Last updated: 2026-02-18
1. Introduction
This Privacy Policy explains how Jeremy Kidder ("we," "us," or "our") collects, uses, stores, and protects your personal information when you visit our website (mywork.makeitnice.world and associated subdomains), use our customer portal, or engage us for home improvement, web design, software development, or other services.
By using our website or engaging our services, you consent to the practices described in this Privacy Policy.
2. Information We Collect
2a. Information You Provide
- Contact form submissions: Name, email address, phone number, property address, and project description.
- Booking and estimate requests: Service type, scheduling preferences, project details, and property information.
- Customer portal registration: Name, email address, username, and password.
- Project communications: Messages, files, images, and documents you share with us through the portal, email, or other channels.
- Payment information: Billing name and address. Credit card details are processed by Stripe and are never stored on our servers.
- Web/software project assets: Content, images, logos, credentials, and other materials you provide for your project.
- Newsletter sign-ups: Email address.
- SMS opt-in: Phone number, when you consent to receive text messages.
2b. Information Collected Automatically
- Usage data: Pages visited, time on each page, scroll depth, click interactions (buttons, links), navigation patterns, entry/exit pages, and session duration.
- Device and technical data: Browser type, device type, screen size, operating system, language preference, timezone, and connection type.
- Performance data: Page load times to help us optimize site speed.
- Approximate location: Your IP address is used to determine approximate geographic location (city, region, country) via a third-party geolocation service (ip-api.com). This helps us understand where our visitors are located.
- IP address: Collected for security, analytics, and geolocation purposes.
- Cookies and session storage: See Section 5 for details.
2c. Customer Portal Data
If you use our customer portal (login.mywork.makeitnice.world), we additionally collect:
- Session security data: A hash of your browser's user agent and IP subnet, used to detect session hijacking. This is not used for tracking.
- Portal activity: Messages sent, files uploaded, and pages accessed within the portal.
3. How We Use Your Information
- Respond to your inquiries, provide estimates, and schedule services.
- Perform and manage the services you engage us for (home improvement, web design, software development, etc.).
- Communicate with you about your project via email, phone, text, or the customer portal.
- Send confirmation emails, appointment reminders, project updates, and follow-ups.
- Process payments and send invoices.
- Provide customer portal access for project tracking, messaging, and document sharing.
- Send newsletters and promotional offers (only with your consent).
- Send SMS notifications (only with your explicit opt-in consent).
- Improve our website, services, and customer experience through analytics.
- Protect against fraud, abuse, and unauthorized access.
- Comply with legal obligations.
4. SMS/Text Message Policy
If you opt in to receive SMS/text messages from us:
- You consent to receive transactional messages (appointment confirmations, project updates, reminders) and, if selected, promotional messages (offers, specials).
- Message frequency varies. Message and data rates may apply.
- You can opt out at any time by replying STOP to any message.
- Reply HELP for assistance.
- We will never share your phone number with third parties for their marketing purposes.
5. Cookies and Tracking Technologies
We use a small number of first-party cookies and browser storage. We do not use any third-party advertising or tracking cookies. For full details, see our Cookie & Session Notice.
| Name | Type | Purpose | Duration |
|---|
mw_rv | First-party cookie | Records whether you are a returning visitor. Contains only "1". | 365 days |
PHPSESSID | Session cookie | Maintains your login session (customer portal and admin panel only). Not set for regular website visitors. | Browser session |
mw_sid | Session storage (not a cookie) | Anonymous session identifier for grouping page views within a browsing session. Automatically deleted when you close the tab. | Tab close |
What We Track
- Pages visited, time spent on each page, and how far you scroll
- Clicks on buttons, links, and calls-to-action
- Form interactions (when you start filling out a form, which fields you interact with, whether you submit or leave the form)
- Page load performance
- Navigation patterns (entry page, exit page, page flow)
All analytics data is stored in our own database on our own server. We do not share this data with third-party advertising or analytics networks. We do not use Google Analytics, Facebook Pixel, or similar services.
You can control cookies through your browser settings. Disabling cookies may affect portal login functionality.
6. Third-Party Services
We use the following third-party services:
| Service | Purpose | Data Shared |
|---|
| Stripe | Payment processing | Billing details you provide at checkout. We never store your credit card information on our servers. Stripe Privacy Policy |
| Resend | Sending emails | Your email address and email content (confirmations, reminders, notifications). Resend Privacy Policy |
| ip-api.com | IP geolocation | Your IP address (for approximate location). Results are cached on our server to minimize requests. ip-api.com Terms |
We do not sell, rent, or trade your personal information to third parties.
7. Data Security
We implement reasonable administrative, technical, and physical safeguards to protect your information, including:
- Encrypted connections: HTTPS/TLS for all data in transit.
- Secure server infrastructure: Restricted access, regular updates, and security monitoring.
- Password protection: All passwords are hashed using bcrypt. We never store plaintext passwords.
- Session security: 30-minute idle timeout, session fingerprinting to detect hijacking (customer portal).
- Upload security: All file uploads are scanned for malware using ClamAV antivirus.
- HTTP security headers: Content Security Policy, HSTS, and other headers to protect against common web attacks.
- Regular backups: Database and file backups to protect against data loss.
No method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
8. Data Retention
- Contact form submissions and project records: Retained for the duration of our business relationship and for a reasonable period afterward (up to 3 years) for follow-up, warranty, and legal purposes.
- Customer portal accounts: Active for the duration of our business relationship. Inactive accounts may be archived or deleted after 12 months of inactivity, with prior notice.
- Analytics data: Aggregated analytics are retained indefinitely. Individual session records may be purged after 24 months.
- Payment records: Retained as required by applicable tax and financial regulations.
- Web/software project files: Source files, designs, and project assets are retained for a reasonable period after project completion. We do not guarantee indefinite storage of project files; clients should maintain their own copies of all deliverables.
- You may request deletion of your personal data at any time (see Section 10).
9. Web/Software Client Data
If we build a website, application, or software product for you, please note:
- Client-provided content: Any content, credentials, API keys, or other materials you provide for your project are used solely for that project and are kept confidential.
- Hosting: If we host your website or application, we are responsible for the security and maintenance of the hosting environment as agreed in our service terms.
- Your customers' data: If your website or application collects personal data from your own customers, you are responsible for having your own privacy policy and data handling practices in compliance with applicable laws. We can assist with this as part of the project.
- Access credentials: We will provide you with all access credentials (domain registrar, hosting, CMS, etc.) for your project. We may retain administrative access for maintenance purposes unless you request otherwise.
10. Your Rights
You have the right to:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your personal data (subject to legal retention requirements and active project obligations).
- Opt-out: Unsubscribe from marketing emails at any time via the unsubscribe link, or opt out of SMS by replying STOP.
- Data portability: Request your data in a standard, machine-readable format.
California Residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act, including the right to know what personal information we collect and the right to request deletion. We do not sell personal information.
European Residents (GDPR)
If you are located in the EEA or UK, you have additional rights under the GDPR, including the right to lodge a complaint with a supervisory authority and the right to restrict processing. Our legal basis for processing is contract performance (providing requested services), consent (for marketing), and legitimate interest (security and website improvement).
To exercise any of these rights, contact us using the information in Section 13.
11. Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will take steps to delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of our site or services after changes constitutes acceptance of the revised policy.
13. Contact Us
If you have questions about this Privacy Policy, your data, or wish to exercise your rights, contact us: