Privacy Policy v1.0

1. Introduction

Prezlo, a service operated by Ideal Conclusions Inc, an Arizona S-Corporation ("Company," "we," "us," "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website development services, including our website at prezlo.live and all related services (collectively, the "Services").

Please read this Privacy Policy carefully. BY USING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THIS PRIVACY POLICY. If you do not agree with this Privacy Policy, you must not use our Services.

This Privacy Policy is incorporated into and made part of our Terms of Service. Any capitalized terms not defined herein shall have the meanings set forth in our Terms of Service.

2. Information We Collect

2.1 Information You Provide Directly
We collect information you voluntarily provide when using our Services:

• Contact Information: Name, email address, phone number, business/company name, mailing address
• Account Information: Login credentials (if applicable), account preferences
• Project Information: Business type, industry, design preferences, branding materials, content for your website (text, images, logos)
• Payment Information: Billing name, billing address, and payment card details (note: full payment card numbers are processed and stored exclusively by Stripe, Inc. and are never stored on our servers)
• Communications: Messages, feedback, support requests, and all correspondence with us
• Domain Registration Information: Domain name preferences, WHOIS contact information (name, address, email, phone) as required by ICANN

2.2 Information Collected Automatically
When you visit our website or use our Services, we automatically collect:

• Device Information: Browser type and version, operating system, device type, screen resolution, device identifiers
• Usage Data: Pages visited, time and date of visits, time spent on pages, clickstream data, referring/exit URLs
• IP Address: Your Internet Protocol address for security, fraud prevention, geolocation, and analytics
• Cookies and Similar Technologies: Small data files and tracking technologies stored on your device (see Section 7)
• Log Data: Server logs including access times, pages viewed, IP address, and referring URL

2.3 Information from Third Parties
We may receive information about you from third parties, including:

• Payment processors (transaction confirmations, fraud screening results)
• Domain registrars (domain availability, registration status)
• Analytics providers (aggregated usage data)
• Marketing partners (if you arrived via a referral or affiliate link)

3. How We Use Your Information

3.1 Primary Purposes
We use the information we collect to:

• Provide, deliver, maintain, and improve our Services
• Process orders, payments, and refunds
• Register domain names on your behalf
• Set up and maintain web hosting services
• Communicate with you about your project, including status updates and deliverables
• Send service-related notifications, reminders, and administrative messages
• Respond to your inquiries, comments, and support requests
• Create and deliver your website and related deliverables

3.2 Secondary Purposes
We also use your information to:

• Protect against fraud, unauthorized transactions, and other illegal activities
• Detect, investigate, and prevent security incidents and abuse
• Comply with legal obligations, court orders, and government requests
• Enforce our Terms of Service and other agreements
• Analyze usage patterns to improve our website, Services, and user experience
• Develop new features, products, and services
• Maintain internal records and business administration

3.3 Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, our legal basis for processing your personal information includes:

• Contractual Necessity: Processing necessary to perform our contract with you (e.g., delivering your website, processing payments, registering domains)
• Legitimate Interests: Processing necessary for our legitimate business interests (e.g., improving our services, preventing fraud, marketing our services), provided such interests are not overridden by your rights
• Legal Obligation: Processing necessary to comply with applicable laws, regulations, or legal processes
• Consent: Where you have given explicit, informed consent for specific processing activities (which you may withdraw at any time)

3.4 Marketing Communications

• We may send you marketing communications about our services, promotions, updates, and industry news
• You can opt-out of marketing emails at any time by: (a) clicking the unsubscribe link in any marketing email; (b) contacting us at support@prezlo.live; or (c) adjusting your communication preferences
• Opting out of marketing communications does not affect transactional or service-related communications (order confirmations, project updates, security alerts, renewal notices, etc.)
• We do not sell, rent, or share your personal information with third parties for their own marketing purposes

4. How We Share Your Information

4.1 Service Providers and Processors
We share your information with third-party service providers who perform services on our behalf, including but not limited to:

• Payment Processing: Stripe, Inc. processes all payment transactions. Your payment information is transmitted directly to Stripe and handled according to their Privacy Policy and PCI-DSS compliance standards. We do not store full credit card numbers on our servers.
• Hosting Providers: Third-party hosting infrastructure providers who store and serve website files and data
• Domain Registrars: ICANN-accredited domain registrars who process domain name registrations. Domain registration requires disclosure of certain personal information (name, address, email, phone) for WHOIS records, subject to applicable privacy protections
• Analytics Services: Google Analytics and similar services that help us understand website usage patterns (data is aggregated and anonymized where possible)
• Email Services: Transactional and marketing email service providers
• Cloud Services: Cloud storage and computing providers for data processing and backup
• Customer Support Tools: Help desk and ticketing systems

All service providers are contractually obligated to protect your information and may only use it for the specific services they provide to us.

4.2 Legal Requirements and Protection
We may disclose your information if required or permitted to do so by law, or in good faith belief that such disclosure is necessary to:

• Comply with applicable laws, regulations, legal processes, or enforceable governmental requests
• Enforce our Terms of Service, including investigation of potential violations
• Detect, prevent, or address fraud, security, or technical issues
• Protect the rights, property, or safety of Prezlo, Ideal Conclusions Inc, our users, or the public as required or permitted by law

4.3 Business Transfers
In the event of a merger, acquisition, reorganization, bankruptcy, asset sale, or other business transfer, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

4.4 Aggregated and De-Identified Data
We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for any purpose, including research, analytics, and marketing.

4.5 With Your Consent
We may share your information for other purposes with your explicit consent.

5. Data Security

5.1 Security Measures
We implement appropriate technical, administrative, and physical security measures to protect your personal information, including:

• TLS/SSL encryption (HTTPS) for all data transmission
• Secure payment processing through Stripe (PCI-DSS Level 1 compliant)
• Access controls and authentication mechanisms limiting access to authorized personnel
• Regular security assessments, vulnerability scanning, and penetration testing
• Employee training on data protection and security practices
• Secure data storage with encryption at rest where appropriate
• Regular backups and disaster recovery procedures

5.2 Security Limitations
DESPITE OUR SECURITY MEASURES, NO METHOD OF TRANSMISSION OVER THE INTERNET OR ELECTRONIC STORAGE IS 100% SECURE. WHILE WE STRIVE TO PROTECT YOUR PERSONAL INFORMATION, WE CANNOT GUARANTEE ABSOLUTE SECURITY. YOU TRANSMIT INFORMATION TO US AT YOUR OWN RISK.

You are responsible for maintaining the confidentiality of any login credentials and for any activity under your account. Notify us immediately of any unauthorized access or security breach.

5.3 Data Breach Notification
In the event of a data breach that affects your personal information:

• We will notify affected users without undue delay, and where feasible within seventy-two (72) hours of discovery
• Notification will be sent to the email address associated with your account
• We will provide information about: (a) the nature of the breach; (b) the categories and approximate number of individuals affected; (c) the types of personal data affected; (d) likely consequences of the breach; and (e) measures taken or proposed to address the breach and mitigate harm
• We will report breaches to relevant supervisory authorities as required by applicable law (including GDPR Article 33 where applicable)
• We will document all breaches and our response for regulatory compliance purposes

6. Data Retention

6.1 Retention Periods
We retain your personal information for as long as necessary to:

• Provide our Services and fulfill our contractual obligations
• Comply with legal, accounting, and regulatory requirements
• Resolve disputes and enforce our agreements
• Maintain business records for legitimate business purposes

Specific retention periods:

• Active Client Data: Retained for the duration of our business relationship plus three (3) years
• Project Files and Deliverables: Retained for one (1) year after project completion unless you request earlier deletion
• Payment Records: Retained for seven (7) years for tax and accounting compliance
• Communications and Support Records: Retained for three (3) years after last communication
• Website Analytics: Aggregated data retained indefinitely; individual session data retained for twenty-six (26) months
• Marketing Preferences: Retained until you opt-out or request deletion

6.2 Deletion and Anonymization
When retention periods expire or upon valid deletion request:

• Personal information will be securely deleted or anonymized
• Backups containing your data will be overwritten according to our backup rotation schedule (typically within ninety (90) days)
• We may retain anonymized, aggregated data indefinitely for statistical and analytical purposes

7. Cookies and Tracking Technologies

7.1 What Are Cookies
Cookies are small text files placed on your device when you visit our website. They help us provide a better experience by remembering your preferences and understanding how you use our site.

7.2 Types of Cookies We Use

Essential/Strictly Necessary Cookies:

• Required for the website to function properly
• Enable core functionality such as security, session management, and accessibility
• Cannot be disabled without affecting website functionality
• Examples: Session cookies, authentication cookies, security cookies

Analytics/Performance Cookies:

• Help us understand how visitors interact with our website
• Collect aggregated, anonymous information about page views, traffic sources, and user behavior
• Used to improve website performance and user experience
• Examples: Google Analytics cookies

Functional/Preference Cookies:

• Remember your preferences and settings
• Enable enhanced functionality and personalization
• Examples: Language preferences, display settings

7.3 Third-Party Cookies
Some cookies are placed by third-party services that appear on our pages:

• Google Analytics: Privacy Policy at https://policies.google.com/privacy
• Stripe: Privacy Policy at https://stripe.com/privacy

7.4 Managing Cookies
You can control and manage cookies through:

• Browser Settings: Most browsers allow you to refuse or delete cookies. Consult your browser's help documentation for instructions.
• Opt-Out Tools: Google Analytics opt-out browser add-on (https://tools.google.com/dlpage/gaoptout)
• Do Not Track: We currently do not respond to "Do Not Track" browser signals, as there is no industry-standard interpretation.

Note: Disabling certain cookies may affect website functionality and your ability to use our Services.

7.5 Other Tracking Technologies
We may also use:

• Pixel Tags/Web Beacons: Tiny graphics that track whether you opened an email or visited a page
• Local Storage: Data stored in your browser for faster performance
• Session Replay Tools: To understand user interactions and improve user experience (personal information is masked)

8. Your Privacy Rights

8.1 General Rights
Depending on your location, you may have certain rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction/Rectification: Request correction of inaccurate or incomplete information
• Deletion/Erasure: Request deletion of your personal information (subject to legal retention requirements)
• Portability: Request a copy of your data in a structured, commonly used, machine-readable format
• Objection: Object to certain processing of your information, including direct marketing
• Restriction: Request that we limit how we use your data
• Withdraw Consent: Where processing is based on consent, withdraw your consent at any time

8.2 Exercising Your Rights
To exercise these rights:

• Email us at: support@prezlo.live
• Include: Your full name, email address associated with your account, and a clear description of your request
• Verification: We may need to verify your identity before processing your request. This may require providing additional information.

We will respond to your request within thirty (30) days. If we need additional time (up to sixty (60) additional days for complex requests), we will notify you of the extension and the reasons.

8.3 Limitations
We may decline requests that:

• Are unreasonably repetitive or systematic
• Require disproportionate technical effort
• Jeopardize the privacy of others
• Are not required by applicable law
• Conflict with our legal obligations or legitimate interests

We will not discriminate against you for exercising your privacy rights.

9. Jurisdiction-Specific Rights

9.1 California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected, the sources, the purposes, and the categories of third parties with whom we share it
• Right to Delete: Request deletion of your personal information, subject to certain exceptions
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out of Sale/Sharing: We do not sell or share personal information for cross-context behavioral advertising. If this changes, we will provide an opt-out mechanism.
• Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information for purposes beyond what is necessary to provide Services
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

California Shine the Light: California Civil Code Section 1798.83 permits California residents to request information regarding disclosure of personal information to third parties for direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.

To exercise your California privacy rights, contact us at support@prezlo.live or submit a verifiable consumer request.

9.2 European Economic Area, United Kingdom, and Switzerland (GDPR)
If you are located in the EEA, UK, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and equivalent laws:

• All rights listed in Section 8.1 above
• Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection supervisory authority
• International Transfers: We transfer data outside the EEA/UK using appropriate safeguards, including Standard Contractual Clauses approved by the European Commission

Data Controller: Ideal Conclusions Inc is the data controller for personal information collected through our Services.

9.3 Other Jurisdictions
If you are located in another jurisdiction with data protection laws, you may have additional rights under those laws. Please contact us to learn more about your rights and how to exercise them.

10. International Data Transfers

10.1 Transfer of Data
Your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate. These countries may have data protection laws that differ from your country of residence.

10.2 Safeguards
When we transfer personal information internationally, we implement appropriate safeguards:

• Standard Contractual Clauses: We use EU-approved Standard Contractual Clauses for transfers from the EEA/UK
• Data Processing Agreements: We require service providers to enter into data processing agreements with appropriate protections
• Security Measures: We maintain technical and organizational security measures regardless of where data is processed

10.3 Consent to Transfer
BY USING OUR SERVICES, YOU ACKNOWLEDGE AND CONSENT TO THE TRANSFER OF YOUR INFORMATION TO THE UNITED STATES AND OTHER COUNTRIES AS DESCRIBED IN THIS POLICY.

11. Children's Privacy

Our Services are not directed to individuals under the age of eighteen (18). We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at support@prezlo.live.

If we become aware that we have collected personal information from a child under 18 without verification of parental consent, we will take steps to delete such information from our systems within a reasonable timeframe.

12. Third-Party Links and Services

Our website and deliverables may contain links to third-party websites, services, or applications that are not owned or controlled by us. This Privacy Policy applies only to our Services.

We are not responsible for the privacy practices, content, or security of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

The inclusion of any link does not imply endorsement, approval, or control by us of the linked site.

13. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activity tracked. There is currently no uniform standard for interpreting DNT signals.

Our website does not currently respond to DNT signals. However, you can manage your privacy preferences through the cookie controls described in Section 7.4.

14. Changes to This Privacy Policy

14.1 Modifications
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We reserve the right to modify this Privacy Policy at any time.

14.2 Notification of Changes
We will notify you of material changes by:

• Posting the updated Privacy Policy on our website with a new "Last Updated" date
• Sending an email to the address associated with your account (for material changes)
• Displaying a prominent notice on our website

14.3 Acceptance of Changes
Your continued use of our Services after the effective date of any changes constitutes your acceptance of the revised Privacy Policy. If you do not agree with the changes, you must stop using our Services.

We encourage you to periodically review this Privacy Policy to stay informed about how we are protecting your information.

15. Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our privacy practices, please contact us at:

• Prezlo (a service of Ideal Conclusions Inc)
• Email: support@prezlo.live
• Website: https://prezlo.live

For data protection inquiries specifically:
Data Protection Contact: support@prezlo.live
Subject Line: "Privacy Inquiry"

We will endeavor to respond to your inquiry within thirty (30) days.

16. Additional Disclosures

16.1 Categories of Personal Information Collected (Last 12 Months)
For transparency, the categories of personal information we have collected in the preceding twelve (12) months include:

• Identifiers (name, email, IP address, account name)
• Customer records (billing information, phone number, address)
• Commercial information (purchase history, services obtained)
• Internet/electronic activity (browsing history, interactions with website)
• Geolocation data (derived from IP address)
• Professional/employment information (business name, job title)
• Inferences (preferences, characteristics derived from above)

16.2 Sources of Personal Information

• Directly from you when you provide it
• Automatically through cookies and tracking technologies
• From third-party service providers (payment processors, analytics)

16.3 Business/Commercial Purposes for Collection

• Providing and improving our Services
• Processing transactions
• Marketing and advertising our Services
• Security and fraud prevention
• Legal compliance

16.4 Categories of Third Parties with Whom We Share Information

• Service providers and processors
• Professional advisors (lawyers, accountants)
• Government authorities (when required by law)
• Business transaction parties (in event of merger/acquisition)

17. Acknowledgment

BY USING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ THIS PRIVACY POLICY, UNDERSTAND IT, AND AGREE TO BE BOUND BY ITS TERMS. YOU FURTHER ACKNOWLEDGE THAT THIS PRIVACY POLICY, TOGETHER WITH OUR TERMS OF SERVICE, REPRESENTS THE COMPLETE AND EXCLUSIVE STATEMENT OF THE AGREEMENT BETWEEN US CONCERNING THE SUBJECT MATTER HEREOF.