Last updated: May 6, 2026
Alina Balloon (also referred to as "we," "us," or "our" in this policy) is a balloon décor and event installation service based in Los Angeles, California, serving the greater Los Angeles area. Our website is alinaballoon.com.
For privacy questions, data requests, or to exercise any right described below, contact us by phone at (707) 971-9977 or through the contact form on our website.
When you submit our inquiry form, contact form, or otherwise communicate with us, we collect:
When you visit alinaballoon.com, our service providers and our own server may collect:
We do not knowingly collect Sensitive Personal Information as defined by California's CPRA, including: government-issued ID numbers, financial account or credit-card numbers, precise geolocation, racial or ethnic origin, religious beliefs, union membership, genetic or biometric data, health information, or information about sex life or sexual orientation. If you choose to email us such information voluntarily, we will not retain it beyond the immediate purpose of responding to you.
We do not use your information for automated decision-making or profiling that produces legal or similarly significant effects on you.
The providers listed below act as our service providers or processors. They are contractually limited to processing your data only for the purposes we direct.
We use Google Tag Manager (container GTM-WML56PQL) to load Google Analytics 4 and Google Ads conversion-tracking tags. We also send "Enhanced Conversions" data (hashed email and phone) to Google Ads to attribute booked customers to the campaigns that produced them, and we use Google Ads remarketing to show ads to past visitors. You can opt out of Google Analytics at tools.google.com/dlpage/gaoptout, and customize Google Ads personalization at adssettings.google.com. Google's privacy policy: policies.google.com/privacy.
We deploy the Meta Pixel (ID 1616754306187412) sitewide and use Meta's server-side Conversions API (CAPI) to send hashed event data (such as a lead form submission or a confirmed booking) so Meta can attribute conversions to our Facebook and Instagram ads and to optimize ad delivery. We also operate Custom Audiences and Lookalike Audiences for ad targeting. You can manage Meta ad preferences and opt out of off-Meta activity at accountscenter.facebook.com/ad_preferences. Meta's privacy policy: facebook.com/privacy/policy.
Microsoft Clarity provides heatmaps and session recordings so we can understand how visitors interact with our pages. Form fields and other sensitive elements are masked. Opt out at choice.microsoft.com. Microsoft's privacy statement: privacy.microsoft.com.
We maintain a verified Pinterest business account that publishes Pins linking to project pages on alinaballoon.com. If you arrive at our site from Pinterest, Pinterest's own cookies and analytics may apply. We do not run Pinterest paid advertising at this time, but if we begin to we will update this policy. Pinterest's privacy policy: policy.pinterest.com/en/privacy-policy.
We run a small first-party script that records which AI assistant or search engine sent you to our site (for example ChatGPT, Perplexity, Claude, Gemini, Copilot, You.com, or Brave Search). It stores only the source name in your browser session and the page you landed on — no content of any conversation, no message text, no third-party cookies. The data is sent only to our own analytics so we can understand where new visitors come from.
Inquiries, conversation history, quotes, and booking status are stored in our internal CRM hosted on our own infrastructure. The CRM is access-restricted to authorized staff. We may use SMS or email reminders (via providers such as Twilio for SMS) to follow up on quotes and confirm appointments — you can opt out of those messages at any time by replying STOP or asking us directly.
Our website is hosted on a third-party provider whose standard server logs (request URL, IP, timestamp, user-agent) may be retained for security and operational purposes. Outbound email may be delivered via standard email infrastructure.
Deposits and final payments, when collected online, are processed by third-party payment processors. We do not see or store your full card number, security code, or bank credentials — only the confirmation, amount, and reference necessary to record the transaction.
We and the providers above set the following categories of cookies and local-storage items on your browser:
_ga, _ga_* from Google Analytics 4; Microsoft Clarity session cookies) — track usage in aggregate. Persist up to 2 years._gcl_*; Meta Pixel _fbp, _fbc) — measure ad performance and enable remarketing. Typically persist up to 90 days.You can clear cookies, block third-party cookies, or use private browsing through your browser settings. Disabling analytics or advertising cookies will not change site functionality but will limit our ability to attribute and improve.
We do not sell your personal information for money, and we have not done so in the prior 12 months. As that term is defined under California's CCPA/CPRA, however, the use of advertising cookies (such as those for Google Ads or Meta Pixel) and the resulting transfer of identifiers to those providers may be considered "sharing" or "selling" for cross-context behavioral advertising. To opt out of that activity, see Section 7 below or click the cookie/ads opt-out links in Section 4.
If you are a California resident, you have the following rights:
Categories of personal information we have collected in the prior 12 months: identifiers, customer-record information, internet/network activity, geolocation (city-level only), commercial information (event details and bookings), and inferences drawn from the foregoing. Categories disclosed to service providers and shared for cross-context behavioral advertising are listed in Section 4.
To exercise any right, contact us at (707) 971-9977 or through the contact form on our website. We will verify your identity by matching the information you provide with what we already have on file, and we will respond within 45 days (extendable by another 45 days where reasonably necessary) as required by law.
California Civil Code §1798.83 ("Shine the Light") permits California residents to request information about disclosures of personal information to third parties for those parties' direct marketing. We do not disclose your personal information to third parties for their own direct marketing purposes.
Do Not Track: Our website does not currently respond to browser DNT signals. We honor the Global Privacy Control (GPC) browser signal as a valid opt-out of "sale/sharing" under CCPA/CPRA when received.
Our services and website are directed to adults planning events. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us using the details in Section 1.
We may send you transactional messages (booking confirmations, reminders, post-event follow-ups) by email, SMS, or phone. These are necessary for the service you requested. You may opt out of marketing-style follow-up at any time by replying STOP to an SMS, using the unsubscribe link in an email, or asking us directly. Standard message and data rates may apply for SMS.
We are a U.S.-based business serving customers in the Los Angeles area, and we do not target the EU/UK market. If you visit our site from the EU or UK, you have rights under the GDPR/UK GDPR, including access, rectification, erasure, restriction, portability, objection, and the right to lodge a complaint with your data protection authority. The legal basis for processing your inquiry is performance of pre-contractual steps at your request and our legitimate interest in operating and marketing our business.
We retain your information only for as long as necessary to fulfill the purpose for which it was collected:
You may request deletion at any time, subject to the legal exceptions described above.
We use HTTPS for all site traffic, secrets stored outside the public webroot, access-restricted CRM accounts, and routine review of who can access customer records. No method of internet transmission or electronic storage is 100% secure, and we cannot guarantee absolute security.
Our website and CRM are operated in the United States. Some of our service providers (Google, Meta, Microsoft, Pinterest) are global companies that may process information in other countries under their own privacy frameworks.
We may update this policy from time to time. We will update the "Last updated" date at the top, and for material changes we will provide additional notice on our homepage or by email where appropriate. Continued use of our website after a posted update constitutes acceptance of the updated policy.