Legal

Privacy Policy

Last updated: April 21, 2026

This Privacy Policy describes how Apex Engage Digital ("we," "us," or "our") collects, uses, discloses, and protects information when you visit apexengagedigital.com or purchase any of our services.

1. Information we collect

Information you provide

  • Contact information — name, email address, phone number, company name when you fill out a form, request a proposal, or place an order.
  • Project details — descriptions of your project, technical requirements, brand assets, account credentials you choose to share with us during an engagement.
  • Payment information — when you place an order, payment is processed by Stripe, Inc. Your full card number, CVC, and expiration date never touch our servers. We store only the order amount, currency, Stripe session ID, payment intent ID, and the last four digits of the card (where Stripe returns it).

Information we collect automatically

  • Log data — IP address, browser type, pages visited, referring URL, and timestamps.
  • Cookies and similar technologies — small files stored on your device that help us remember preferences and measure traffic. You can disable cookies in your browser settings.
  • Analytics — we use privacy-respecting analytics (e.g., Plausible) and may use Google Analytics 4 with IP anonymization enabled. Where required, we deploy Consent Mode v2.

2. How we use information

  • To deliver the services you have ordered and communicate about your project.
  • To process payments, issue invoices, and prevent fraud.
  • To respond to your inquiries and provide customer support.
  • To send service-related emails (order confirmations, project updates, security notices).
  • To improve our website, services, and marketing — strictly on aggregated, de-identified data where possible.
  • To comply with legal obligations, including tax, accounting, and regulatory requirements.

3. Legal bases (EU/UK visitors)

Where the GDPR or UK GDPR applies, we rely on the following legal bases: contract performance (to deliver services you have ordered), legitimate interests (to operate and improve our business), consent (for non-essential cookies and marketing emails), and legal obligation (for tax and regulatory compliance).

4. How we share information

We do not sell your personal information. We share it only with:

  • Service providers — Stripe (payments), our hosting provider, email-delivery services, analytics tools, and project-management platforms — all bound by data processing agreements.
  • Legal authorities — when required by law, subpoena, or court order.
  • Business transfers — if we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you in advance.

5. International data transfers

We are based in the United States. If you access our services from outside the U.S., your information may be transferred to, stored, and processed in the U.S. Where required, we use EU Standard Contractual Clauses or equivalent safeguards.

6. Data retention

We retain your information for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce agreements. Order and tax records are typically retained for a minimum of 7 years. Contact-form submissions are retained for 24 months unless converted into an active engagement.

7. Your rights

Depending on where you live, you may have the right to:

  • Access, correct, or delete the personal information we hold about you.
  • Object to or restrict certain processing.
  • Withdraw consent at any time (without affecting prior lawful processing).
  • Data portability — receive your information in a portable format.
  • Lodge a complaint with a supervisory authority.
  • For California residents: opt out of "sale" or "sharing" of personal information (we do not sell or share for cross-context behavioral advertising).

To exercise these rights, email [email protected]. We will respond within 30 days.

8. Security

We use industry-standard safeguards including TLS encryption, hashed passwords, restricted database access, and least-privilege controls. No system is 100% secure, but we work hard to protect your information and notify you in the event of a material breach as required by law.

9. Children

Our services are not directed at children under 13 (or under 16 in the EU/UK). We do not knowingly collect personal information from minors.

10. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be highlighted on this page.

11. Contact us

Questions or requests about this policy? Reach our privacy team at:

  • Email: [email protected]
  • Address: Apex Engage Digital, 8 THE GREEN SUITE A, DOVER, DE 19901