Privacy Policy

Last Updated: April 1, 2026

Scenic Markets LLC ("Company," "we," "us," or "our") is committed to protecting your privacy and ensuring complete data sovereignty for our clients. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website https://www.scenicmarkets.com ("Website") or engage our AI consulting and deployment services ("Services").

Please read this Privacy Policy carefully. By accessing the Website or using our Services, you agree to the practices described in this policy. If you do not agree, please discontinue use of our Website and Services.

Our Core Privacy Commitment

Our Core Privacy Commitment:
Scenic Markets LLC deploys AI systems exclusively on our clients' local infrastructure. We never transmit client data to third-party cloud services, external AI platforms, or any systems outside the client's network. Data sovereignty is not an add-on — it is the foundation of everything we do.

1. Information We Collect

1.1 Information You Provide Directly

We may collect information that you voluntarily provide to us, including:

  • Contact information: name, email address, phone number, company name, job title, and mailing address when you fill out contact forms, request a consultation, or subscribe to our communications
  • Business information: company size, industry, technology stack details, and project requirements shared through intake questionnaires, proposals, or consultations
  • Communication records: email correspondence, phone call notes, chat messages, and meeting notes related to our engagements
  • Payment information: billing address, invoice details, and payment method information (we do not store full credit card numbers on our systems)
  • Assessment data: information provided during AI Readiness Assessments, including data inventories, infrastructure details, compliance documentation, and organizational information

1.2 Information Collected Automatically

When you visit our Website, we may automatically collect certain information, including:

  • Device and browser information: IP address, browser type and version, operating system, device type, and screen resolution
  • Usage data: pages visited, time spent on pages, referring URL, click patterns, and navigation paths
  • Cookies and similar technologies: We use cookies, web beacons, and similar technologies to enhance your experience, analyze usage, and support our marketing efforts (see Section 7 below)

1.3 Client Engagement Data

During consulting engagements, we may access or process the following types of client data as necessary to perform our Services:

  • Data architecture documentation and data dictionaries
  • Sample datasets for quality assessment (under mutual NDA)
  • Infrastructure specifications and network diagrams
  • Compliance documentation and security policies
  • Interview notes and stakeholder feedback

All client engagement data is handled under the terms of the applicable mutual Non-Disclosure Agreement and Service Agreement.


2. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, and improve our Services — Performance of contract
  • To communicate with you about engagements, proposals, and deliverables — Performance of contract
  • To send marketing communications (with your consent) — Consent
  • To respond to inquiries and provide customer support — Legitimate interest
  • To process payments and maintain billing records — Performance of contract
  • To analyze Website usage and improve user experience — Legitimate interest
  • To comply with legal obligations and enforce our Terms — Legal obligation
  • To protect against fraud, abuse, and security threats — Legitimate interest

3. Data Sovereignty and Client Data Handling

Scenic Markets LLC maintains strict data sovereignty practices that go beyond standard industry practices:

3.1 On-Premise AI Deployment

  • All AI systems we deploy for clients run exclusively on the client's local infrastructure
  • No client data is transmitted to external cloud services, third-party AI APIs, or any systems outside the client's network during or after deployment
  • AI models trained on client data remain on the client's infrastructure and are owned by the client

3.2 Assessment Phase Data

  • Data shared with us during AI Readiness Assessments is stored on our encrypted local servers in Wayzata, Minnesota — not in cloud storage
  • Assessment data is accessible only to the assigned engagement team
  • Assessment data is securely destroyed within twelve (12) months of engagement completion, unless otherwise agreed in writing
  • We never use client data to train AI models for other clients or for any purpose outside the specific engagement

3.3 Data Destruction

Upon request or upon the expiration of the retention period, client data is securely destroyed using industry-standard methods (NIST 800-88 guidelines). A data destruction certificate is provided upon request.


4. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We may share information only in the following limited circumstances:

  • With your consent: We may share information when you have given us explicit permission to do so
  • Service providers: We may share limited information with trusted third-party service providers who assist us with business operations (e.g., payment processing, email hosting, accounting) under strict confidentiality agreements. These providers do not receive client engagement data or AI-related data
  • Legal requirements: We may disclose information if required by law, regulation, court order, or governmental request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity, subject to the same privacy protections described in this policy

5. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data at rest and in transit (AES-256 and TLS 1.2+)
  • Access controls limiting data access to authorized personnel on a need-to-know basis
  • Regular security assessments and vulnerability scanning of our systems
  • Employee training on data handling and privacy practices
  • Physical security measures for our office and server infrastructure
  • Incident response procedures for potential data breaches

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining industry-leading practices.


6. Data Retention

  • Website visitor data (analytics): 26 months from collection
  • Contact form submissions and inquiries: 24 months from last contact
  • Client engagement records and contracts: 7 years (legal/tax requirement)
  • Client assessment data (under NDA): 12 months from engagement completion
  • Payment and billing records: 7 years (tax requirement)
  • Marketing subscriber data: Until unsubscribe or deletion request

7. Cookies and Tracking Technologies

7.1 Types of Cookies We Use

  • Essential cookies: Required for the Website to function properly (session management, security)
  • Analytics cookies: Help us understand how visitors interact with our Website (e.g., Google Analytics)
  • Marketing cookies: Used to deliver relevant advertisements and track campaign effectiveness (e.g., LinkedIn Insight Tag, Google Ads)

7.2 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to block or delete cookies. However, disabling essential cookies may affect Website functionality. For more information on managing cookies, visit https://www.allaboutcookies.org.

7.3 Do Not Track

We currently do not respond to "Do Not Track" browser signals. However, you can opt out of tracking by adjusting your cookie preferences or using browser privacy tools.


8. Your Privacy Rights

8.1 General Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Right to access: Request a copy of the personal information we hold about you
  • Right to correction: Request that we correct inaccurate or incomplete personal information
  • Right to deletion: Request that we delete your personal information, subject to legal retention requirements
  • Right to restrict processing: Request that we limit how we use your information
  • Right to data portability: Request your data in a structured, commonly used, machine-readable format
  • Right to withdraw consent: Withdraw consent for processing where consent is the legal basis
  • Right to opt out of marketing: Unsubscribe from marketing communications at any time

8.2 Minnesota and U.S. State Privacy Rights

If you are a resident of Minnesota or another U.S. state with applicable privacy legislation (including but not limited to the Minnesota Consumer Data Privacy Act, California Consumer Privacy Act, Colorado Privacy Act, Connecticut Data Privacy Act, or Virginia Consumer Data Protection Act), you may have additional rights under state law, including the right to know what personal information is collected, the right to delete, and the right to opt out of the sale of personal information.

We do not sell personal information as defined under any applicable state privacy law.

8.3 Exercising Your Rights

To exercise any of your privacy rights, please contact us at [email protected] with the subject line "Privacy Rights Request." We will respond to verified requests within thirty (30) days, or within the timeframe required by applicable law.


9. Children's Privacy

Our Website and Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child under 18, we will take steps to delete such information promptly.


10. Third-Party Links

Our Website may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.


11. International Data Transfers

Scenic Markets LLC is based in the United States and processes data in the United States. If you access our Website from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using our Website or Services, you consent to the transfer of your information to the United States.


12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated "Last Updated" date. If we make significant changes to how we handle personal information, we may also notify you via email. We encourage you to review this Privacy Policy periodically.


13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

Scenic Markets LLC — Privacy Inquiries
1250 Wayzata Blvd E, Ste 1 5124, Wayzata, MN 55391
Email: [email protected]
Phone: +1-763-496-9308
Fax: +1-952-476-7088

Merchant PoliciesLegal Notice
©2025