Welcome to Nathan Allan Co. (“Nathan Allan Co.,” “we,” “us,” or “our”). Protecting your privacy is a priority, and we are committed to handling your personal information responsibly and transparently.

This Client Privacy Policy explains how we collect, use, store, and protect personal information from clients who use our website design services, website hosting services, and related offerings (including photography, videography, and online consultations).

By becoming a client, booking a service, or completing a transaction with us, you acknowledge that you have read and understood this Privacy Policy and consent to its terms.

We may update or modify this Privacy Policy from time to time to reflect changes in our services, legal requirements, or internal practices.

Any changes will become effective when posted on our website or otherwise communicated to you through reasonable channels (such as email or your admin dashboard).

Your continued use of our services after such changes constitutes your acceptance of the updated Privacy Policy. If you do not agree with the updated policy, you should discontinue using our services.

In the course of providing our services, we may collect the following types of information from clients:

Contact Information

• Full name
• Email address
• Phone number
• Billing or business address

Business or brand name

• Account and Admin Information
• Admin login email and username
• Role or permissions related to your website
• Settings and preferences within your admin dashboard

Payment and Billing Information

• Name on payment method
• Billing address
• Transaction details (amount, date, last 4 digits of card, card type, expiration date)
• Payment status and history

Project and Content Information

• Website content, text, images, logos, graphics, and media you provide
• Design preferences, brand guidelines, and project requirements
• Files you share via email, cloud storage, or upload

Technical and Usage Information (Client-Facing Systems)

• IP address and browser details when accessing your admin dashboard
• Login timestamps or activity logs used for security and troubleshooting
• Error logs or performance data related to your website

Communication Information

• Emails, messages, and support requests
• Notes from consultations or online meetings (e.g., Google Meet)

We do not collect full credit card numbers or full banking details directly; those are processed securely by third-party payment processors (such as Stripe or similar providers).

We collect personal information in the following ways:

Directly from You
When you:

• Inquire about services
• Complete onboarding forms
• Send emails, messages, or support requests
• Provide content and assets for your website
• Participate in consultations or meetings

Through Online Forms and Booking Systems
When you:

• Fill out contact, booking, or intake forms
• Schedule online meetings or consultations
• Submit project details or requests through your admin dashboard

Through Payment Processing
When you:

• Pay for services using our checkout or invoice links
• Use a Buy Now, Pay Later (BNPL) option, where available
  • Payment details are handled by third-party processors, who share limited billing metadata with us (e.g., card type, last 4 digits, transaction status).

From Technical Systems
When you:

• Access your admin dashboard or hosted website
• Trigger logs, security events, or error reports that help us secure and maintain your site

We use your information only as necessary to provide and improve our services, operate our business, and comply with legal obligations. This may include:

Delivering and Managing Services

• Designing and maintaining your website
• Hosting and managing your website infrastructure
• Providing ongoing design updates and support
• Managing your admin dashboard and account access

Communication and Support

• Responding to your messages and support inquiries
• Sending service-related updates or notices (e.g., maintenance, policy changes)
• Scheduling and conducting consultations or project review meetings

Billing and Payments

• Issuing invoices and processing payments
• Tracking payment status, credits, and adjustments
• Maintaining accounting and financial records as required by law

Security and Abuse Prevention

• Monitoring admin login and activity for suspicious behavior
• Preventing unauthorized access and protecting our systems and your data
• Investigating potential security incidents

Legal and Contractual Compliance

• Enforcing our Terms of Service and policies
• Responding to lawful requests from authorities
• Complying with tax, accounting, and regulatory requirements

Portfolio and Marketing Use (Limited)
With your permission or where appropriate, we may use non-sensitive aspects of your project (such as screenshots of your website design) in our portfolio, social media, or marketing materials. We will not disclose sensitive or private business information without your consent.

We do not sell your personal information to third parties.

Payments for our services are processed through third-party payment processors such as Stripe (and may include BNPL providers such as Affirm, if enabled). These providers handle your full payment details using encrypted, PCI-DSS compliant systems.

Nathan Allan Co. does not store your full credit card number or CVV. We may retain limited billing details such as:

• Name and email associated with the payment
• Billing address
• Card type and last four (4) digits
• Expiration date
• Transaction amounts, dates, and statuses

This information is used for:

• Verifying payments
• Issuing invoices or receipts
• Managing refunds or adjustments (where applicable)
• Meeting legal and tax obligations

For more details about how your payment data is handled, please review the privacy policies of our payment providers (e.g., Stripe, Affirm).

We do not sell, rent, or trade your personal information. We only share information in the following situations:

Trusted Service Providers
We may share limited data with third-party vendors who help us operate our business and deliver services, such as:

• Payment processors (e.g., Stripe, BNPL providers)
• Cloud storage and collaboration tools
• Email service providers
• Web hosting or server providers
• Scheduling or meeting platforms (e.g., Google Meet/Calendar)

These providers are only given the information they need to perform their services and are expected to protect it.

Legal and Regulatory Requirements
We may disclose your information if required to do so by law or in response to valid legal requests, such as subpoenas, court orders, audits, or government investigations.

Business Transfers
If Nathan Allan Co. undergoes a business transition (such as a merger, sale, or restructuring), client information may be transferred as part of the transaction. If this occurs, we will make reasonable efforts to ensure your information continues to be protected.

With Your Consent
In any other situation not covered above, we will only share your information with your explicit consent.

We take reasonable and industry-aligned measures to protect your personal information from unauthorized access, misuse, loss, or disclosure.

These measures may include:

• Secure, password-protected systems and admin panels
• Encryption of data in transit (e.g., HTTPS/SSL)
• Restricting access to client information to authorized personnel only
• Regular monitoring and maintenance of our hosting and security tools

However, no method of transmission or storage over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for safeguarding your login credentials and any passwords associated with your admin accounts.

If you suspect unauthorized access to your website or account, you should notify us as soon as possible at [email protected].

We retain client information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law.

In general:

• Billing and Transaction Records are kept for the period required by tax and accounting laws (often 5–7 years).
• Project and Website Assets may be retained while we are actively providing design or hosting services, and for a reasonable period afterward for recordkeeping, troubleshooting, or reactivation purposes.
• Admin and Access Logs may be retained for security, troubleshooting, and audit purposes for a limited period.

You may request that we delete or anonymize certain information, subject to legal, contractual, and technical limitations (see “Client Rights” below).

Depending on your location and applicable laws, you may have certain rights regarding your personal information. These may include:

• Right to Access – You can request a copy of the personal information we hold about you.
• Right to Correction – You can request that we correct inaccurate or incomplete information.
• Right to Deletion – You can request deletion of certain personal data, subject to legal and contractual obligations (for example, we may be required to retain some records for tax or legal reasons).
• Right to Restrict or Object – You may request that we limit how we use your information in certain circumstances.
• Right to Data Portability – Where applicable, you may request that we provide your data in a structured, commonly used, and machine-readable format.
• Right to Withdraw Consent – If our processing is based on your consent, you may withdraw that consent at any time (this does not affect processing done before withdrawal).

If you are located in regions such as the European Economic Area (EEA), United Kingdom, or California, you may have additional rights under applicable data protection laws.

To exercise any of these rights, please contact us at [email protected] with a clear description of your request. We may need to verify your identity before responding.

If you have any questions about this Client Privacy Policy, how your information is used, or if you would like to exercise your privacy rights, you may contact us at:

Nathan Allan Co.
📧 Email: [email protected]

If you prefer to contact us by mail, you may use the mailing address listed on our official website’s Contact page.