Privacy Policy.

Modern Web Systems (“MWS”, “we”, “us”) operates the website at modernwebsystems.com (the “Site”), a marketing site for our web design, development, and automation services. This policy explains what data is processed when you visit the Site and what rights you have over it. It applies to the Site only — work we do for clients is governed by separate agreements.

Two categories, and nothing else:

• Hosting and server logs. Our hosting provider (Vercel) automatically logs standard request data when you load a page: your IP address, browser user-agent, the pages requested, and timestamps. IP addresses can be personal data, and we treat them as such. We use these logs only to operate and secure the Site.
• Information you email us. The Site’s contact option is a plain email link. If you write to us, we receive your email address and whatever you include in your message — voluntarily and on your terms.

We have no user accounts, no contact forms, no analytics, no advertising or tracking scripts, and we do not collect sensitive personal information of any kind.

• Server logs — operating, securing, and debugging the Site. Under the GDPR, our legal basis is legitimate interest (Art. 6(1)(f)): running a functioning, secure website.
• Email you send us — responding to your inquiry and, if you engage us, taking steps toward that engagement. Legal bases: your consent (Art. 6(1)(a)) and pre-contractual steps (Art. 6(1)(b)).

We practice data minimization: if we don’t need it, we don’t collect it.

The Site’s own code sets no cookies. Two technical details worth knowing:

• Vercel, our host, may set minimal infrastructure cookies needed to serve the Site reliably. These are strictly necessary and contain no tracking.
• When you dismiss our cookie notice, we store a single flag in your browser’s local storage so we don’t ask you again. It contains your choice and nothing else. This kind of storage — remembering a preference you explicitly set — is exempt from consent requirements, but we tell you about it anyway.

If we ever add analytics, it will load only after you opt in, and this policy will be updated first.

• Vercel — hosts the Site and processes server logs as described above. See Vercel’s privacy documentation for their practices and retention.
• Stripe — some pages on this Site link to invoice and payment pages hosted by Stripe. Anything you do on those pages (including payment details) is collected by Stripe under Stripe’s privacy policy, not this one. We never see your card details.

We share personal data with no one else.

We do not sell personal information, and we do not share it for cross-context behavioral advertising (the California CCPA/CPRA’s definition of “share”). We have not done so in the preceding 12 months, and we have no plans to. Because of this, no “Do Not Sell or Share” opt-out is needed — there is nothing to opt out of.

• Server logs are retained per Vercel’s standard rotation windows — short-lived and automatic. The criterion: as long as needed for operations and security, no longer.
• Emails are kept as long as needed to handle your inquiry or any engagement that follows from it, then deleted.

If you are in the EU/EEA or UK (GDPR), you have the right to access, correct, delete, restrict, or object to the processing of your personal data; to data portability; to withdraw consent at any time; and to lodge a complaint with your supervisory authority.

If you are a California resident, we voluntarily honor CCPA/CPRA rights regardless of whether the law’s thresholds apply to a business of our size: the right to know what we hold about you, to correct it, to delete it, and to opt out of sale or sharing (not applicable — we do neither). We will never retaliate against you for exercising any right.

In practice, the data we could possibly hold about you is your email correspondence — and we’ll happily show you, correct it, or delete it on request.

Email hello@modernwebsystems.com with your request. To protect you, we may ask you to confirm control of the email address the data relates to — that’s the entire verification process. Requests are honored free of charge, normally within 30 days.

The Site is not directed at children under 13, and we do not knowingly collect personal information from them. If you believe a child has sent us personal information, contact us and we will delete it.

The Site is operated from the United States and hosted on US infrastructure. If you visit from elsewhere, your request data is processed in the US. We honor the rights in section 8 for all visitors, wherever you are.

The Site is served over HTTPS, and we apply reasonable technical and organizational measures appropriate to the minimal data we handle. No website can promise perfect security — but our best protection is structural: we simply don’t hold much of your data in the first place.

When this policy changes, the new version is posted here with an updated date at the top. Material changes will be flagged prominently on the Site. We review this policy at least annually.

Privacy questions, requests, or complaints: hello@modernwebsystems.com. We’d rather over-answer than under-answer.