Privacy Policy

RoomCraft Design Studio ("we," "our," or "us") is an interior design and 3D visualization studio headquartered at 830 Horan Dr, Fenton, MO 63026. We are committed to protecting the privacy and personal information of every individual who visits our website, submits an inquiry, or engages with our professional design services.

This Privacy Policy describes in detail the types of information we collect, the purposes for which we collect and process that information, the circumstances under which we may share it with third parties, and the rights and choices available to you with respect to your personal data. By accessing our website or submitting any information through our contact forms, you acknowledge that you have read, understood, and agree to the practices described herein.

We believe that privacy is a fundamental right, not a feature. Our data practices are designed to be transparent, minimal, and purposeful. We do not sell, rent, or trade your personal information to any third party for marketing purposes, and we never will. Every piece of data we collect serves a specific, legitimate purpose directly related to delivering our design services to you.

We collect information through multiple channels and methods. The specific data we collect depends on how you interact with us and the nature of the services you request. We categorize the data we collect as follows:

Sensitive data: We do not intentionally collect any sensitive personal information such as racial or ethnic origin, political opinions, religious beliefs, health information, or biometric data. If you voluntarily include such information in project briefs or communication, we treat it with the highest level of confidentiality.

Photographs and visual materials: When you share photographs of your existing spaces for design purposes, we treat these as project-specific confidential materials. They are used solely for the purpose of delivering your design project and are not shared, published, or used for promotional purposes without your explicit written consent.

We use the personal information we collect exclusively for legitimate business purposes related to providing our interior design and visualization services. We operate under the principle of data minimization — meaning we only process data that is strictly necessary for the stated purpose.

• To respond to your inquiries, questions, and project requests in a timely and professional manner
• To develop, deliver, and refine design concepts, floor plans, 3D visualizations, and related deliverables specific to your project
• To communicate project updates, revision notes, delivery timelines, and milestone confirmations
• To process payments, issue invoices, and maintain financial records as required by law
• To send service-related notifications, such as project completion confirmations or policy updates
• To analyze aggregate, anonymized usage data to improve our website performance and user experience
• To comply with applicable legal obligations, court orders, or regulatory requirements
• To protect against fraud, unauthorized access, or misuse of our services

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects. We do not use your contact information to send unsolicited marketing communications. Any promotional messages will only be sent with your prior, explicit consent, and you may withdraw that consent at any time.

Our website uses cookies and similar tracking technologies to enhance your browsing experience, understand how visitors interact with our content, and ensure the technical functionality of the site. A cookie is a small text file stored on your device when you visit a website. We categorize the cookies we use as follows:

• Strictly necessary cookies: These are essential for the website to function correctly. They enable core functionality such as page navigation, form submission, and security features. These cookies cannot be disabled.
• Analytics cookies: We use anonymized analytics to understand which pages visitors view most often, how long they stay, and where they come from. This data is aggregated and never linked to individual identities. We use tools such as Google Analytics with IP anonymization enabled.
• Preference cookies: These remember settings or choices you make (such as language preferences) to improve your experience on return visits.
• Performance cookies: Used to collect information about how our website performs, including page load times and error messages, so we can continuously improve technical quality.

You can control cookie settings through your browser preferences. Most browsers allow you to refuse new cookies, delete existing cookies, or be notified when a cookie is being set. Note that disabling certain cookies may affect the functionality of some parts of our website. We honor Do Not Track (DNT) signals and will not engage in behavioral tracking when a DNT signal is detected.

In operating our business and website, we engage certain trusted third-party service providers who may process limited personal data on our behalf. We carefully vet all third-party partners and require them to handle data in accordance with applicable privacy laws. We do not authorize third parties to use your data for any purposes other than those specified in our agreements with them.

• Payment processors: We use industry-standard payment processing services to handle financial transactions. We do not store or have access to full payment card numbers. All payment data is encrypted and handled according to PCI DSS standards.
• Email services: Project correspondence and notifications may be transmitted through professional email platforms that maintain their own security certifications.
• Cloud storage: Design files, renders, and project assets may be stored on secure, encrypted cloud platforms with access restricted to authorized team members and the client.
• Website hosting and infrastructure: Our website is hosted on platforms that maintain industry-standard security certifications and data protection practices.
• Analytics providers: As described in Section 04, we use anonymized analytics tools to understand website performance.

Our website may contain links to third-party websites, social media platforms, or resources. We are not responsible for the privacy practices or content of those external sites. We encourage you to review the privacy policies of any third-party sites you visit through links on our website.

We retain personal data only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law. Our general retention practices are as follows:

Upon expiry of the retention period, personal data is securely deleted or anonymized so that it can no longer be linked to any individual. Project files (renders, floor plans, etc.) may be retained in anonymized or portfolio form only with your explicit consent.

Depending on your location and applicable law, you may have the following rights with respect to your personal data. We take these rights seriously and will respond to all legitimate requests within 30 days.

• Right of access: You have the right to request a copy of the personal data we hold about you, including information on how it is being used and with whom it has been shared.
• Right to rectification: If any information we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated.
• Right to erasure ("right to be forgotten"): You may request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, when you withdraw consent, or when there is no overriding legitimate interest for us to continue processing it.
• Right to restriction: You may request that we temporarily restrict processing of your data while a dispute about accuracy or lawfulness is resolved.
• Right to data portability: Where processing is based on consent or contract, you may request your data in a structured, commonly used, machine-readable format.
• Right to object: You may object to processing based on legitimate interests or for direct marketing purposes at any time.
• Right to withdraw consent: Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact us using the information provided at the bottom of this policy. We may need to verify your identity before processing your request. We will never charge a fee for exercising your privacy rights unless a request is manifestly unfounded or excessive.

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, accidental loss, alteration, disclosure, or destruction. Our security practices include:

• TLS/SSL encryption for all data transmitted between your browser and our website
• Access controls ensuring only authorized personnel can access personal data
• Regular security reviews and vulnerability assessments of our website and infrastructure
• Encrypted storage for sensitive project files and client communications
• Employee training on data protection best practices and confidentiality obligations
• Incident response procedures to promptly address and report any data breaches in accordance with applicable law

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly notifying affected individuals and relevant authorities in the event of a breach that poses a risk to your rights and freedoms.

Our services are intended exclusively for adults aged 18 years and older. We do not knowingly collect, solicit, or process personal information from individuals under the age of 18. Our website is not directed at children, and we do not market our services to minors.

If we become aware that we have inadvertently collected personal data from a person under 18, we will take immediate steps to delete that information from our records. If you believe we may have collected information from or about a child under 18, please contact us immediately using the contact information provided in this policy.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will update the "Last updated" date at the top of this policy and, where appropriate, provide more prominent notice (such as a notice on our website homepage or a notification to clients with active projects).

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website or services after changes are posted constitutes your acknowledgment of the updated policy. If you disagree with any changes, you have the right to discontinue using our services and request deletion of your data.

Archived versions of this Privacy Policy are available upon request. If you have questions about what has changed between versions, please contact us directly and we will be happy to explain.