Ricerca

Privacy Policy

Last updated: June 14, 2026

1. Who we are

This Privacy Policy explains how Francette, LLC, a Pennsylvania limited liability company doing business as “Ricerca” (“Ricerca,” “we,” “us,” or “our”), collects, uses, discloses, and protects information in connection with the website located at ricercacredit.com and related pages and features (the “Site”). Francette, LLC is the controller responsible for the personal information described in this Policy.

2. Scope

This Policy applies to information we collect through the Site and through your communications with us (for example, when you submit a contact form or email us). It does not apply to third-party websites or services that we do not control, or to information governed by a separate engagement agreement. Using the Site does not create a CPA–client or attorney–client relationship; please see our Disclaimer and Terms of Service.

3. Information we collect

Information you provide to us

When you submit our contact form or otherwise reach out, we collect the information you choose to provide, which may include:

  • your name;
  • your company / organization;
  • your work email address;
  • your phone number (optional);
  • your industry;
  • your estimated annual R&D spend (optional);
  • the contents of your message; and
  • your consent selection (the consent checkbox you submit with the form).

The form is submitted over HTTPS to a third-party form/serverless backend that delivers it to us by email. Please do not include sensitive personal information or confidential tax data in free-text fields.

Information collected automatically (only after consent)

We use Google Consent Mode v2, and analytics are denied by default. No analytics scripts load and no analytics cookies are set unless and until you click “Accept” on our cookie banner. If you accept, we use Google Analytics 4 (GA4) and Google Tag Manager (GTM) to collect standard, aggregated usage information such as pages viewed, approximate (city-level) location derived from IP address, device and browser type, referring pages, and on-site interactions. If no GA4/GTM identifier is configured for the Site, no analytics run and no banner appears at all. See our Cookie Policy for details.

Server logs

Our hosting and content-delivery (CDN) providers may automatically record standard server access logs — such as IP address, date and time of requests, requested URLs, user-agent, and similar technical data — for security, troubleshooting, abuse prevention, and reliability. These logs are generated regardless of your cookie choice and are retained by those providers under their own policies.

4. How we use information

  • to respond to your inquiries, requests, and communications;
  • to provide, operate, maintain, and improve the Site and our content;
  • to understand how the Site is used and to measure and improve its performance (with your consent, via analytics);
  • to protect the security and integrity of the Site, including detecting and preventing fraud, spam, and abuse;
  • to comply with legal obligations and to establish, exercise, or defend legal claims; and
  • for other purposes you authorize or that are described to you at the point of collection.

5. Legal bases for processing (EEA/UK)

If you are in the European Economic Area or the United Kingdom, we process your personal information under one or more of the following legal bases:

  • Consent — for analytics and any non-essential cookies (which you may withdraw at any time);
  • Legitimate interests — to respond to inquiries, operate and secure the Site, and prevent abuse, where those interests are not overridden by your rights; and
  • Legal obligation — to comply with applicable laws and respond to lawful requests.

6. Cookies & analytics

We use cookies and similar technologies as described in our Cookie Policy. We take a consent-first approach: analytics are denied by default under Google Consent Mode v2, and nothing non-essential loads before you accept. Your choice is stored locally in your browser under the ricerca_consent_v1 key. You can change or withdraw your choice at any time as described in the Cookie Policy.

7. How we share information — service providers & processors

We do not sell your personal information. We share information only as needed with service providers and processors who handle it on our behalf and under appropriate confidentiality and data-protection obligations, including:

  • Google LLC — Google Analytics 4 and Google Tag Manager, for website analytics (only after you consent);
  • our form/serverless and email provider — to transmit and deliver contact-form submissions to us;
  • Cloudflare, Inc. — Cloudflare Turnstile, where enabled, to protect our forms from spam and abuse;
  • Microsoft Corporation — Microsoft Dynamics 365 (CRM), to which lead and inquiry data may be transferred to manage and respond to communications (a service provider relationship / planned integration); and
  • our hosting and CDN providers — to serve the Site and maintain security and reliability.

We may also disclose information when required by law or legal process, to protect our rights, safety, and property or those of others, or in connection with a corporate transaction such as a merger, acquisition, or sale of assets (subject to this Policy).

8. We do not sell or “share” personal information

We do not sell your personal information, and we do not “share” it for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA). We do not knowingly disclose personal information for monetary or other valuable consideration.

9. Data retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Policy — such as responding to and following up on your inquiry, maintaining business records, and complying with legal obligations — after which we delete or de-identify it. Analytics data is retained according to our GA4 configuration and Google’s retention controls. Server logs are retained by our hosting/CDN providers under their own retention schedules.

10. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information, including transmission of the Site and contact form over HTTPS/TLS, access controls, and spam-prevention measures. You can learn more on our Security page. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11. Your privacy rights

California (CCPA/CPRA)

If you are a California resident, you have the right to: (a) know what personal information we collect, use, and disclose; (b) access and obtain a copy of that information; (c) correct inaccurate personal information; (d) request deletion of your personal information; and (e) opt out of the sale or sharing of personal information. As noted above, we do not sell or share personal information, so there is nothing to opt out of. We will not discriminate against you for exercising any of these rights.

EEA / UK (GDPR)

If you are in the European Economic Area or the United Kingdom, you have the right to: access your personal information; rectification of inaccurate data; erasure (“right to be forgotten”); restriction of processing; data portability; objection to processing based on legitimate interests; and the right to withdraw consent at any time (without affecting processing already carried out). You also have the right to lodge a complaint with your local data-protection supervisory authority.

12. How to exercise your rights

To exercise any of the rights above, email us at info@ricercacredit.com with your request. We will respond within the timeframes required by applicable law. To protect your privacy, we may need to verify your identity before acting on your request, and you may use an authorized agent where the law permits.

13. International data transfers

We are based in the United States, and the service providers we use may process information in the United States or other countries. If you access the Site from outside the United States, you understand that your information may be transferred to, stored in, and processed in the United States and other jurisdictions whose data-protection laws may differ from those in your location. Where required, we rely on appropriate safeguards (such as the European Commission’s Standard Contractual Clauses) for such transfers.

14. Children’s privacy

The Site is intended for businesses and adults and is not directed to children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us so we can delete it.

15. Do Not Track / Global Privacy Control

Because we do not sell or share personal information and load non-essential cookies only after you affirmatively opt in, our analytics will not run unless you click “Accept.” Browsers and standards handle “Do Not Track” (DNT) and Global Privacy Control (GPC) signals inconsistently; given our consent-first, opt-in design, no additional action is required for analytics to remain off if you do not accept.

16. Changes to this Policy

We may update this Policy from time to time. When we do, we will revise the “Last updated” date above, and the revised Policy becomes effective when posted. We encourage you to review this Policy periodically.

17. Contact

For privacy questions or to exercise your rights, contact:

Francette, LLC d/b/a Ricerca
Email: info@ricercacredit.com
[BUSINESS MAILING ADDRESS — TODO: add Francette, LLC's registered mailing address before publishing]