Privacy Policy
Last updated: April 29, 2026
This Privacy Policy explains how Jaivee Hipolito, operating as Web Codex Co. ("we", "us", or "our") collects, uses, and protects your personal information when you visit our website or use our digital services.
1. Information We Collect
We collect information that you voluntarily provide to us, as well as data collected automatically when you use our website.
- Personal data: When you contact us or purchase our services, we may collect your name, email address, phone number, and billing information.
- Usage data: We automatically collect certain technical information, such as your IP address, browser type, operating system, and pages visited, to help us understand how our website is used.
2. How We Collect Data
We gather information through the following methods:
- Direct interactions: Data you provide by filling out contact forms, subscribing to communications, or entering into a service agreement.
- Automated technologies: Data collected via essential and analytics cookies as you navigate through our website.
3. Purpose of Data Collection
We use the collected information for the following purposes:
- To provide, operate, and maintain our web design and development services.
- To process your payments and manage your account.
- To communicate with you, including responding to inquiries and providing customer support.
- To improve our website functionality and user experience.
- To comply with legal obligations and enforce our terms of service.
4. Legal Basis for Processing (GDPR)
If you are a resident of the European Economic Area (EEA) or the UK, our legal basis for collecting and using personal data depends on the context:
- Consent: You have given us clear consent to process your data for a specific purpose.
- Contract: Processing is necessary for the performance of a contract with you (for example, delivering web design services).
- Legitimate interests: Processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights.
5. Use of Third-Party Services
We do not sell your personal data. We share data with trusted third-party service providers to operate our business effectively:
- Hosting & infrastructure: Vercel, Cloudflare.
- Database & storage: MongoDB (US-based servers), Cloudinary.
- Analytics: Google Analytics, Vercel Analytics, Google Search Console, Ubersuggest.
- Communications: Resend (email), Twilio (SMS).
- Payment processing: Stripe. We do not store your full credit card details on our servers; they are processed securely by Stripe.
7. Data Retention
We keep your personal information only as long as needed for the purposes in this Privacy Policy, unless a longer period is required to comply with the law, resolve disputes, or enforce our agreements.
8. Data Security
We apply reasonable technical and organizational measures to protect personal information against unauthorized access, misuse, alteration, or loss. No method of transmission over the Internet is fully secure.
9. International Data Transfers
Your information may be processed outside your province or country—for example where our service providers operate. Our databases (such as MongoDB) may be hosted in the United States, and hosting (such as Vercel) may use servers in Canada and the United States. By using our services, you acknowledge that cross-border transfers may occur. Where required, we rely on safeguards such as your consent and provider contracts that impose appropriate protections.
10. Your Privacy Rights
Depending on where you live, you may have rights regarding your personal information:
- Canada (PIPEDA): You may request access to the personal information we hold and ask that we correct inaccuracies.
- Europe (GDPR): Including access, correction, deletion, objection, restriction, and data portability where applicable.
- California (CCPA / CPRA): Including knowing what we collect, requesting deletion where applicable, and opting out of the sale of personal information—we do not sell personal information.
To exercise these rights, contact us using the details in Section 12.
11. Children's Privacy
Our services are not directed at children under 13 (or 16 where required). We do not knowingly collect personal information from children in that age range. Contact us if you believe we have done so—we will promptly delete such information where appropriate.
12. Contact Information
For questions or requests about this Privacy Policy:
Questions about this Privacy Policy? Contact us