Privacy Policy

1. Scope of this policy

This Privacy Policy applies to personal information handled by PlainPages through plain-pages.com, project inquiries, proposals, client communications, and the website design and related digital services we provide. In this policy, “PlainPages,” “we,” “us,” and “our” refer to the PlainPages website design studio based in Chiang Mai, Thailand.

This policy does not control the privacy practices of client websites or third-party services that have their own privacy notices.

2. Information we collect

We may collect information when you submit a form, contact us, request a quote, start or manage a project, subscribe to updates, make a payment, or otherwise interact with our website or services.

Information you provide

• Name, email address, phone number, business name, and contact preferences.
• Website addresses, social media links, brand materials, and business information.
• Project requirements, budget, timeline, messages, feedback, approvals, and files you send to us.
• Billing details, transaction records, and payment-related information if payment systems are used. Full payment card details are generally handled by the payment processor, not stored by PlainPages.

Information collected automatically

Our hosting, security, and form-protection tools may automatically receive technical information such as your IP address, browser and device type, operating system, pages visited, dates and times of access, referral source, general location derived from IP address, and diagnostic or security events.

We may also receive information from service providers or public business sources when reasonably necessary to communicate with you, manage a project, prevent fraud, or maintain accurate business records.

3. How we use information

We use personal information only for legitimate business and service purposes, including to:

• Respond to inquiries and communicate about potential or active projects.
• Prepare quotes, proposals, invoices, agreements, and project recommendations.
• Design, build, launch, maintain, and support websites and related systems.
• Manage client accounts, project files, feedback, approvals, payments, and support.
• Operate, troubleshoot, secure, and improve our website and services.
• Understand website performance and how visitors find or use the site.
• Prevent misuse, spam, fraud, and security incidents.
• Keep business, tax, accounting, and legal records and comply with applicable obligations.

PlainPages does not sell personal information.

We also do not use personal information for unrelated automated decision-making that produces legal or similarly significant effects.

4. Client website and customer data

When PlainPages builds, launches, maintains, or supports a client website, we may process personal information that belongs to the client or the client's customers. Examples include form submissions, booking details, newsletter fields, order or payment references, support messages, website account details, or content uploaded for the client's project.

For that information, the client is usually responsible for deciding what data is collected and why. PlainPages handles it only as needed to provide the agreed services, troubleshoot issues, secure the site, follow the client's documented instructions, or meet legal obligations. Clients should make sure their own website privacy notices accurately explain their data practices and third-party tools.

5. How information is shared

We may share information with trusted providers only when reasonably necessary to operate the business or provide services. Current providers used by this website or PlainPages operations may include Cloudflare for hosting, security, Workers, CDN, and Turnstile; Google Fonts for website typography; Google Forms and Google Workspace or Google Drive for contact-form handling, business email, project files, or documents; and email or form tools used to respond to inquiries.

Client projects may also use other third-party services chosen for that project, such as domain registrars, hosting platforms, CMS tools, booking tools, payment processors such as Stripe, analytics tools, newsletter tools, embedded maps, or other integrations. Those services are added only when relevant to the agreed project or business need.

Providers receive only the information needed for their role and process it under their own terms, privacy notices, and data-protection obligations. We may also disclose information if required by law, legal process, or a valid government request, or when reasonably necessary to protect rights, safety, property, or the integrity of our services.

If PlainPages is reorganized, sold, or transfers part of its business, relevant records may be transferred as part of that transaction, subject to appropriate confidentiality and legal safeguards.

6. Cookies and analytics

The website may use cookies, local storage, and similar technologies for core functionality, remembering design or language preferences, security, performance, and analytics. At present, the site does not install third-party advertising cookies or active analytics tracking scripts. If non-essential analytics or marketing technologies are introduced, we will update our practices and provide consent controls where required.

For more detail, read the Cookie Policy.

7. Data retention

We keep information only for as long as reasonably necessary for the purpose it was collected, including to respond to inquiries, perform services, maintain project history, resolve disputes, enforce agreements, and meet tax, accounting, security, or legal requirements.

• Inquiry records are usually kept long enough to reply, follow up, and understand whether a project is likely to proceed.
• Client project records, approvals, briefs, launch details, and support history may be kept while services continue and for a reasonable period afterward.
• Payment, invoice, tax, accounting, and contract records may be kept longer where needed for business records or legal obligations.
• Support and maintenance records may be kept while needed to troubleshoot recurring issues, document changes, and protect site security.

We may retain limited records of a deletion request when needed to document compliance.

8. Your choices and rights

Depending on where you live, you may have rights to request access to, correction of, deletion of, restriction of, or a copy of your personal information, or to object to certain processing. You may also withdraw consent where processing is based on consent.

To make a request, email us using the contact details below. We may need to verify your identity and may retain information when the law allows or requires it, including records needed to complete a contract, protect legal rights, prevent fraud, or meet accounting obligations. You may also manage cookies through your browser settings.

9. Security

We use reasonable administrative, technical, and organizational safeguards appropriate to a small digital service business. These may include reputable hosting, encrypted connections, access controls, account security, software updates, backups, and limiting access to people and providers who need it.

No method of transmission or storage is completely secure. We cannot guarantee absolute security, but we will take reasonable steps to investigate and respond to suspected incidents.

10. International users and processing

PlainPages serves clients internationally. Information may be processed in Thailand and in other countries where our service providers operate. Those countries may have different data-protection laws from your location. By using the website or working with us, you understand that information may be transferred and processed in those locations, subject to applicable safeguards.

11. Changes to this policy

We may update this Privacy Policy when our services, tools, or legal obligations change. The revised version will be posted on this page with a new “last updated” date. Material changes may also be communicated through the website or directly to affected clients when appropriate.

12. Contact