Privacy Policy — CYFIROW LLC

Legal

Privacy Policy.

We collect only what we need to run the business, we never sell your data, and we tell you exactly who we share it with. This page explains all of that in plain English.

Last updated · 01 January 2026

1 — Who we are

This Privacy Policy applies to CYFIROW LLC ("CYFIROW", "we", "us", "our"), a limited liability company registered in the State of Wyoming, United States. Our principal contact for privacy matters is contact@cyfirow.com.

2 — What we collect

We only collect information that you voluntarily provide or that is necessary to operate our services. Specifically:

  • Contact information — name, email address, phone number, company name, and any details you submit through our project inquiry form or by emailing us.
  • Project information — briefs, reference files, feedback, and any content you share with us during an engagement.
  • Billing information — company name, billing address, and VAT/tax ID where applicable. We do not collect or store credit card numbers, bank account numbers, or full payment credentials on our systems (see §4).
  • Technical data — IP address, browser type, device information, referring URL, and pages visited, collected automatically by our hosting and analytics providers.

3 — How we use it

We use the information we collect to:

  • Respond to your inquiry and evaluate project fit;
  • Deliver the services you engage us for and communicate about the work;
  • Invoice you, collect payment, and comply with tax and accounting obligations;
  • Improve the performance, content, and security of our website;
  • Comply with applicable laws and respond to lawful requests.

We do not use your information for automated decision-making, profiling, or behavioural advertising.

4 — Payments (Stripe and PayPal)

When you pay an invoice, payment is processed by our third-party payment processors — currently Stripe, Inc. and PayPal Holdings, Inc. — and, where applicable, your bank. We share with these processors the information strictly necessary to process the payment: invoice amount, currency, invoice reference, your name, your billing email, and your billing address.

We do not receive or store your full card number, security code, or bank account credentials. Those are handled directly by Stripe or PayPal under their own privacy policies and their PCI-DSS-compliant infrastructure.

If you initiate a chargeback or dispute, the processor may share additional transaction and case information with us in order to resolve it.

5 — Cookies and analytics

Our website uses a minimal number of cookies and similar technologies:

  • Strictly necessary cookies — required for the site to function (e.g. session handling, CSRF protection on forms).
  • Analytics cookies — privacy-friendly, aggregated analytics to understand how the site is used. We do not run third-party advertising cookies or cross-site trackers.

You can disable cookies in your browser settings at any time. Doing so will not prevent you from browsing the site, but some features (notably the contact form) may be affected.

6 — Sharing and third-party service providers

We share your information only with vendors we use to operate the business, and only to the extent they need to perform their service:

  • Payment — Stripe, PayPal, and corresponding banks (see §4).
  • Email & productivity — Google Workspace for email, calendar, and document storage.
  • Hosting & analytics — our website hosting provider and a privacy-friendly analytics provider.
  • Accounting — our bookkeeping software and our certified accountants, for tax and compliance purposes.

We do not sell, rent, or license your personal information to any third party for marketing purposes. We may disclose information if required by law, a valid court order, or to protect our rights.

7 — Your rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you;
  • Correct inaccurate or incomplete information;
  • Request deletion of your information, subject to legal retention obligations;
  • Object to or restrict certain processing;
  • Receive a portable copy of the information you provided us;
  • Withdraw any consent you previously gave;
  • Lodge a complaint with a data protection authority.

To exercise any of these rights, email contact@cyfirow.com. We will respond within 30 days.

8 — Data retention

We keep personal information only for as long as we need it:

  • Inquiry messages that don't lead to an engagement — up to 12 months;
  • Client records and project files — for the duration of the engagement plus 7 years, to comply with US and international tax/accounting requirements;
  • Analytics data — aggregated and retained up to 26 months.

9 — Security

We take reasonable technical and organisational measures to protect your information, including TLS encryption in transit, access controls on our cloud storage, two-factor authentication on all team accounts, and strict need-to-know access policies. No system is perfectly secure, so we also commit to notifying affected parties within 72 hours of discovering any breach that meaningfully impacts their data.

10 — Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For material changes we will also notify active clients by email at least 14 days before the change takes effect.

11 — Contact

Questions, complaints, or requests regarding this policy should be sent to:

CYFIROW LLC
Attn: Privacy
30 N Gould St Ste R
Sheridan, WY 82801
United States
Email: contact@cyfirow.com
Phone: +212 612-164-494