This Privacy Policy explains how information about you is collected, used and disclosed by Studio MDS, LLC DBA Shift Nudge ("Company," "we," "us" or "our"). This Privacy Policy applies to information we collect when you use our websites, mobile applications and the services, content and materials made available through our websites or mobile applications (collectively, the "Services"), or when you otherwise interact with us.
Last Updated: October 27, 2025
We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the "Last Updated" date at the top of this policy and, in some cases, we may provide you with additional notice (such as by adding a statement to our website or by sending you a notification). We encourage you to review our Privacy Policy whenever you access the Services or otherwise interact with us to stay informed about our information practices and the ways you can help protect your privacy.
All questions or comments about this Privacy Policy should be directed to help@shiftnudge.com
We collect information you provide directly to us. For example, we collect information when you create an account, participate in any interactive features of the Services, subscribe to a newsletter or email list, participate in an event, survey, contest or promotion, make a purchase, communicate with us via third-party social media sites, request customer support or otherwise communicate with us.
The types of information we may collect include your name, email address, postal address, phone number, payment information (such as your credit or debit card and billing address), preference or interest data, and any other information you choose to provide.
When you access or use our Services, we automatically collect information about you, including:
Log Information: We collect log information about your use of the Services, including your Internet Protocol ("IP") address, web request, access times, pages viewed, web browser, links clicked and the page you visited before navigating to the Services.
Device Information: We collect information about the device you use to access our Services, including the hardware model, operating system and version, unique device identifiers, mobile network information and information about your use of our mobile applications.
Information Collected by Cookies and Other Tracking Technologies: We and our service providers use various technologies to collect information, including cookies and web beacons. Cookies are small data files stored on your hard drive or in device memory that help us improve our Services and your experience, see which areas and features of our Services are popular, and count visits. Web beacons are electronic images that may be used in our Services or emails and help deliver cookies, count visits, and understand usage and campaign effectiveness. For more information about cookies, and how to control them, please see Section 5 below.
We may also obtain information from other sources and combine that with information we collect through our Services. For example, if you create or log into your account through a third-party social media site, we will have access to certain information from that site, such as your name, account information and friends lists, in accordance with the authorization procedures determined by such social media site.
We may use information about you for various purposes, including to:
Provide, maintain, improve and promote our products and services; provide and deliver the information, products and services you request, process transactions and send you related information, including confirmations and receipts; send you technical notices, updates, security alerts, and support and administrative messages; respond to your comments, questions and requests, and provide customer support; communicate with you about products, services, surveys, offers, promotions, rewards and events offered by Company and others, and provide news and information we think will be of interest to you; monitor and analyze trends, usage and activities in connection with our Services; personalize and improve the Services and provide content or features that match user profiles or interests; facilitate contests, sweepstakes and promotions, and process and deliver entries and rewards; link or combine with information we get from others to help understand your needs and provide you with better service; detect, investigate and prevent fraudulent transactions and other illegal activities and protect the rights and property of Company and others; comply with legal obligations; and carry out any other purpose for which the information was collected.
We are based in the United States and the information we collect is governed by U.S. law. See Section 7 (International Data Transfers) for how we protect personal data when it is transferred outside your country.
We may share information about you as follows or as otherwise described in this Privacy Policy:
We share information with vendors, consultants and other service providers who need access to such information to carry out work on our behalf. These service providers include:
Payment processing providers; email marketing and communications platforms; customer support tools; website hosting and infrastructure services; analytics services; customer relationship management and sales platforms; project and workflow management tools; and course content hosting and delivery systems.
We do not store credit card information on our servers. All payment processing is handled securely by third-party payment processors.
We may update our service providers from time to time. Material changes will be reflected in this section or communicated through updates to this Privacy Policy.
We may disclose information about you in response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation or legal process; if we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property and safety of Company or others.
We may share or transfer information in connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company. You will be notified via email and/or a prominent notice on our Services of any change in ownership or uses of your information, as well as any choices you may have regarding your information.
We may share information about you with your consent or at your direction.
We may share aggregate or de-identified information, which cannot reasonably be used to identify you, for analytics, research, and other business purposes.
The Services may offer social sharing features and other integrated tools, which let you share actions you take on our Services with other media, and vice versa. Your use of such features enables the sharing of information with your friends or the public, depending on the settings you establish with the entity that provides the social sharing feature. For more information about the purpose and scope of data collection and processing in connection with social sharing features, please visit the privacy policies of the entities that provide these features.
Necessary Cookies: These cookies are essential for the Services to function properly. They enable core functionality such as security, network management, and accessibility.
Functional Cookies: These cookies enable personalized features and remember your preferences (such as language or region).
Analytics: We use Fathom Analytics, a privacy-focused analytics service that does not use cookies or collect personal information.
Marketing Cookies: Marketing cookies may be set through our site by third-party advertising partners if you interact with such services. These cookies may be used to build a profile of your interests and show you relevant ads on other sites.
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability or functionality of our Services.
To opt out of interest-based advertising by participating companies, visit the Digital Advertising Alliance at www.aboutads.info/choices.
Access Your Information: You may review, correct or modify information maintained in your online account by logging into your account or by emailing us at help@shiftnudge.com.
Delete Your Account: If you wish to delete or deactivate your account, please email us at help@shiftnudge.com. Note that some information you provide through the Services may continue to be accessible and that we may continue to store information about you as required by law or for legitimate business purposes. We may also retain cached or archived copies of information about you for a certain period of time.
Marketing Communications: We send marketing emails in accordance with applicable law (including CAN-SPAM and PECR). You can opt out at any time by using the unsubscribe link in the email or by emailing help@shiftnudge.com. If you opt out, we may still send you non-promotional communications, such as those about your account or our ongoing business relations.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
Categories of Personal Information: We collect the following categories of personal information: identifiers (name, email, IP address); commercial information (purchase history, payment information); internet activity (browsing history, interactions with our Services); and professional information (occupation, if provided).
Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell about you.
Right to Delete: You have the right to request that we delete personal information we have collected from you, subject to certain exceptions.
Sale/Share of Personal Information: We do not sell personal information and we do not share personal information for cross-context behavioral advertising as those terms are defined by the CPRA. If our practices change, we will update this Policy and provide a "Do Not Sell or Share My Personal Information" link.
Sensitive Personal Information: We do not use or disclose Sensitive Personal Information for purposes other than those permitted by the CPRA (e.g., to provide the Services, ensure security, or as otherwise allowed by law).
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
Submitting Requests & Verification: You may submit Right-to-Know or Deletion requests by emailing help@shiftnudge.com with "California Privacy Rights" in the subject line or by mail to the address in Section 13. We will verify your request by matching information you provide with information we maintain. You may designate an authorized agent to make a request on your behalf; the agent must provide proof of authorization, and we may still require you to verify your identity directly.
Response Time: We will respond to verifiable consumer requests within 45 days of receipt (extendable once by 45 days when reasonably necessary with notice).
Financial Incentives: We do not offer programs that provide price or service differences related to the collection, retention, sale, or sharing of personal information. If this changes, we will describe the material terms and how to opt in.
Depending on your state of residence, you may have additional privacy rights including the right to access, correct, delete, or opt out of targeted advertising or certain profiling activities. You may opt out of targeted advertising by contacting help@shiftnudge.com and by adjusting cookie preferences where available. To exercise other rights, please contact help@shiftnudge.com with your state and request details. If we deny your request, you may appeal by replying "Appeal" to our decision email within a reasonable time; we will explain our decision in writing within the timeframe required by your state's law.
We do not sell covered information as defined under Nevada law. Nevada residents may submit a verified request to help@shiftnudge.com to opt out of the sale of covered information.
If you are located in the European Economic Area (EEA) or United Kingdom, you have certain rights under the General Data Protection Regulation (GDPR):
Controller: Studio MDS, LLC is the controller of your personal data. For our direct Services to individual users, we act as a controller. For certain team or enterprise features where we process personal information solely on a customer's instructions, we act as a processor and our data processing terms apply.
Legal Basis for Processing: We process your personal data based on the following legal grounds: (a) with your consent; (b) to perform our contract with you (e.g., to provide Services you have requested); (c) for our legitimate interests (e.g., to improve our Services, prevent fraud); and (d) to comply with legal obligations.
International Transfers: We rely on Standard Contractual Clauses approved by the European Commission and, where applicable, data transfer frameworks or adequacy decisions.
Right to Access: You have the right to access personal data we hold about you and to receive a copy of it.
Right to Rectification: You have the right to correct inaccurate or incomplete personal data.
Right to Erasure: You have the right to request deletion of your personal data in certain circumstances.
Right to Restriction: You have the right to request that we restrict processing of your personal data in certain circumstances.
Right to Data Portability: You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller.
Right to Object: You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw consent at any time.
Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in your jurisdiction.
Automated Decision-Making: We do not use personal data for decisions producing legal or similarly significant effects based solely on automated processing.
To exercise these rights, please email help@shiftnudge.com with "GDPR Request" in the subject line. We will respond to your request within one month.
Lodging Complaints: EEA residents may lodge a complaint with their local data protection authority; a list is available from the European Data Protection Board (EDPB). UK residents may contact the Information Commissioner's Office (ICO) at ico.org.uk.
We are based in the United States and process information in the U.S. and other countries. If you are accessing our Services from outside the United States, please be aware that information we collect may be transferred to, stored, and processed in the United States and other countries where our service providers operate.
For users in the European Economic Area and United Kingdom, we implement appropriate safeguards for international data transfers, including standard contractual clauses approved by the European Commission and, where applicable, data transfer frameworks or adequacy decisions.
We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:
The length of time we have an ongoing relationship with you and provide Services to you (for example, for as long as you have an account with us); whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); and whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).
When you close your account, we will retain certain information for legitimate business purposes and to comply with legal obligations. For example, we may retain transaction records for seven (7) years to comply with tax and accounting requirements. We may also retain cached or archived copies of information for a reasonable period of time.
Company takes reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. We use industry-standard security measures including encryption for data in transit (SSL/TLS), secure server infrastructure, access controls, and regular security assessments.
However, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account password and for any activity that occurs under your account.
In the event of a data breach that affects your personal information, we will notify you and any applicable regulatory authorities as required by law. Notification will be provided without undue delay and, where feasible, within 72 hours of becoming aware of the breach.
We will provide information about the nature of the breach, the categories of data affected, the approximate number of individuals affected, the likely consequences, and the measures we have taken or propose to take to address the breach and mitigate potential adverse effects.
If you believe your account has been compromised, please contact us immediately at help@shiftnudge.com. We recommend that you change your password and review your account activity.
The Services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on the Services or through any of its features.
If we learn that we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at help@shiftnudge.com.
Individuals under 18 should not use the Services; see our Terms of Service for eligibility requirements. This policy complies with the Children's Online Privacy Protection Act (COPPA).
Some web browsers incorporate a "Do Not Track" (DNT) feature that signals to websites you visit that you do not want to have your online activity tracked. How browsers communicate the DNT signal is not yet uniform, and there is no industry standard for how websites should respond to DNT signals. At this time, our Services do not respond to DNT signals. We will continue to monitor developments in DNT browser technology and the implementation of a standard.
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by revising the "Last Updated" date at the top of this policy and, in some cases, we may provide you with additional notice (such as by adding a statement to our homepage or by sending you an email notification).
We encourage you to review this Privacy Policy regularly to stay informed about our information practices and the choices available to you. Your continued use of the Services after we make changes indicates your acceptance of the updated Privacy Policy.
If you have any questions about this Privacy Policy or our privacy practices, please contact us at:
Studio MDS, LLC
1720 Epps Bridge Pkwy, Suite 108, Unit 330
Athens, GA 30606
Email: help@shiftnudge.com