Privacy Policy - Murphy Website Design

1) Scope - what this policy covers

This Privacy Policy describes how Murphy Website Design (“Company,” “we,” “us,” “our”) collects, uses, discloses, and protects personal information when:

• You visit our website, contact us, or become a client; and
• We provide website development, deployment, maintenance, and (if requested) domain registration/renewal services.

Client websites: If we build/host a website for your business, the privacy practices for your website visitors are primarily governed by your business’s own privacy notice and choices (for example, whether you add contact forms, booking tools, embedded maps, analytics, or marketing trackers). We can help implement privacy-friendly configurations, but you control what you collect on your website.

2) Personal information we collect

A. Client/contact information (Account Data)

When you inquire about or sign up for services, we may collect:

• Full name
• Business name (if applicable)
• Email address
• Phone number
• Postal address
• Communications you send us (e.g., emails or messages requesting support/changes)

B. Domain registration information (Registrant Data)

If you ask us to register or renew a domain name in your name, we collect the information required by the domain registrar and domain registration rules. This commonly includes:

• Registrant/administrative contact name
• Postal address
• Email address
• Phone number

We use this information to submit domain registration/renewal requests and to manage domain settings and renewals on your behalf.

C. Billing and payment information (Payment Data)

If you pay by credit/debit card, card information (such as card number, expiration date, and security code) is collected and processed by our payment processor (for example, Stripe) through a secure payment flow.

We may also receive or store limited payment-related details such as:

• Billing name and billing address
• Payment status and transaction history (amount, date, invoice/receipt identifiers)
• Limited card metadata (for example, card brand and last four digits), when provided by the payment processor

Important: We do not intentionally store full card numbers or card security codes (CVV/CVC) on our own systems.

D. Website and device/technical data (Visitors and security logs)

When someone visits a website we host/manage (including our own site), our hosting and security providers may process technical information to deliver content and protect sites. This may include:

• IP address
• Device and browser information (for example, user agent)
• Request/response metadata, timestamps, and security events (for example, bot detection, rate limiting)

3) How we use personal information

We use personal information to:

• Provide, operate, and support our services (build, deploy, maintain, and update websites)
• Communicate with you (support, service notices, renewal reminders, and operational messages)
• Register, renew, and administer domain names if you request domain management
• Process payments, send invoices/receipts, and manage subscriptions and renewals
• Secure our services, prevent abuse, detect and mitigate malicious traffic, and troubleshoot issues
• Comply with legal obligations and enforce our agreements

4) Cookies and similar technologies

We do not use third-party advertising trackers on our own website. We do not intentionally install marketing/behavioral advertising cookies.

However, our hosting/security provider (Cloudflare) may set strictly-necessary cookies to provide security and performance features (for example, bot detection and challenge/clearance). Depending on configuration and visitor behavior, cookies may include:

• __cf_bm (bot mitigation)
• cf_clearance (challenge clearance)

These cookies are used for security and service delivery, not for cross-site advertising by us.

5) How we disclose/share personal information

We do not sell personal information.

We may disclose personal information to third parties only as needed to provide the services, including:

• Hosting/security/content delivery providers: Cloudflare (website hosting, delivery, and security)
• Domain registrars and related providers: to register/renew domains and manage DNS/domain administration
• Payment processors: for example, Stripe (to process payments and manage billing)
• Email and productivity providers: to send/receive client communications and service notices
• Professional advisors and legal authorities: if required to comply with law, protect rights, or respond to lawful requests

Third parties process information under their own privacy policies and terms.

6) International data transfers

We serve clients worldwide. Our vendors may process personal information in the United States and other jurisdictions where they operate. When transfers occur, we rely on vendor contractual protections and recognized transfer mechanisms offered by those vendors (for example, Standard Contractual Clauses where applicable).

7) Data retention

We retain personal information only as long as reasonably necessary for the purposes described in this policy, including:

• Account Data: while you are a client and for a reasonable period afterward for recordkeeping and dispute resolution
• Registrant Data: while we manage your domain registration and for a reasonable period afterward in case of renewal/disputes
• Payment Data: as needed for billing records, accounting, and to address chargebacks/disputes
• Technical/log data: for short periods as needed for security, debugging, and abuse prevention (as determined by our providers and our configurations)

8) Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information, including access controls and encryption in transit (HTTPS). No method of transmission or storage is 100% secure, but we work to reduce risk and respond appropriately to security issues.

9) Your rights and choices (including Texas TDPSA)

Depending on your residency and applicable law, you may have rights to:

• Confirm whether we process your personal data and access it
• Correct inaccuracies
• Request deletion
• Obtain a copy/portable version (where applicable)
• Opt out of certain processing (for example, targeted advertising, sale of personal data, or certain profiling), if we engaged in those activities

How to submit a request

Email us at: privacy@murphy-website-design.com

We may verify your identity before responding.

Response timing and appeals

We aim to respond within applicable legal timelines. If we deny a request, you may appeal by replying to our denial email or emailing privacy@murphy-website-design.com with “APPEAL” in the subject line. If an appeal is denied, we will provide information on how you may submit a complaint to the Texas Attorney General (for Texas residents where applicable).

Non-discrimination

We will not discriminate against you for exercising privacy rights.

10) Children

Our services are not directed to children under 13, and we do not knowingly collect personal information from children under 13.

11) Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version and revise the Effective Date. If changes are material, we may notify clients by email or via a notice on our website.

12) Contact

• Privacy questions and requests: privacy@murphy-website-design.com
• Support: support@murphy-website-design.com