Privacy Policy

Graystorm LLC ("Graystorm," "we," "us," or "our") operates graystorm.xyz and provides development, consulting, and engineering services. This Privacy Policy explains what information we collect, how we use it, and the choices you have. We take privacy seriously: we do not sell, rent, or share your personal information with anyone for marketing purposes, ever.

1. Information We Collect

Information you give us directly

When you contact us through our website, request a quote, or engage us for services, you may provide information such as your name, email address, phone number, company name, and a description of your project. We only use this information to respond to you and deliver the services you've requested.

Payment information

All payments are processed by Stripe, Inc., a PCI-DSS Level 1 certified payment processor. When you pay us via credit card, debit card, or bank transfer (ACH), your payment details are submitted directly to Stripe and are never transmitted to, seen by, or stored on Graystorm's servers. Stripe handles the collection, processing, and storage of:

• Card numbers, expiration dates, and CVC codes
• Bank account and routing numbers
• Billing addresses tied to the payment method
• Any identity verification data required for fraud prevention

Stripe's handling of this data is governed by the Stripe Privacy Policy. We receive only a transaction confirmation, a receipt reference, and the last four digits of the payment instrument for our records.

Information collected automatically

When you visit graystorm.xyz, we and our analytics provider automatically collect limited technical information, including:

• Server logs: IP address, browser user-agent, referring URL, requested page, and timestamp
• Analytics data via Google Analytics: pages viewed, session duration, approximate geographic region, device and browser type, and anonymized visitor identifiers
• First-party cookies: small text files used to maintain session state, remember preferences, and support login functionality where applicable

2. How We Use Information

We use the information we collect solely to:

• Respond to inquiries and communicate with clients and prospects
• Deliver, invoice, and support the services we provide
• Process payments through Stripe and maintain billing records
• Understand how visitors use the site so we can improve it
• Protect the site against abuse, fraud, and security threats
• Comply with legal obligations such as tax and accounting requirements

3. How We Share Information

We do not sell, rent, trade, or share your personal information with third parties for their marketing or advertising purposes. Period.

We share information only in the following limited circumstances:

• Service providers we rely on to run the business, such as Stripe (payments), Google Analytics (traffic analytics), Mailgun (transactional email delivery), and our web hosting provider. Each of these providers is contractually obligated to handle data only for the purposes of providing their service to us.
• Legal and safety reasons, if we are required to disclose information by law, subpoena, or court order, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business transfers, in the unlikely event of a merger, acquisition, or sale of assets, in which case we would notify affected individuals before information is transferred.

4. Data Retention

We retain contact and project information for as long as necessary to serve our clients and meet our legal, tax, and accounting obligations. Server logs and analytics data are retained for a limited period and then aggregated or deleted. Payment records are retained by Stripe under their retention policies; on our side, we keep only the transaction references and receipts required for bookkeeping.

5. Security

We use industry-standard safeguards to protect the limited information we hold, including TLS encryption for all data in transit, access controls on administrative systems, and reputable infrastructure providers. Because all payment data is handled by Stripe, the most sensitive financial information never touches our systems. No method of transmission or storage is 100% secure, but we work to protect your information using reasonable commercial practices.

6. Your Rights and Choices

Depending on where you live, you may have rights regarding your personal information, including the right to access, correct, delete, or receive a copy of the information we hold about you, and the right to object to or restrict certain processing. To exercise any of these rights, contact us at the address below and we will respond within a reasonable timeframe.

You can also:

• Disable cookies in your browser settings (some site features may stop working)
• Opt out of Google Analytics using the Google Analytics Opt-out Browser Add-on
• Ask us to delete any inquiry or project information we hold about you

7. Children's Privacy

Our services are not directed to children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

8. International Visitors

Graystorm LLC operates in the United States. If you access the site from outside the U.S., your information will be transferred to, stored, and processed in the United States, which may have data protection laws different from those in your country.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Material changes will be highlighted more prominently or communicated directly where appropriate.

10. Contact Us

Questions about this Privacy Policy or how we handle your information? Get in touch:

Graystorm LLC
Email: hello@graystorm.xyz
Web: graystorm.xyz