclosures qualify as “sale”/“sharing”/Targeted Advertising and how opt-outs are honored (including GPC).

International Transfer Mechanisms: Where applicable, implement SCCs/UK Addendum with vendors; document supplementary measures and transfer impact assessments.

Retention Schedule: Define retention triggers (e.g., active membership, Order lifecycle + accounting retention, legal holds) and implement deletion/archival routines.

Security Program: Maintain access controls, least-privilege, multi-factor authentication where feasible, encryption in transit, logging/monitoring, incident response plan, and vendor security reviews.

ROPA & DPIAs (if applicable): Maintain Records of Processing Activities and conduct DPIAs for higher-risk processing (e.g., new ad tech, sensitive data).

Training & SLAs: Train staff on intake timelines (e.g., 45-day DSAR response), appeals, and incident escalation; implement internal SLAs.

Marketing Compliance: Ensure unsubscribe links in all marketing emails and appropriate consents for SMS; maintain suppression lists.

Footer & Notices: Add clear links to Privacy Policy, Terms of Use, Accessibility Statement, DSAR Webform, and “Do Not Sell/Share My Personal Information” (if applicable) in the page footer and relevant flows.

Recordkeeping: Log consent, DSAR requests, and responses; maintain change logs for this Policy (versioning).

How We Use This Document

This Policy is designed for a global audience with emphasis on U.S. and EEA/UK requirements. It avoids unnecessary promises, uses defined terms consistently, and cross-references our Terms and Accessibility pages to prevent redundancy. Fill the placeholders below before publication:

NOT LEGAL ADVICE

This Privacy Policy is provided for general informational purposes only and does not constitute legal advice. You should consult your own counsel regarding compliance matters specific to your organization and circumstances.

You acknowledge you have read and agree to these Terms.


Placeholders to Complete:

[Effective Date], [Version], [Contact Email], [Postal Address], [EU Representative], [UK Representative], [Data Protection Officer], [Cookie Settings URL], [DSAR Webform URL], [Business Hours/Time Zone], [Supervisory Authority Contact Guidance]

Effective Date: August 21, 2025

Last Updated: September 7, 2025