B1
B2
B3
B4
Sheet 02 Products
B1
B2
B3
B4
Section 01

Introduction

When you use our services, you're trusting us with your information. We take that responsibility seriously and are committed to being transparent about what we collect, why we collect it, and how you can manage, export, or delete your data.

This Privacy Policy applies to Light Web LLC and covers the website and services available at lightweb.digital, including our public inquiry form and, once available, our secure customer portal for manufacturing file submissions.

By using this site, you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the site.

Who We Are — Data Controller

Light Web LLC is the data controller responsible for your personal information. Our contact information is provided in Section 15.

Scope

This policy covers the lightweb.digital website, the customer inquiry form, the customer account portal and file submission system (when available), and transactional communications we send you. It does not cover third-party websites we may link to.

Section 02

Information We Collect

We collect information to provide and improve our services. What we collect depends on how you use the site.

A. Information You Provide Directly
  • Inquiry form: Name, company, email address, and the content of your message. We may also collect your phone number if you choose to provide it.
  • Account registration (coming soon): Name, email address, and a password. Passwords are never stored in readable form — stored only as a one-way cryptographic hash.
  • Manufacturing file submissions (coming soon): Files you upload (design files, drawings, specifications) and any project details you choose to include.
  • Account portal orders (coming soon): Order details, project history, and job records associated with manufacturing requests submitted through the customer portal.
B. Information Collected Automatically
  • IP address — recorded in server logs for security and abuse prevention.
  • Browser and device information — browser type, operating system, and referring URL.
  • Usage data — pages visited, time and date of visit, and session duration.
C. Cookies and Similar Technologies

We use a limited set of cookies to operate the site and support hosting infrastructure performance monitoring. We do not use advertising, tracking, or behavioral analytics cookies. See Section 12 for full details.

D. Information We Do Not Collect

We currently do not collect and request that you do not submit: geolocation data, biometric data, payment card information, social security numbers, health or medical information, genetic data, or information relating to racial or ethnic origin, religious beliefs, or criminal history. We do not use third-party analytics, advertising networks, or tracking pixels at this time. If you choose to submit sensitive information of this nature through any form or file upload on this site, you do so at your own risk.

Section 03

Why We Collect Your Data

We use the information we collect only for the following purposes:

  • Provide our services — Operate the site, respond to inquiries, process account registration, and deliver the manufacturing file submission and review service.
  • Maintain and improve our services — Monitor for errors, troubleshoot issues, and improve site performance over time.
  • Communicate with you — Send transactional emails only (inquiry confirmations, password resets, account or project status notifications). We do not send marketing email. We will ask for your explicit consent before sending any promotional communications.
  • Security and fraud prevention — Detect, prevent, and respond to fraudulent, unauthorized, or illegal activity.
  • Legal compliance — Comply with applicable laws, respond to lawful requests, and enforce our legal rights and agreements.
  • Future services — If we add analytics tools or other services, this policy will be updated before those tools go live and we will seek your consent where required.

We will not use your personal information for any purpose not described in this policy without first notifying you and, where required, obtaining your consent.

Section 04

Your Privacy Controls

You have choices regarding the information we collect and how it is used.

  • Managing your information — Once the customer portal is available, you will be able to sign in at any time to review, update, or correct your personal information via your account settings.
  • Transactional email — Transactional emails are a necessary part of operating a secure account-based service and cannot be opted out of while you have an active account. If you close your account, we will cease sending these communications.
  • Cookies — You may configure your browser to refuse cookies. Please be aware that disabling essential cookies will prevent key site functionality — including form submission and login — from working. Hosting infrastructure cookies may be disabled without affecting site functionality. See Section 12 for details.
  • Deleting your data — You may request deletion of your personal information at any time. See Section 8.
  • Do Not Track signals — Our site does not currently respond to browser-level "Do Not Track" (DNT) signals, as no uniform standard for recognizing or honoring DNT requests has been established. If a standard is adopted in the future, we will update this policy accordingly.
  • Account security — You are responsible for maintaining the confidentiality of your account credentials and for all activity that occurs under your account. Please notify us immediately at the contact details in Section 15 if you suspect unauthorized access to your account. We will never ask for your password via email or any unsolicited communication.
Section 05

Sharing Your Information

We do not sell, rent, or trade your personal information. We share information only in the limited circumstances described below.

  • Service providers — We use third-party companies to help operate our services, currently including GoDaddy.com LLC (GoDaddy) for web hosting and server infrastructure, and Microsoft Corporation (Azure/Microsoft 365) for transactional email delivery. These providers act as data processors on our behalf, permitted to use your data only to perform services for us, and are subject to data processing agreements and contractual obligations to protect it. As our services grow, additional providers may be engaged and this policy will be updated accordingly.
  • Manufacturing order fulfillment — Files and project details submitted through the customer portal may be shared with authorized staff and, where necessary, subcontractors working under confidentiality obligations, solely to fulfill your order.
  • Legal requirements — We may disclose your information if required by law or valid legal process. Where permitted, we will notify you before disclosure.
  • Business transfers — In a merger, acquisition, or asset sale, your information may transfer. We will provide notice before it becomes subject to a different privacy policy.
  • Protection of rights — Where necessary to protect user safety, prevent fraud, or defend our legal rights.
  • With your consent — We may share information for any other purpose with your explicit consent.

We do not: sell personal information, share it with advertisers, disclose it to data brokers, or use it for behavioral profiling or targeted advertising.

Section 06

Keeping Your Information Secure

The security of your personal information is important to us. We implement and maintain reasonable and appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction.

All data transmitted between your browser and our site is encrypted in transit. Account credentials are protected using industry-standard practices. We regularly review our security practices as our services evolve.

No method of transmission over the internet or method of electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security. In the event of a data breach that affects your rights or freedoms, we will notify you as required by applicable law.

Section 07

Retaining Your Information

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, to provide our services, and to comply with our legal obligations. The appropriate retention period for any given data depends on the nature of the information, the purpose for which it was collected, and applicable legal or regulatory requirements.

When determining how long to retain information, we consider:

  • Whether the purpose for collection has been fulfilled
  • Whether we have a legal obligation to retain it
  • Whether retention is necessary to resolve disputes, enforce agreements, or protect against legal claims
  • The sensitivity of the information

When personal information is no longer required for any of these purposes, we delete or anonymize it. Where immediate deletion is not possible — for example, in backup archives — we isolate the information from further processing until deletion is feasible.

You may request deletion of your personal information at any time as described in Section 8.

Section 08

Exporting & Deleting Your Information

Exporting Your Data

You may request a copy of the personal information we hold about you at any time by contacting us (Section 15). We will provide your data in a commonly used, machine-readable format where technically feasible.

Deleting Your Data

You have the right to request deletion of your personal information. Once we receive and verify your request, we will delete your data from our active systems, subject to the following exceptions:

  • Where we are legally required to retain the information
  • Where it is necessary to complete an ongoing transaction or fulfill an open order
  • Where retention is required to detect or prevent fraud or security threats
  • Where the information is needed to resolve a dispute or enforce our agreements

We will respond within 30 days. For verified requests, deletion will be completed within 45 days, or we will notify you if an extension is needed.

Correcting Your Data

If information we hold about you is inaccurate, you may request correction. Once the portal is available, you will be able to update much of your information directly through your account settings.

Section 09

Compliance & Cooperation With Regulators

We regularly review this policy and our data practices to ensure compliance with applicable privacy laws, including:

  • The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
  • The European Union General Data Protection Regulation (GDPR)
  • The UK General Data Protection Regulation (UK GDPR)
  • Applicable United States federal privacy laws and state privacy laws to the extent they apply to our operations and the residents we serve

We cooperate with data protection authorities and comply with their advice regarding personal information transferred in accordance with applicable data transfer frameworks. If you believe our processing of your information does not comply with applicable law, you have the right to lodge a complaint with your local data protection authority.

Section 10

CCPA / CPRA — California Residents

This section supplements the rest of this Privacy Policy and applies solely to residents of the State of California.

Categories of Personal Information Collected

In the preceding 12 months, we have collected or may collect the following categories of personal information as defined under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Category Examples Collected
A — IdentifiersName, email, IP address, account nameYes
B — CA Customer Records (§1798.80(e))Name, address, telephone numberYes
C — Protected classification characteristicsAge, race, gender, disabilityNo
D — Commercial informationPurchase historyYes
E — Biometric informationFingerprints, facial recognitionNo
F — Internet / network activityIP logs, page interactionsYes
G — Geolocation dataPrecise physical locationNo
H — Sensory dataAudio, visual, thermalNo
I — Professional / employment informationJob history, employerNo
J — Education informationGrades, transcriptsNo
K — InferencesBehavioral profilesNo
L — Sensitive personal informationAccount login credentialsAccount holders only
Sale or Sharing of Personal Information

We do not sell personal information for monetary consideration. We do not share personal information for cross-context behavioral advertising. We have not sold or shared personal information in the preceding 12 months.

Your Rights Under CCPA/CPRA
Right to Know

Request disclosure of the categories and specific pieces of personal information we have collected, used, disclosed, or sold about you.

Right to Delete

Request deletion of personal information we have collected, subject to certain exceptions.

Right to Correct

Request correction of inaccurate personal information we hold about you.

Right to Opt Out

Direct us not to sell or share your personal information. (We do not currently sell or share personal data.)

Limit Sensitive Data

Request that we limit use of your sensitive personal information to purposes necessary to provide the service.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA/CPRA rights.

Exercising Your California Rights

Contact us using the information in Section 15. Only you, or a person registered with the California Secretary of State and authorized by you, may make a verifiable request on your behalf. We will respond within 45 days, with a possible 45-day extension upon notice.

Section 11

GDPR — EEA & UK

This section applies to individuals located in the European Economic Area (EEA) and the United Kingdom, and supplements the rest of this Privacy Policy.

Legal Basis for Processing
  • Contract performance — Processing necessary to fulfill a service you have requested (e.g., creating and operating your account, delivering manufacturing services).
  • Legitimate interests — Processing for our legitimate business interests, including site security, fraud prevention, and service improvement, where not overridden by your rights.
  • Legal obligation — Processing necessary to comply with a legal requirement.
  • Consent — Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
International Data Transfers

Light Web LLC is based in the United States. If you are located in the EEA or UK, your personal data will be transferred to and processed in the United States, which may not provide the same level of data protection as your home jurisdiction. Where we transfer personal data outside the EEA or United Kingdom, we rely on appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission, the UK International Data Transfer Agreement (IDTA), or other legally recognized transfer mechanisms, as applicable.

Your Rights Under GDPR
Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data in certain circumstances.

Restrict Processing

Request that we restrict processing of your data in certain circumstances.

Data Portability

Receive your personal data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests or for direct marketing.

To exercise any of these rights, contact us using the information in Section 15. We will respond within 30 days. If dissatisfied, you may lodge a complaint with your national supervisory authority or the UK Information Commissioner's Office (ICO).

Data Protection Officer

Light Web LLC does not currently meet the thresholds requiring formal appointment of a Data Protection Officer. Privacy-related inquiries should be directed to us via the contact details in Section 15.

Section 12

Cookies & Similar Technologies

We use cookies necessary for our site to function and to support hosting infrastructure performance monitoring. We do not use advertising cookies, behavioral tracking cookies, or third-party analytics cookies.

What Are Cookies?

Cookies are small files placed on your device by a website, allowing the site to remember information about your visit. Session cookies are deleted when you close your browser; persistent cookies remain on your device for a set period.

Cookies We Use
Cookie Type Purpose Can Be Disabled?
CSRF token Persistent Security — prevents cross-site request forgery attacks on form submissions No — breaks form functionality
Session ID Session Maintains your authenticated session while logged in. Deleted on browser close or logout. No — prevents login

Third-party tracking cookies: We do not currently load any third-party scripts, trackers, pixels, or analytics tools that set cookies on your device. If this changes in the future, this policy will be updated and, where required by law, your consent will be obtained before any non-essential cookies are set.

Our hosting provider may set limited performance monitoring cookies as part of their infrastructure operations. These cookies do not collect personal user information and are not used for behavioral tracking or advertising purposes. If our infrastructure cookies change, this policy will be updated accordingly.

Managing Cookies

You can instruct your browser to refuse all cookies or notify you when a cookie is being sent. However, disabling the essential cookies listed above will prevent core site functionality from working. Hosting infrastructure performance cookies set by our hosting provider may be disabled without affecting your experience on the site.

Section 13

Children's Privacy

Our services are not directed to individuals under the age of 13 (or under 16 where required by applicable law, including GDPR). We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately using the information in Section 15. Upon verification, we will promptly delete that information from our systems.

Where we rely on consent as a legal basis for processing and applicable law requires parental consent for minors, we will obtain that consent before collecting or using any such information.

Section 14

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes to our services, legal requirements, or business practices. When we make changes, we will:

  • Update the "Last updated" date at the top of this page
  • Post the updated policy at this URL
  • For material changes, provide prominent notice on the site and/or notify you by email if you have an account

We encourage you to review this policy periodically. Your continued use of the site after changes are posted constitutes your acceptance of the revised policy.

Section 15

Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or want to report a privacy concern, please contact us:

Light Web LLC — Privacy Contact
Note For GDPR-related requests, please include your country of residence and a description of your request. We will respond within 30 days.