Privacy Policy

Welcome to Creo Design ("we," "us," or "our"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

By using our services, you agree to the collection and use of information in accordance with this policy. We will not use or share your information except as described in this Privacy Policy.

We collect different categories of personal data depending on how you interact with us:

A. Information You Provide Directly

• Contact Information: Name, email address, phone number, and mailing address
• Business Information: Company name, industry, project requirements, and business goals
• Project Content: Design preferences, branding materials, website content, and creative assets you provide
• Payment Information: Billing address and payment method details (processed securely by third-party providers)
• Communication Records: Messages, feedback, and support requests sent through our website or email

B. Information Collected Automatically

When you visit our website or use our services, we automatically collect:

• Technical Data: IP address, browser type, operating system, and device information
• Usage Data: Pages visited, time spent on site, click patterns, and navigation paths
• Location Information: General geographic location based on IP address
• Cookies and Tracking: Information collected through cookies and similar technologies

C. Information We Do Not Collect

We do not knowingly collect sensitive personal information such as:

• Social Security numbers or government-issued identification
• Financial account numbers (except for payment processing)
• Health or medical information
• Racial or ethnic origin, religious beliefs, or sexual orientation
• Information about children under 18 years of age

We use your personal data for the following purposes:

Service Delivery and Project Management

• Creating and delivering custom web design and development services
• Managing project timelines, deliverables, and client communications
• Processing payments and maintaining billing records
• Providing technical support and maintenance services

Communication and Support

• Responding to inquiries and providing customer service
• Sending project updates, proposals, and important notices
• Following up on leads and maintaining business relationships

Business Operations and Improvement

• Analyzing website usage to improve user experience
• Conducting research and development for new services
• Maintaining business records and financial documentation
• Ensuring quality control and service improvement

Marketing and Outreach

• Sending newsletters and industry updates (with your consent)
• Showcasing completed projects in our portfolio (with permission)
• Providing information about new services and promotions

Legal and Security

• Complying with legal obligations and regulatory requirements
• Protecting our rights, property, and safety
• Preventing fraud, abuse, and unauthorized access
• Investigating security incidents or policy violations

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

Service Providers

We may share information with trusted third-party service providers who assist us in operating our website and conducting our business, such as:

• Payment processors (Stripe, PayPal, or other payment services)
• Email service providers (for newsletters and communications)
• Website hosting and analytics providers (Google Analytics, Vercel)
• Customer relationship management systems
• API services (for form submissions, data processing, and integrations)
• Cloud storage providers (for secure data backup and file hosting)
• Communication platforms (for customer support and messaging)

These service providers are contractually obligated to maintain the confidentiality and security of your information and may only use it for the specific purposes outlined in our agreements with them.

Legal Requirements

We may disclose your information if required by law or if we believe such action is necessary to:

• Comply with legal obligations
• Protect our rights and property
• Prevent fraud or security issues
• Protect the personal safety of users

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• SSL/TLS encryption for data transmission
• Secure password hashing and storage
• Access controls and employee training
• Secure data backup and recovery procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

We use cookies and similar tracking technologies to enhance your browsing experience and analyze website traffic. You can control cookie settings through your browser preferences.

Types of Cookies We Use:

• Essential Cookies: Required for website functionality
• Analytics Cookies: Help us understand how visitors use our site
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used for targeted advertising (with consent)

You have certain rights regarding your personal information:

• Access: Request a copy of your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request transfer of your data in a structured format
• Opt-out: Unsubscribe from marketing communications
• Restriction: Request limitation of processing in certain circumstances

To exercise these rights, please contact us using the information provided below.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, provide our services, resolve disputes, enforce our agreements, and comply with legal requirements.

Retention Periods by Category:

• Contact Information: 3 years after last contact or project completion
• Project Files and Assets: 7 years (for tax and legal purposes)
• Payment Records: 7 years (required by tax laws)
• Communication Records: 3 years for general inquiries, 7 years for project-related communications
• Website Analytics: 26 months (Google Analytics standard retention)
• Marketing Data: Until you unsubscribe or request deletion

These retention periods may be extended if:

• Legal requirements mandate longer retention
• Information is relevant to an ongoing legal dispute
• You have consented to longer retention
• Business needs require extended retention

When personal data is no longer needed, we securely delete, anonymize, or aggregate it in accordance with our data retention schedule and applicable laws.

We process your personal data based on the following legal grounds:

Contract

Processing necessary to perform our services, fulfill project agreements, and maintain business relationships.

Legitimate Interests

Processing necessary for our legitimate business interests, including:

• Improving our services and website functionality
• Marketing our services to potential clients
• Protecting our business interests and preventing fraud
• Maintaining accurate business and financial records

Consent

Processing based on your explicit consent, such as for marketing communications or sharing your project in our portfolio.

Legal Obligation

Processing required to comply with applicable laws, regulations, or legal processes.

Your information may be transferred to and processed in countries other than your own for the following reasons:

• Service Providers: Third-party service providers may be located in other countries
• Cloud Infrastructure: Our data may be stored on servers in different jurisdictions
• Business Operations: Team members or contractors may access data from various locations

When transferring data internationally, we ensure appropriate safeguards are in place:

• Standard contractual clauses approved by regulatory authorities
• Adequacy decisions by relevant data protection authorities
• Binding corporate rules for intra-group transfers
• Certification schemes and codes of conduct

Our services are not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

Parents or guardians who believe their child has provided us with personal information should contact us immediately using the information provided below.

Our website may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to these external sites. We are not responsible for the privacy practices or content of these third parties.

We encourage you to review the privacy policies of any third-party websites or services you visit. Our inclusion of links to third-party sites does not imply endorsement or affiliation.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Post the updated policy on our website
• Notify users of significant changes via email or website notification

Your continued use of our services after any changes constitutes acceptance of the updated Privacy Policy.

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

We will respond to your inquiry within 30 days of receipt.