Privacy Policy

"
"

i 3 Table Of Content

Privacy Policy

Last Updated: February 15, 2026
Company: Norman Design Company, LLC (“NDC,” “we,” “us,” “our”)

 

1) Plain-language summary (quick read)

We collect information you choose to share (like when you fill out a form), plus some automatic data (like cookies and analytics). We use it to respond to you, provide services, improve the site, and, if you opt in, to send marketing by email and SMS. You can opt out of marketing anytime. Depending on where you live, you may have legal rights to access, delete, or opt out of certain data uses.

This summary is for readability. The detailed policy below controls.

2) Scope

This Privacy Policy describes how we collect, use, disclose, and protect personal information when you:

  • visit our website,

  • interact with our content, forms, chat tools, scheduling tools, or downloads,

  • communicate with us by email, phone, SMS, or social media,

  • receive marketing communications from us,

  • purchase or inquire about services.

This policy does not cover third-party sites or services that we do not control.

3) Definitions

  • Personal information: information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked to an individual or household.

  • Sensitive information: certain categories treated with extra care under some laws (examples can include precise geolocation, health-related data, government identifiers, and certain authentication credentials).

  • Controller / Processor: roles defined under some privacy laws and the GDPR.

4) Information we collect

4.1 Information you provide directly

Examples include:

  • Contact details: name, email, phone number, business name, role, address (if provided).

  • Inquiry details: project descriptions, goals, budgets, timelines, messages, files you upload.

  • Scheduling details: appointment preferences and related notes.

  • Billing details: invoice and transaction records (payment processing is typically handled by third-party processors; we generally do not store full payment card numbers).

  • Marketing preferences: opt-in status, consent records, communication preferences.

  • Accessibility requests: information you share to request accommodations.

4.2 Information collected automatically

When you visit our website, we may automatically collect:

  • Device and network data: IP address, browser type, device identifiers, operating system.

  • Usage data: pages visited, time spent, clicks, referring URLs, approximate location derived from IP.

  • Cookies and similar technologies: identifiers used to remember preferences, measure performance, and support advertising or remarketing where used.

4.3 Information from third parties

We may receive information from:

  • analytics and advertising partners (where implemented),

  • social media platforms if you interact with our pages,

  • service providers who support communications, scheduling, and customer relationship management,

  • referral partners, if you consent to being introduced.

5) How we use information

We may use personal information to:

  • Provide and operate the website.

  • Respond to inquiries and communicate with you.

  • Provide services and customer support.

  • Send transactional messages (confirmations, updates, invoices).

  • Send marketing communications by email and SMS when you opt in or when otherwise permitted.

  • Personalize content and improve user experience.

  • Measure performance, analytics, and conversion tracking.

  • Prevent fraud, abuse, and security incidents.

  • Comply with legal obligations and enforce our agreements.

6) Marketing communications, consent, and opt-out

6.1 Email marketing

If you opt in to marketing emails, we will send you promotional content, educational resources, and offers. Every marketing email will include an unsubscribe mechanism. We honor opt-out requests as required by law.

You may still receive non-marketing emails if necessary to provide services or respond to you.

6.2 SMS and MMS marketing

We send text messages only with appropriate consent and disclosures.

When you opt in: By providing your mobile number and completing an opt-in (for example: a checkbox, keyword text-in, or other affirmative action), you consent to receive recurring marketing texts from NDC at the number provided. Consent is not a condition of purchase. Message and data rates may apply. Message frequency varies.

Opt out anytime: Reply STOP to cancel. Reply HELP for help. We may send a final confirmation message after STOP. CTIA messaging best practices support these standard HELP/STOP flows and consumer protections.

Consent records: We maintain records of opt-in and opt-out events where required for compliance.

No sale of SMS consent: We do not sell or share SMS opt-in consent to third parties for their own marketing.

6.3 Marketing preference controls

You can opt out of:

  • marketing emails via unsubscribe links,

  • marketing texts via STOP,

  • targeted advertising cookies via cookie controls (where available) and certain browser signals described below.

7) Cookies, analytics, and targeted advertising

We may use cookies and similar technologies for:

  • Necessary functions (site security, load balancing, basic functionality),

  • Preferences (remembering settings),

  • Analytics (understanding usage and improving content),

  • Advertising/remarketing (showing relevant ads on other platforms, if enabled).

Depending on your state or country, certain cookie-based advertising may be considered a “sale” or “sharing” of personal information for cross-context behavioral advertising. California law, for example, treats certain disclosures for advertising as “sharing,” and requires a clear opt-out option when applicable.

Global Privacy Control (GPC): In certain jurisdictions (for example Colorado), controllers must recognize a universal opt-out mechanism such as GPC for targeted advertising and similar uses. Where legally required, we will honor such signals.

8) How we share information

We may share personal information with:

  • Service providers who perform services for us (hosting, analytics, email delivery, SMS delivery, scheduling, CRM, customer support tools, security monitoring). They are authorized to use information only as needed to provide services to us.

  • Professional advisors (legal, accounting) when necessary.

  • Compliance and safety: law enforcement, regulators, courts, or other parties when required by law or to protect rights, safety, and security.

  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets (with appropriate protections).

We do not sell personal information for money in the ordinary sense. If we engage in ad-related “sharing” as defined by certain privacy laws, we provide opt-out rights as described in this policy.

9) Data retention

We retain personal information only as long as reasonably necessary for:

  • the purposes described in this policy,

  • providing services and maintaining business records,

  • compliance obligations (including maintaining marketing consent records),

  • resolving disputes and enforcing agreements.

Retention periods vary by data type and legal requirements.

10) Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information. No method of transmission or storage is 100% secure, so we cannot guarantee absolute security.

11) Children’s privacy

Our website and services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, contact us so we can delete it.

12) Your privacy rights (US states and beyond)

Your rights depend on where you live and may include:

  • Access: confirm whether we process your data and obtain a copy.

  • Deletion: request deletion of certain data.

  • Correction: request correction of inaccurate data.

  • Portability: obtain data in a portable format (where applicable).

  • Opt out: targeted advertising, certain profiling, and sale/sharing concepts under applicable state laws.

  • Appeal: appeal a denial of a rights request (in some states).

Oregon: Oregon’s Consumer Privacy Act provides consumer rights including opting out of targeted advertising and sale of personal data.

California: California requires disclosures about personal information collection and may require a “Do Not Sell or Share” link when applicable.

Colorado: Colorado requires honoring a universal opt-out mechanism for certain opt-outs (such as GPC).

12.1 How to submit a rights request

Email lj@designndc.pro with the subject line: “Privacy Request” and include:

  • your name,

  • the email and/or phone number you used with us,

  • the state/country you reside in,

  • the specific request (access, delete, correct, opt out),

  • any relevant details to help us locate your information.

We may need to verify your identity before completing certain requests.

13) Washington My Health My Data Act notice (consumer health data)

NDC is not a healthcare provider, but some laws define “consumer health data” broadly. Washington’s My Health My Data Act restricts selling certain consumer health data without valid authorization and imposes specific consent and disclosure obligations.

We do not intend to collect consumer health data on this website. If you voluntarily submit health-related information in a message to us, we will use it only to respond to you and provide requested services, and we will handle it with heightened care.

14) International users (GDPR and similar laws)

If you are located in the European Economic Area (EEA), United Kingdom, or other regions with comprehensive privacy laws, you may have additional rights. We will process personal data only when we have a lawful basis to do so (such as consent, contract necessity, or legitimate interests) and will support applicable rights requests.

If international transfers occur, we will use appropriate safeguards where required.

15) Do Not Track

Browsers may offer “Do Not Track” signals. Because standards vary, we may not respond to all such signals. Where legally required, we honor recognized universal opt-out mechanisms (see GPC above).

16) Changes to this Privacy Policy

We may update this policy from time to time. The “Last Updated” date indicates when changes take effect.

22) Contact

Questions about these Terms:

  • Address: Norman Design Company, LLC, 30 N Gould St Ste N., Sheridan, WY 82801

  • Email: info@designndc.pro

Let's work together

Taking the first step can lead to transformative results. Whether you have a specific project in mind or just want to explore possibilities, we're here to listen, collaborate, and create solutions that align with your goals and values. Let’s start building something extraordinary—together.

Contact Us