[LEGAL_BUSINESS_NAME] Back to brickwork.design
Legal · How we handle your data

Privacy Policy

What personal information [LEGAL_BUSINESS_NAME] collects — including through our free website mockup form — how we use and share it, and the rights you have over it.

Effective date: [EFFECTIVE_DATE] Applies to: [WEBSITE_URL] & our services Privacy contact: [CONTACT_EMAIL]
PRIVACY · YOUR DATA, RESPECTED PPBrickwork

Template — not legal advice. This Privacy Policy is a starting-point template with [BRACKETED PLACEHOLDERS] that must be completed, and it must be matched to what your business actually does with data. Review and adapt it with a licensed privacy attorney before publishing it or relying on it.

This Privacy Policy explains how [LEGAL_BUSINESS_NAME] (“[BUSINESS_SHORT_NAME],” “we,” “us,” or “our”) collects, uses, shares, and protects personal information when you visit our website at [WEBSITE_URL], request a free website mockup, or use our website design, hosting, and outreach services (the “Service”). It works together with our Terms of Service.

1 Who we are & scope

[LEGAL_BUSINESS_NAME] is the controller responsible for the personal information described here. This policy covers information about visitors to our website, prospective clients (including businesses we build free mockups for), clients, and the website-owners' own customers whose information we may process on a client's behalf. Where we process information on behalf of a client (for example, contacts a client tells us to reach), we act as that client's service provider/processor and handle the data under our agreement with them.

↑ Back to top

2 Information we collect

The categories of personal information we may collect include:

CategoryExamples
Identifiers & contact dataName, business name, phone number, email address, mailing/business address.
Business informationTrade or industry, website URL, service area, logos, photos, and publicly posted customer reviews and ratings.
Transaction & billing dataPlan selected, invoices, and payment status. Full card numbers are handled by our payment processor, not stored by us.
Communications dataMessages you send us, and records, recordings, transcripts, and outcomes of calls and texts placed through the Service.
Usage & device dataIP address, browser type, pages viewed, referring page, and similar analytics data collected automatically (see Section 6).
↑ Back to top

3 The free mockup form

When you request a free website mockup on our site, we ask for and store the information you submit — at minimum your business name, your trade or industry, and a phone number — along with the date and originating IP address of the request. We use this information to:

  • Build and show you a no-obligation mockup of a website for your business;
  • Contact you about that mockup and our Service, including by phone, text, or email (see Section 9);
  • Detect and prevent spam and abuse of the form.
Your choiceProviding this information is voluntary, and by submitting the form you are asking us to contact you about your mockup. You can ask us to stop contacting you or to delete your request at any time by emailing [CONTACT_EMAIL].
↑ Back to top

4 Where we get information

We collect personal information from:

  • You — when you submit the mockup form, contact us, or become a client;
  • Automatically — from your device and browser when you visit our site (Section 6);
  • Public and third-party sources — to prepare a mockup or evaluate a prospect, we may collect business information that is publicly available (such as a business listing, public reviews, photos, website, or directory data). We use this only to demonstrate and offer our Service, and we will remove it on request.
↑ Back to top

5 How we use information

We use personal information to:

  • Provide, operate, and improve the Service, including building, hosting, and maintaining websites;
  • Create and present free mockups to prospective clients;
  • Process payments and manage subscriptions and billing;
  • Communicate with you about your mockup, account, support requests, and service updates;
  • Send marketing about our Service where permitted, from which you can opt out;
  • Place outreach calls, texts, and direct mail that you or our clients have authorized;
  • Maintain security, prevent fraud and abuse, and enforce our Terms;
  • Comply with legal obligations and establish, exercise, or defend legal claims.
↑ Back to top

6 Cookies & analytics

We and our providers may use cookies and similar technologies (such as pixels and local storage) to operate the site, remember preferences, keep you logged in to any account area, and understand how the site is used. We may use analytics services — for example, [Google Analytics / Plausible / OTHER] — that collect usage and device data on our behalf.

You can control cookies through your browser settings and, where offered, through any cookie banner or preference tool on our site. Some browsers send a “Do Not Track” or Global Privacy Control signal; we handle these as described in Section 12. Disabling some cookies may affect how the site works.

Confirm your actual setupList the analytics, advertising, and cookie tools you really use, and add a cookie banner/consent manager if you operate one or are required to. [ANALYTICS & COOKIE TOOLS — CONFIRM WITH COUNSEL]
↑ Back to top

7 How we share information

We do not sell your personal information for money. We share personal information only as follows:

  • Service providers. With vendors who perform services for us, under contracts that limit their use of the information (see Section 8).
  • With clients. Where we process information on a client's behalf, with that client.
  • Legal & safety. When required by law or legal process, or to protect the rights, property, or safety of us, our users, or the public.
  • Business transfers. In connection with a merger, acquisition, financing, or sale of assets, subject to this policy.
  • With your direction or consent. When you ask us to share it.

Some privacy laws define “sale” or “sharing” broadly to include certain disclosures for advertising. See Section 12 for how this applies in California and how to exercise your choices.

↑ Back to top

8 Third-party service providers

We rely on the following categories of providers, who may process personal information on our behalf. Each has its own privacy policy.

ProviderPurpose & data involved
[Stripe]Payment processing — billing details and payment method. We do not store full card numbers.
[Vapi]Automated/assisted phone calls — phone numbers, call audio, transcripts, and outcomes.
[Twilio]Telephony and SMS delivery — phone numbers and message content/metadata.
[SendGrid]Email delivery — email addresses and message content.
[Lob]Direct mail (postcards/letters) — recipient names and mailing addresses.
[Hosting / analytics / OTHER]Website hosting, infrastructure, and usage analytics.

Keep this list current as your stack changes, and confirm each provider is covered by an appropriate data-processing agreement.

↑ Back to top

9 Communications & TCPA consent

We may contact you by email, phone, and text message about your mockup, your account, support, and — where permitted — marketing.

Calls & texts (TCPA). We place outreach calls and texts only to people who have given prior express consent or otherwise asked us to contact them — for example, by submitting our mockup form, requesting a callback, or becoming a client. We do not place cold automated or pre-recorded marketing calls to phone numbers we have merely obtained from public listings without consent. When you give us a number and ask us to reach you, you consent to receive calls and texts at that number from us or on our behalf, which may use automated dialing or pre-recorded/artificial voice technology. Consent is not a condition of any purchase. Message and data rates may apply.

How to opt out. Reply STOP to any text, tell us during a call, or email [CONTACT_EMAIL] to be removed. To stop marketing emails, use the unsubscribe link or email us. We honor opt-outs promptly.

When we place calls or texts on behalf of a client, the client is responsible for having a lawful basis to contact each recipient, and we act on the client's instructions.

↑ Back to top

10 Data retention

We keep personal information only as long as needed for the purposes in this policy — for example, to provide the Service, maintain your account, comply with legal, tax, and accounting obligations, resolve disputes, and enforce our agreements. When information is no longer needed, we delete or de-identify it. As general guidance (adjust to your real practice):

  • Mockup-form submissions from prospects we do not engage: retained for up to [12–24 months], then deleted, unless you ask us to delete sooner.
  • Client account, project, and billing records: retained for the life of the relationship and for [X years] afterward for legal and accounting purposes.
  • Call/text records and transcripts: retained for [X months/years].
↑ Back to top

11 How we protect information

We use reasonable administrative, technical, and physical safeguards designed to protect personal information — including access controls and limiting access to those who need it. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. You are responsible for keeping any account credentials confidential.

↑ Back to top

12 California privacy rights (CCPA/CPRA)

If you are a California resident, you have the right to:

  • Know / access the categories and specific pieces of personal information we collected, the sources, the purposes, and the categories of third parties we disclosed it to;
  • Delete personal information we collected from you, subject to exceptions;
  • Correct inaccurate personal information;
  • Opt out of any “sale” or “sharing” of personal information and limit use of sensitive personal information (to the extent these apply);
  • Non-discrimination for exercising your rights.

We do not sell personal information for money. [State here whether any disclosures count as a “sale” or “sharing” for advertising, and provide a “Do Not Sell or Share My Personal Information” method if so.] To exercise your rights, email [CONTACT_EMAIL] or write to the address in Section 16. We will verify your request and may ask for information to confirm your identity; an authorized agent may submit a request on your behalf with proof of authorization.

↑ Back to top

13 EU/UK rights (GDPR)

If you are in the European Economic Area, the United Kingdom, or a similar jurisdiction, you have rights to access, correct, delete, restrict, or object to our processing of your personal data, and to data portability. Where we rely on consent, you may withdraw it at any time. You may also lodge a complaint with your local data-protection authority.

Legal bases. We process personal data on the bases of: performance of a contract (providing the Service); our legitimate interests (operating, securing, and marketing our business, and building mockups for prospects), balanced against your rights; your consent (where required, e.g. certain marketing or cookies); and compliance with legal obligations.

International transfers. We are based in the United States, and your information may be processed there or in other countries. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) for transfers. [CONFIRM TRANSFER MECHANISM & ANY EU/UK REPRESENTATIVE WITH COUNSEL]

↑ Back to top

14 Children's privacy

The Service is for businesses and is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us at [CONTACT_EMAIL] and we will delete it.

↑ Back to top

15 Changes to this policy

We may update this Privacy Policy from time to time. We will revise the “Effective date” above and, for material changes, provide additional notice where reasonable. Your continued use of the Service after an update means you accept the revised policy.

↑ Back to top

16 How to contact us

For privacy questions or to exercise your rights:

[LEGAL_BUSINESS_NAME]
Attn: Privacy
[BUSINESS_ADDRESS — street, city, state, ZIP]
Email: [CONTACT_EMAIL]

↑ Back to top