Privacy Policy

1. Introduction

Chesapeake Code LLC ("Chesapeake Code," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit chesapeakecode.com or engage our services.

By using our website or services, you agree to the practices described in this policy. If you disagree, please discontinue use of our site and services.

2. Information We Collect

Information You Provide

• Contact forms: Name, email address, company name, phone number, project details, and budget range.
• Account registration: Email address and password (stored securely via our authentication provider).
• Client portal: Business information, project files, and communications related to your engagement.
• Payments: Billing information processed securely through Stripe. We do not store payment card details on our servers.
• Communications: Email, call, and chat records related to your inquiries and project work.

Information Collected Automatically

• Usage data: Pages visited, time spent, click paths, and referral sources via PostHog analytics.
• Device information: Browser type, operating system, screen resolution, and language preferences.
• IP address: Used for approximate geographic location and security purposes.
• Performance metrics: Core Web Vitals and page load times via Vercel Analytics.

3. How We Use Your Information

We use the information we collect to:

• Respond to inquiries and deliver services you request
• Process payments and send invoices
• Communicate project updates, milestones, and deliverables
• Improve our website, services, and user experience
• Send service-related notifications and updates (you can opt out)
• Comply with legal obligations and enforce our agreements
• Detect, prevent, and address fraud and security issues
• Analyze usage patterns to improve our offerings

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

4. Information Sharing

We share information only in the following circumstances:

• Service providers: We share data with trusted vendors who help us deliver services, including Supabase (database), Stripe (payments), Resend (transactional email), PostHog (analytics), and Vercel (hosting). Each is bound by appropriate data processing agreements.
• Legal requirements: We may disclose information if required by law, regulation, subpoena, or government authority.
• Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you before such transfer and provide opt-out options.
• With your consent: We will share information for any other purpose with your explicit consent.

5. Cookies and Tracking

Our website uses cookies and similar tracking technologies to improve your experience. Types of cookies we use:

• Essential cookies: Required for authentication, security, and core site functionality. Cannot be disabled.
• Analytics cookies: Help us understand how visitors use our site (PostHog, Vercel Analytics). These are first-party and privacy-friendly — no cross-site tracking.
• Preference cookies: Remember your settings and preferences.

You can control cookies through your browser settings. Disabling analytics cookies will not affect your ability to use our services.

6. Data Security

We implement industry-standard security measures to protect your information:

• TLS/HTTPS encryption for all data in transit
• Encrypted database storage via Supabase
• Row-level security policies restricting data access
• Regular security reviews and dependency updates
• Access controls limiting staff access to personal data

No security system is impenetrable. In the event of a data breach affecting your personal information, we will notify you as required by applicable law.

7. Data Retention

We retain your personal information for as long as necessary to:

• Provide ongoing services and support
• Comply with legal, tax, and accounting obligations (generally 7 years for financial records)
• Resolve disputes and enforce agreements

After the applicable retention period, personal data is securely deleted or anonymized. You may request earlier deletion subject to our legal obligations (see Section 8).

8. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion of your personal information, subject to legal retention requirements.
• Opt-out of marketing: Unsubscribe from marketing communications at any time using the link in any email.
• Data portability: Receive your data in a structured, machine-readable format.

To exercise these rights, submit an inquiry through our contact form. We will respond within 30 days.

9. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us immediately and we will delete it.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email to registered users and/or a prominent notice on our website, with at least 30 days notice before taking effect. We encourage you to review this policy regularly.

12. Contact Us

For questions, concerns, or requests related to this Privacy Policy: