Privacy Policy

1. Information We Collect

We collect different types of information depending on how you interact with us:

• Contact information: Name, email address, phone number, mailing address, and business name
• Project information: Details about your project needs, specifications, and requirements
• Business information: Company details, industry information, and technical environment details relevant to your project
• Billing information: Business address, billing contact details, and invoicing information
• Contract information: Signed agreements, statements of work, and related legal documents
• Communication records: Emails, meeting notes, and project coordination discussions
• Device information: Browser type, operating system, and device identifiers
• Usage data: Pages visited, time spent on pages, and navigation paths
• Connection information: IP address and approximate geographic location

2. How We Use Your Information

We use your information for the following specific purposes:

• Responding to your inquiries and requests
• Providing project quotes and proposals
• Executing contracted web design, software development, and IT consulting work
• Managing project timelines, deliverables, and communications
• Coordinating with you on approvals, revisions, and feedback
• Processing invoices and payments
• Maintaining contractual and legal records
• Communicating about project status and updates
• Providing post-project support during warranty periods
• Analyzing how our website performs
• Understanding how clients find and interact with us
• Refining our service offerings and processes
• Maintaining business records as required by tax and accounting laws
• Responding to lawful requests from government authorities
• Protecting our legal rights and enforcing our agreements

3. Communications Data

We retain various forms of communication to serve you effectively:

• Email communications: Retained for up to 7 years following project completion to maintain project history and comply with business record requirements
• Project coordination records: Meeting notes, project briefs, design approvals, revision histories retained for up to 7 years following project completion

4. Billing and Payment Information

We collect billing contact names, business addresses, invoice details, and payment history necessary to manage our financial relationship with you. We do not store complete credit card numbers, CVV codes, or bank account numbers on our systems. All payment card processing is handled by our third-party payment processors. Billing and financial records are retained for up to 7 years to comply with tax and accounting requirements.

5. Third-Party Payment Processors

We use trusted third-party services to process payments securely:

• Stripe: Processes payments and collects personal data including name, contact information, payment method details, billing address, transaction amount, and device information. For complete details, review Stripe's Privacy Policy at https://stripe.com/privacy
• We are not responsible for the privacy practices of third-party services. While we select providers who maintain appropriate data protection standards, we encourage you to review their privacy policies directly.

6. Client Confidential Information

During consulting engagements, you may share confidential business information with us. All client confidential information is used solely to deliver contracted services, protected by appropriate security measures, accessible only to personnel with a legitimate need-to-know, subject to confidentiality obligations in our service agreements, and never disclosed to third parties without your authorization (except as required by law). All team members with access to client confidential information are bound by confidentiality agreements.

7. How We Protect Your Information

We implement reasonable administrative, technical, and physical safeguards to protect your information in compliance with the New York SHIELD Act:

• Administrative safeguards: We designate personnel responsible for data security, assess risks to information we hold, train team members on security practices, and require service providers to maintain appropriate protections through contracts
• Technical safeguards: We use industry-standard encryption for data transmission, regularly assess our systems for vulnerabilities, and implement access controls limiting data access to authorized personnel
• Physical safeguards: We restrict physical access to systems containing personal information and maintain secure disposal practices when data is no longer needed

8. When We Share Information

We share your personal information only in these limited circumstances:

• Service providers: We share information with vendors who help us deliver services (payment processors, hosting providers, project management tools). These providers are contractually required to protect your information and use it only for the services they provide to us
• Legal requirements: We may disclose information when required by law, court order, or government investigation, or to protect our legal rights, safety, or property
• Business transfers: If BittyImpact LLC is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change
• With your consent: We may share information in other circumstances with your explicit permission
• We do not sell your personal information

9. Data Retention Summary

Project documentation: up to 7 years after project completion | Email communications: up to 7 years after project completion | Contracts and legal documents: up to 10 years after agreement expiration | Billing and financial records: up to 7 years | Website analytics: up to 3 years

10. Your Rights and Choices

You have the following rights regarding your information:

• Access: You may request a copy of the personal information we hold about you
• Correction: You may request that we correct inaccurate information
• Deletion: You may request that we delete your personal information, subject to our legal retention obligations
• Communication preferences: You may opt out of non-essential communications at any time
• To exercise any of these rights, contact us at [Contact]. We will respond to verified requests within 45 days

11. Information for California Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA). This privacy policy is conspicuously posted on our website with the word "privacy" in the link. We disclose all categories of personal information collected, third parties with whom we share information, and our policy update procedures. Our website does not currently respond to "Do Not Track" browser signals because there is no consistent industry standard for compliance. However, we honor Global Privacy Control (GPC) signals where technically feasible. California residents may have the right to know what personal information we collect, request deletion of their information, opt out of the sale of personal information (we do not sell personal information), and receive equal service regardless of exercising privacy rights.

12. Information for New York Residents

We comply with the New York SHIELD Act by maintaining reasonable data security safeguards appropriate to the size of our business and the nature of information we collect. In the event of a data breach affecting your private information, we will notify you within 30 days of discovery as required by New York law.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will post the updated policy with a new "Last Updated" date. For significant changes, we may also notify you by email. We encourage you to review this policy periodically to stay informed about how we protect your information.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at [Contact]