Privacy policy

What we collect

When you submit the intake form we store your name, email, optional site URL, the plan you indicated, and your message. When you hire us for a cleanup we are given temporary administrative access to the site you bring us (SFTP/SSH and a WordPress admin account).

What we do with it

• Reply to your inquiry.
• Perform the cleanup or audit you have engaged us for.
• Send a forensic report and follow-up correspondence about the engagement.

We do not sell your data. We do not share it with advertising networks. We do not run third-party analytics or tracking pixels on this site.

Access we are given during a cleanup

We treat any credentials you share as sensitive. Access is rotated at the end of the engagement: WordPress admin user removed, SFTP/SSH key revoked, database password rotated where we touched it. We retain logs of changes made during the cleanup so we can produce the forensic report and honor the 30-day reinfection guarantee.

Retention

Inquiry submissions are kept for as long as we have an active relationship plus 24 months for tax and dispute purposes. Forensic reports are retained for two years and then deleted, unless you have asked us in writing to keep them longer.

Your rights

If you are in the EU/UK, you have the right to access, correct, or delete your personal data, and to lodge a complaint with your local supervisory authority. Email [email protected] with any request.

Contact

Questions about this policy: [email protected]