Privacy Policy

1. Acceptance of Terms

By accessing, browsing, or utilizing any services provided through this website (hereinafter referred to as the "Service" or "Platform"), you (hereinafter referred to as "User", "Subscriber", or "you") hereby acknowledge that you have read, understood, and agree to be bound by this Privacy Policy, including any and all subsequent modifications, amendments, or addenda thereto. If you do not agree with any provision contained herein, you must immediately cease use of the Service and refrain from submitting any information through our Platform.

2. Collection of Information

The Service collects, processes, stores, and may transmit various categories of personally identifiable information ("PII") and non-personally identifiable information ("Non-PII") as enumerated below, subject to applicable federal, state, and international data protection statutes, regulations, and ordinances, including but not limited to the California Consumer Privacy Act ("CCPA"), General Data Protection Regulation ("GDPR"), and any successor legislation thereto:

• Identifying information including but not limited to: legal business name, trade name, doing-business-as ("DBA") name, proprietor name, contact person designation
• Contact information including but not limited to: electronic mail addresses, telephonic contact numbers (landline and mobile), physical mailing addresses, service area geographical coordinates
• Business operational data including but not limited to: trade classification, service offerings, years of operational history, licensing credentials, insurance policy information, bonding information
• Digital assets including but not limited to: corporate logos, business imagery, promotional photographs, marketing materials submitted in any format
• Technical metadata including but not limited to: Internet Protocol (IP) addresses, browser type and version, operating system identifiers, device identifiers, geolocation data, referral sources, clickstream data, session duration metrics
• Payment information processed through third-party payment processors in accordance with Payment Card Industry Data Security Standard (PCI DSS) compliance requirements

3. Use of Collected Information

Information collected through the Service may be utilized for purposes including but not limited to: (a) provisioning of website development services and related deliverables; (b) establishment of user accounts within our proprietary work order management system (ArchX.org); (c) processing of subscription payments and recurring billing operations; (d) transmission of transactional communications, service updates, and operational notifications; (e) internal analytics, performance monitoring, and service improvement initiatives; (f) compliance with legal obligations, regulatory requirements, and law enforcement requests; (g) prevention of fraudulent activities, unauthorized access, and security incidents; (h) enforcement of terms of service and contractual obligations.

4. Third-Party Data Sharing and Disclosure

The Service may disclose, transmit, or otherwise make available certain categories of information to third-party service providers, vendors, contractors, and affiliates who assist in the operation, maintenance, and enhancement of the Platform, subject to confidentiality obligations and data processing agreements. Such third parties include but are not limited to:

• ArchX.org - A wholly-owned subsidiary platform for work order management, project tracking, and client relationship management functionality
• Stripe, Inc. - Third-party payment processor for credit card transactions, subscription billing, and payment method tokenization
• Amazon Web Services (AWS) - Cloud infrastructure provider for data storage, content delivery, and serverless computing operations
• Analytics Providers - Third-party services for website analytics, user behavior tracking, and performance monitoring

The Service expressly disclaims any sale, rental, or lease of personally identifiable information to unaffiliated third parties for marketing purposes. However, information may be disclosed: (i) to comply with legal process, court orders, subpoenas, or governmental requests; (ii) to enforce terms of service or investigate potential violations; (iii) in connection with merger, acquisition, bankruptcy, or sale of assets; (iv) with express user consent or at user direction.

5. Data Retention and Deletion

Collected information shall be retained for the duration of the active service relationship and for such additional period as may be necessary to: (a) fulfill contractual obligations; (b) comply with legal retention requirements; (c) resolve disputes; (d) enforce agreements. Upon account termination or subscription cancellation, data may be retained in backup systems for a period not to exceed ninety (90) days, after which time reasonable efforts shall be made to permanently delete such information, subject to technical limitations and legal obligations requiring extended retention. Certain anonymized, aggregated, or de-identified data may be retained indefinitely for analytics and service improvement purposes.

6. User Rights and Data Subject Requests

Subject to applicable law and verification of identity, users may possess certain rights with respect to their personal information, which may include, without limitation: (a) the right to access and obtain copies of collected information; (b) the right to request correction or rectification of inaccurate data; (c) the right to request deletion or erasure of personal information, subject to legal exceptions and retention requirements; (d) the right to object to or restrict certain processing activities; (e) the right to data portability in machine-readable format; (f) the right to opt-out of marketing communications; (g) the right to withdraw consent where processing is based on consent. Requests must be submitted in writing and may be subject to verification procedures to prevent unauthorized disclosure. The Service reserves the right to decline requests that are manifestly unfounded, excessive, or would require disproportionate effort.

7. Security Measures and Limitations

The Service implements commercially reasonable technical, administrative, and physical safeguards designed to protect information from unauthorized access, disclosure, alteration, or destruction. Such measures include but are not limited to: encryption of data in transit via Transport Layer Security (TLS) protocols, encryption of data at rest, access controls and authentication mechanisms, regular security audits and vulnerability assessments, employee training on data protection. Notwithstanding the foregoing, no method of electronic transmission or storage is completely secure, and the Service cannot and does not guarantee absolute security. Users acknowledge and accept the inherent risks associated with Internet-based communications and data storage. The Service shall not be liable for unauthorized access, loss, or disclosure of information resulting from circumstances beyond its reasonable control, including but not limited to: acts of God, force majeure events, third-party breaches, user negligence, or inherent vulnerabilities in Internet infrastructure.

8. Cookies and Tracking Technologies

The Service may employ various tracking technologies including but not limited to cookies, web beacons, pixel tags, local storage objects, and similar mechanisms to collect information about user interactions, preferences, and behavior. Categories of cookies utilized may include: (a) strictly necessary cookies essential for platform functionality; (b) performance cookies for analytics and usage statistics; (c) functional cookies for enhanced user experience; (d) targeting cookies for personalized content delivery. Users may configure browser settings to refuse cookies, though such action may impair functionality of certain Service features. Third-party cookies from service providers, analytics platforms, and payment processors may also be present and are governed by respective third-party privacy policies.

9. International Data Transfers

Information collected through the Service may be transferred to, stored in, and processed in jurisdictions other than the user's country of residence, including but not limited to the United States of America, where data protection laws may differ from those applicable in the user's jurisdiction. By utilizing the Service, users explicitly consent to such international transfers and acknowledge that data may be subject to access by law enforcement and national security authorities in such jurisdictions. Where transfers occur from the European Economic Area (EEA) or United Kingdom, the Service shall implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or rely on adequacy decisions as applicable.

10. Children's Privacy

The Service is not directed to, intended for, or designed to attract individuals under the age of eighteen (18) years, or such higher age of majority as may be applicable in the user's jurisdiction. The Service does not knowingly collect personal information from minors. If it comes to our attention that information has been collected from a person under the applicable age threshold without verifiable parental consent, such information shall be deleted expeditiously. Parents or guardians who believe their child has provided information to the Service should contact us immediately.

11. Modifications and Amendments

The Service reserves the unilateral right to modify, amend, supplement, or replace this Privacy Policy at any time, in its sole discretion, without prior notice. Modifications shall become effective immediately upon posting to the Platform unless otherwise specified. Continued use of the Service following such modifications constitutes acceptance of the revised Privacy Policy. Users are responsible for regularly reviewing this Privacy Policy for updates. Material changes may be communicated via electronic mail or prominent Platform notice, though failure to provide such notification shall not affect the validity or enforceability of modifications. The "Effective Date" indicated at the beginning of this document reflects the most recent revision.

12. California Privacy Rights

California residents may possess additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to: (a) know what personal information is collected, used, shared, or sold; (b) delete personal information subject to certain exceptions; (c) opt-out of the sale or sharing of personal information; (d) correct inaccurate personal information; (e) limit use and disclosure of sensitive personal information; (f) non-discrimination for exercising privacy rights. To exercise these rights, California residents may submit requests through designated mechanisms. The Service shall not discriminate against users for exercising CCPA/CPRA rights, though different pricing tiers or service levels may be offered based on value provided by data processing activities.

13. European Privacy Rights

Individuals located in the European Economic Area (EEA), United Kingdom, or Switzerland may possess rights under the General Data Protection Regulation (GDPR) or equivalent legislation. Legal bases for processing may include: (a) contractual necessity; (b) compliance with legal obligations; (c) legitimate interests; (d) explicit consent. Users in covered jurisdictions have the right to lodge complaints with supervisory authorities in their country of residence. Data controllers and processors shall be identified upon request. International transfers from the EEA/UK shall comply with Chapter V of GDPR through appropriate safeguards.

14. Disclaimer of Warranties

THE PRIVACY PRACTICES AND SECURITY MEASURES DESCRIBED HEREIN ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, OR COURSE OF PERFORMANCE. THE SERVICE DOES NOT WARRANT THAT PRIVACY PROTECTION WILL BE UNINTERRUPTED, ERROR-FREE, OR COMPLETELY SECURE. USERS ASSUME ALL RISK ASSOCIATED WITH USE OF THE SERVICE AND DISCLOSURE OF INFORMATION THEREIN.

15. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL THE SERVICE, ITS AFFILIATES, OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, OR LICENSORS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES ARISING OUT OF OR RELATED TO DATA BREACHES, UNAUTHORIZED ACCESS, LOSS OF DATA, OR PRIVACY VIOLATIONS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. AGGREGATE LIABILITY SHALL NOT EXCEED THE AMOUNT PAID BY USER FOR SERVICES DURING THE TWELVE (12) MONTHS PRECEDING THE CLAIM, OR ONE HUNDRED DOLLARS ($100.00), WHICHEVER IS GREATER.

16. Governing Law and Dispute Resolution

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of California, United States of America, without regard to its conflict of laws principles. Any dispute, claim, or controversy arising out of or relating to this Privacy Policy shall be resolved through binding arbitration administered by the American Arbitration Association (AAA) in accordance with its Commercial Arbitration Rules. Users hereby waive any right to jury trial or participation in class action lawsuits. Arbitration shall be conducted in San Diego County, California. Notwithstanding the foregoing, either party may seek injunctive or equitable relief in courts of competent jurisdiction to prevent actual or threatened infringement, misappropriation, or violation of intellectual property rights or confidentiality obligations.

17. Severability and Waiver

If any provision of this Privacy Policy is held to be invalid, illegal, or unenforceable by a court of competent jurisdiction, such provision shall be modified to the minimum extent necessary to make it enforceable, or if incapable of such modification, shall be severed, and the remaining provisions shall continue in full force and effect. No waiver of any provision shall be deemed a further or continuing waiver of such provision or any other provision, and failure to enforce any right or provision shall not constitute a waiver of such right or provision.

18. Contact Information

For inquiries, requests, or complaints regarding this Privacy Policy or data processing practices, users may contact us through the following means. Please allow up to thirty (30) business days for response to written requests. Verification of identity may be required prior to fulfillment of data subject requests to prevent unauthorized disclosure. Contact information will be provided upon reasonable request through the Platform.

19. Entire Agreement

This Privacy Policy, together with any Terms of Service, Subscription Agreements, and other applicable policies incorporated by reference, constitutes the entire agreement between the user and the Service regarding privacy practices and supersedes all prior or contemporaneous understandings, agreements, representations, and warranties, whether written or oral, regarding the subject matter hereof. This Privacy Policy shall not be construed against the drafting party.