Privacy Policy

We take your privacy seriously. This page explains what information we collect when you use this client intake form, how we use it, and how we protect it. We have written this in plain language on purpose. You deserve to know exactly what happens with your data, without having to decode legal jargon.

What information we collect

When you fill out and submit this client intake form, we collect the following:

Your full name
Your email address
Your brand or business name
Your website URL, if you choose to share it
Your preferred delivery timeframe
Your answers to the brand questionnaire, including any written descriptions, preferences, and uploaded inspiration images
Your country, inferred automatically from your network connection at the time of submission
A secure edit link sent to your email address right after submission, which lets you review and update your answers. The token behind this link is temporary and stops working after 30 days or after its first use.

We do not collect any payment information, identification documents, or sensitive personal data through this form.

How we use your information

The information you share with us is used for one purpose only: to understand your brand needs so we can do our best work for you. Specifically, your submission helps us prepare for your project kickoff, adapt our creative approach to your vision, and keep a record of your brief throughout the collaboration.

We do not use your information for marketing campaigns, analytics profiling, or any automated decision-making. We do not send you unsolicited emails based on your submission, beyond what is directly related to your project with us.

We do not sell or share your data

Your information is never sold to third parties. We do not work with advertising networks, data brokers, or third-party marketing services of any kind. Your submission is not used to build advertising profiles, and it is not shared with anyone outside our team.

The only time we would share information is if we were legally required to do so by a court order or applicable law, and only to the extent necessary.

Who can access your data

Your submission is stored securely in a private database. Only authorized administrators can access the dashboard where submissions are stored. No client can see another client's submission. Access is protected by authentication and limited to team members who need it to manage your project.

Your inspiration images and any uploaded files are stored in a private, access-controlled storage system. Direct links to your files are not publicly guessable or indexable.

How we protect your data

We take reasonable technical and organizational steps to keep your information safe. Our database and file storage are hosted on platforms that use industry-standard encryption at rest and in transit.

While no system on the internet can be guaranteed 100% secure, we do our best to make sure your data is handled responsibly.

Services we rely on

To run this form, store your data, and send confirmation emails, we work with a small number of trusted service providers. Each of them handles your data directly:

Netlify hosts the site and runs the serverless functions that receive and process your submission. Every request goes through Netlify's infrastructure.
Supabase is the database engine that stores your answers and project data. Data is encrypted at rest and in transit.
Resend is the email delivery service used to send you a confirmation email and your secure edit link after submission. Resend processes your email address and a summary of your submission to carry out the delivery.

These services do not use your data for their own commercial purposes. They are infrastructure tools only.

Draft saving in your browser

The form uses your browser's local storage to automatically save your answers as you type, so you don't lose your work if you close the tab.

How long we keep your data

We keep your submission for as long as it is relevant to your project and our working relationship. If you would like your information removed, just send us an email.

Your rights

You have the right to ask us what data we hold about you, request a correction if anything is inaccurate, and ask us to delete your data.

Security checks

To protect the form against abuse and automated submissions, we implement several server-side security layers:

Cloudflare Turnstile — a non-intrusive verification system (similar to a CAPTCHA) that runs in your browser at the time of submission. It confirms you are a human user by analysing behavioural signals, without requiring you to solve puzzles or create an account. The verification result is sent to Cloudflare's servers for validation. Cloudflare may temporarily process your IP address as part of this.
Honeypot field — an invisible form field that is hidden from human users but visible to bots. If this field is filled in, the submission is silently and automatically rejected.
Rate limiting — we limit the number of submissions and duplicate checks allowed per IP address within a rolling time window. Your IP is used temporarily in memory for this purpose only and is never permanently stored in our database.
Field length validation — the length of each form field is checked server-side to prevent injection or overflow attempts.

These measures exist solely to ensure the integrity of the form. They are not used to identify you, profile you, or collect data beyond what is described in this policy.

Country detection

When you submit the form, we automatically detect your country from network headers provided by our hosting infrastructure. Only the country name is stored — not your IP address, city, or region. It is used solely to give us context on incoming requests and has no effect on how your project is handled.

Changes to this policy

If we make any meaningful changes to how we handle your data, we will update this page and revise the date at the top.

Questions

If you have any questions about this policy or about how your data is handled, please reach out through our website. We are happy to talk through anything that is unclear.