Colorado Springs · serving the U.S. & Canada Custom-coded. Custom-cared-for.
(928) 315-9094 hello@pikespeakwebdesigns.com Client portal →
How It Works What's Included What I Build For You The Service Site Standard Pricing Return on Investment Service Agreement Sample Websites Sample Forms Technical Approach
Site Grader Lead-Leakage Calculator Free 5-Point Audit Walk-Through Results Status & Performance Public Changelog
vs. Wix vs. Squarespace vs. GoDaddy vs. Webflow vs. WordPress vs. AI Builders vs. Agencies vs. Freelance Dev
View all service areas → Phoenix, AZ Los Angeles, CA Denver, CO Miami, FL Tampa, FL Atlanta, GA Chicago, IL Charlotte, NC Las Vegas, NV Philadelphia, PA Nashville, TN Dallas, TX Houston, TX San Antonio, TX Seattle, WA Calgary, AB Vancouver, BC Toronto, ON Montreal, QC
Blog FAQ Glossary Owner's Guide Public Changelog
About Jon Ajinga Results Status & Performance The Tools I Use Style Guide Accessibility Press & Media Kit Partner Program Partner Agreement Sitemap
Veterans First Responders Medical Personnel
Client Portal Onboarding Content Updates Design Feedback Emergency Support Make A Referral Submit A Testimonial
Discovery Call Quick Question (928) 315-9094 hello@pikespeakwebdesigns.com
Appearance
Start Now Or Start a Conversation
Existing client? Open the Client Portal
Legal

Privacy Policy

Last updated: April 25, 2026

Pikes Peak Web Designs ("I," "me," or "my") operates the website pikespeakwebdesigns.com and builds and maintains websites for small businesses. This Privacy Policy explains what information I collect, what I do not, what tools touch the data, and your rights regarding any of it. By using this website you agree to the practices described here. If you are an existing client, this policy is also the privacy posture we apply to the websites I build for you.

1. The short version

  • I do not use advertising trackers, third-party cookies, or behavioral profiling on this site or on any client site I build.
  • I do not sell, rent, or share personal data with any party for their marketing purposes. Ever.
  • Form submissions go directly to my email via Web3Forms; I do not store a copy on my servers.
  • Analytics is server-side and cookie-free (Cloudflare Web Analytics + Umami, both included on every site). No GDPR cookie banner needed.
  • You can ask me to delete anything I hold about you at any time. I act on it within 30 days.

2. Information I collect

2.1 Information you provide directly

When you submit a form on this website (contact, booking, onboarding, design feedback, content update, emergency, referral, or testimonial), I collect whatever fields you fill in. The set varies by form, but typically includes:

  • First and last name
  • Business name (where applicable)
  • Email address
  • Phone number (where applicable)
  • Information about your current website and what you are looking for
  • Any additional context you include in your message

This information is used solely to respond to your inquiry and, if you become a client, to provide my web design and maintenance services.

2.2 Information collected automatically

When you visit this website, basic technical information is collected by my hosting provider and analytics tools (described in detail in section 5). This includes IP address (truncated for analytics), browser type, operating system, referring URL, viewport size, and pages visited. This data is used in aggregate to understand site usage and identify technical issues. It is not tied to your identity and is not sold or shared.

2.3 Client business data

If you are an existing client, we hold whatever you've sent us during the build and over the course of the relationship: brand assets (logos, photos), business details (hours, services, prices), credentials (license numbers, certifications, copies of insurance certificates if you've sent them), and any communications. I treat this as confidential business information.

3. How I use your information

I use the information I collect to:

  • Respond to your inquiry and communicate with you about my services.
  • Provide, fulfill, and improve the web design and maintenance services I offer.
  • Send service-related communications (invoices, project updates, support responses, deploy notifications).
  • Comply with legal obligations.

I do not send marketing emails, newsletters, or promotional communications unless you have explicitly requested them. I do not use your information to "enrich" a marketing database, profile you, or build behavioral segments.

4. Form submissions and Web3Forms

Form submissions on this website (and on every client site I build) are processed by Web3Forms, a third-party form backend. When you submit a form, your data is transmitted over HTTPS to Web3Forms' servers and forwarded to the email inbox of the recipient (us, or my client). Web3Forms' own privacy policy governs the handling of data on their infrastructure. Web3Forms does not run advertising trackers and does not retain submission content beyond what's needed to deliver the email.

I do not store form submissions on my own servers beyond what arrives in my inbox. Spam protection is via a hidden honeypot field plus Web3Forms' rate limiting; no CAPTCHA is used.

5. Cookies, tracking, and analytics

This website does not use cookies for advertising, tracking, or behavioral profiling. The only cookies set by this site are functional and first-party (e.g. remembering your light/dark theme preference). They are stored only in your browser and are not transmitted to any third party.

Analytics tools I use on this site:

  • Cloudflare Web Analytics: server-side Real User Monitoring. Collects request-level data (URL, referrer, country, device class, Core Web Vitals timings) without setting any client-side cookies. Aggregated and anonymized. Cloudflare's privacy posture.
  • Umami: cookie-free, open-source analytics. Included on every monthly-plan site, every client gets a private dashboard link on launch day. Records page views, referrers, devices, and basic interaction data with no cross-site tracking. Umami's privacy posture.

Neither tool requires a cookie consent banner under GDPR or CCPA because neither sets identifying cookies and neither shares data with advertising networks.

Analytics tools I do NOT use on this site: Google Analytics, Facebook/Meta Pixel, LinkedIn Insight Tag, TikTok Pixel, X (Twitter) Pixel, or any third-party advertising script. I can add Google Analytics 4 to a client site at the client's request, but only at the client's explicit instruction. I discourage it because it requires a cookie banner and gets blocked by most modern browsers anyway.

6. Subprocessors

The following third parties may process data on my behalf or on behalf of clients whose sites I build. Each is selected for its privacy posture and is under written contract not to misuse data.

7. Data retention

I retain email correspondence (including form submissions) for as long as necessary to fulfill the purpose for which it was collected, typically for the duration of my business relationship with you and for a reasonable period afterward for record-keeping (commonly 7 years for tax and contract purposes). Cloudflare's server-level access logs are retained per Cloudflare's policy; Umami logs aggregate page views indefinitely with no personal identifiers.

If you would like me to delete your information, email me at hello@pikespeakwebdesigns.com and I will do so within 30 days, except where I am required by law to retain it.

8. Security

I take reasonable precautions to protect your information.

  • This website and every site I build is served over HTTPS with HSTS preload.
  • Form submissions are transmitted over TLS 1.3 to Web3Forms and arrive in my inbox over encrypted email transport.
  • Source code lives in private GitHub repositories with branch protection and signed commits.
  • Strong security headers (Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy) are set on every response.
  • I do not store passwords or authentication tokens for client systems on my infrastructure beyond what's required to deploy.

However, no method of transmission over the internet is 100% secure, and I cannot guarantee absolute security. If I ever discover a breach affecting your information, I will notify you within 72 hours of confirming the scope.

9. Children's privacy

This website is not directed at children under the age of 13, and I do not knowingly collect personal information from children. If you believe I have inadvertently collected information from a child, please contact me and I will delete it immediately.

10. Your rights

You have the right to:

  • Request a copy of the personal information I hold about you (subject access request).
  • Request that I correct inaccurate information.
  • Request that I delete your personal information ("right to erasure").
  • Withdraw consent to my use of your data, where consent is the basis for processing.
  • Lodge a complaint with a supervisory authority (e.g. your state attorney general's office, or an EU data protection authority if applicable).

For California residents under CCPA / CPRA, you additionally have the right to know what personal information I collect, the right to non-discrimination for exercising your rights, and the right to opt out of any "sale" or "sharing" of personal information. I do not sell or share personal information as defined under CCPA / CPRA.

For EU/UK residents under GDPR / UK GDPR, my legal basis for processing is performance of a contract (when you've contacted me about services) and legitimate interest (basic analytics). You have all rights described in Articles 15-22.

To exercise any of these rights, email me at hello@pikespeakwebdesigns.com. I will respond within 30 days.

11. International transfers

My subprocessors operate global infrastructure. Cloudflare's edge spans 300+ cities; Web3Forms is US-based; Bunny is EU-based. Where personal data is transferred outside the country it was collected, I rely on the subprocessors' Standard Contractual Clauses or equivalent transfer mechanisms.

This website may contain links to third-party websites (Cloudflare, Web3Forms, GitHub, Bunny Fonts, Eleventy, Pagefind, individual client demo sites, etc.). I am not responsible for the privacy practices of those sites and encourage you to review their policies.

13. Changes to this policy

I may update this Privacy Policy from time to time. When I do, I will update the "Last updated" date at the top of this page. Material changes (new categories of data collected, new subprocessors, changes to your rights) will be communicated to existing clients by email. Continued use of the website after any changes constitutes acceptance of the updated policy.

14. Contact

Questions about this Privacy Policy, or wanting to exercise any of the rights above? Reach us at:

Pikes Peak Web Designs
Colorado Springs, CO
hello@pikespeakwebdesigns.com
(928) 315-9094