Privacy Policy

Effective date: July 8, 2026
This document is written specifically for how Taxidermy Logbook actually operates today. It is not a substitute for review by a licensed attorney in your jurisdiction, and you should have it reviewed before treating it as final, particularly if your data practices or third-party providers change.

This Privacy Policy explains how Precision Web Design ("Company," "we," "us," or "our"), the owner and operator of Taxidermy Logbook (the "Service"), collects, uses, shares, and protects information in connection with the Service. By using the Service, you agree to the collection and use of information as described here. Precision Web Design is based in the State of Utah, United States.
Business address: [ADD YOUR BUSINESS ADDRESS HERE]

1. Information we collect

  • Account information — your name, email address, and a securely hashed password (we never store your password in plain text). If you contact us for support, we retain the content of that communication.
  • Business data you enter — customer records, project details, workflow stages, tannery tag codes, notes, and any other information you or your team add to run your shop ("Your Content"). This may include personal information about your own customers, which you are responsible for collecting lawfully — see Section 6 of our Terms of Service.
  • Billing metadata — your subscription plan, status, and billing dates. Your payment card details are collected and stored directly by Stripe, our payment processor; we never receive or store your full card number.
  • Technical and security data — information needed to operate and secure the Service, such as login timestamps, failed login attempts (used to detect and block brute-force attacks), IP address (used for rate limiting), and basic error logs. We do not use analytics or advertising trackers.
  • Cookies — a small number of essential cookies used to keep you signed in securely. See Section 5 below.

2. How we use information

  • To create and maintain your account and provide the Service to you;
  • To process subscription payments, trials, and renewals (via Stripe);
  • To send essential account, security, and billing notifications (via Resend), such as email verification, password reset, and signup confirmations;
  • To detect, prevent, and respond to fraud, abuse, or security incidents;
  • To respond to your support and contact requests; and
  • To comply with our legal obligations.

We use your information to operate the Service you've signed up for and to keep it secure — not to build advertising profiles or sell insights about you.

3. How we share information

We do not sell your personal information. We share information only with the following categories of service providers, and only as needed for them to perform services on our behalf:

  • Stripe, Inc. — processes subscription payments and stores your payment card details. See Stripe's Privacy Policy.
  • Resend — delivers transactional emails (verification, password reset, billing notices) on our behalf.
  • Railway — hosts our application and database infrastructure.

We may also disclose information if required by law, to protect our rights or the safety of our users, or in connection with a merger, acquisition, or sale of assets (in which case we will notify you as required by law).

Data isolation: Your account's business data is technically isolated from every other account on the Service — other users cannot see or access your customers, projects, or records.

4. Data retention

We retain your information for as long as your account remains active, or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. If you delete your account, your business data and account information are permanently and immediately removed from our production systems, except where retention is required by law (for example, certain billing records required by tax law) or persists briefly in routine backups before rotation.

5. Cookies

We use a small number of strictly necessary cookies to keep you signed in and to protect your session (for example, an authentication cookie that is HTTP-only and cannot be read by scripts). We do not use third-party advertising or cross-site tracking cookies. Because these cookies are essential to the Service functioning, they cannot be disabled while remaining signed in.

6. Your rights and choices

You have the following controls over your information at any time:

  • Access & correction — view and update your account details in Account Settings.
  • Export — export your project data to CSV or an individual project to PDF at any time.
  • Deletion — permanently delete your account and all associated data from Account Settings, after email and password verification. This action is immediate and cannot be undone.
  • Billing management — update your payment method, change plans, or cancel your subscription via the Stripe billing portal, linked from Account Settings.

If you are located in a jurisdiction that grants additional statutory privacy rights (such as the right to know, correct, or restrict processing of your personal information), contact us through our contact page and we will respond consistent with applicable law.

7. Security

We take the security of your information seriously. Measures we use include: bcrypt password hashing, automatic account lockout after repeated failed login attempts, HTTPS/TLS encryption in transit, HTTP-only session cookies, hashed (not plaintext) password-reset and email-verification tokens, and strict data isolation between accounts at the database query level. No method of transmission or storage is completely secure, and we cannot guarantee absolute security, but we work to protect your information using industry-standard practices.

8. Children's privacy

The Service is intended for business use by adults and is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will take appropriate steps to delete it.

9. International users

The Service is hosted and operated in the United States. If you access the Service from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States, which may have different data protection laws than your country of residence.

10. Third-party links

The Service may contain links to third-party websites (for example, Stripe's checkout and billing portal). We are not responsible for the privacy practices of third-party sites, and we encourage you to review their privacy policies.

11. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify you, such as posting a notice in the Service or emailing the address on file. The "Effective date" above reflects the most recent revision.

12. Contact us

Questions about this Privacy Policy or your data? Reach us through our contact page.