Privacy Policy

Effective Date: December 22, 2025

This Privacy Policy explains how Bates Web Tech ("we," "us," or "our") collects, uses, stores, and protects personal information when you visit bateswebtech.com or interact with our services.

1. Commitment to Data Protection

We are committed to protecting your privacy and personal information. We process personal data in accordance with applicable data protection laws, including:

  • EU General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
  • Other applicable U.S. state privacy laws

Important Disclosure: We share certain data with Meta Platforms, Inc. through the use of Meta Pixel for advertising purposes. Under some privacy laws, this may be considered a "sale" or "sharing" of personal information. California residents have the right to opt out of such activities (see Section 11 below).

HIPAA: We are not a covered entity under HIPAA. We do not collect, process, or store protected health information (PHI). Do not submit any health-related information through our website or communications.

We follow core data protection principles:

  • Lawfulness, fairness, and transparency
  • Data minimization
  • Purpose limitation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality

Appropriate technical and organizational safeguards are implemented to protect personal data against unauthorized access, loss, misuse, or disclosure.

2. Data Controller

The data controller for personal information collected through this website is:

Bates Web Tech
Website: https://bateswebtech.com
Email: [email protected]

3. Legal Bases for Processing

We process personal data under one or more of the following legal bases:

  1. Consent – when you explicitly provide permission (e.g., newsletter sign-up, accepting cookies for analytics and advertising purposes).
  2. Contractual necessity – when processing is required to perform or enter into a contract with you.
  3. Legal obligation – when required to comply with applicable laws.
  4. Legitimate interest – when processing is necessary for business operations that do not override your rights (e.g., responding to inquiries, basic website functionality).

Note for EU/EEA Visitors: For advertising-related tracking (Meta Pixel), we rely on your consent. You have the right to withdraw consent at any time. For analytics (PostHog), we rely on legitimate interest with privacy-preserving measures in place.

4. Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of personal information:

  • Identifiers: Name, email address, phone number, IP address, unique device identifiers, cookies
  • Contact Information: Company name, business contact details
  • Commercial Information: Records of services requested or obtained, inquiries about our services
  • Internet/Network Activity: Browsing history on our website, page views, clicks, navigation patterns, interactions with advertisements
  • Device Information: Browser type, operating system, device type, screen resolution
  • Geolocation Data: General location derived from IP address (city/state level)
  • Audio/Visual Information: Session recordings capturing on-screen activity during your visit (excluding password fields and sensitive form inputs)
  • Inferences: Preferences and characteristics derived from your website usage

We do NOT collect: Social Security numbers, driver's license numbers, financial account information, health information, biometric data, or other sensitive personal information.

5. How We Use Personal Data

We use personal data for the following purposes:

a) Handling Inquiries and Client Relationships

When you contact us via email or a website form, we process your information to respond to your inquiry, evaluate potential engagements, and manage business communications.

Data is retained only as long as necessary to fulfill these purposes or comply with legal obligations.

b) Marketing and Communications

If you opt in to receive marketing communications, we may send information about our services, insights, or updates. You can unsubscribe at any time using the link in our emails or by contacting us directly.

c) Website Analytics and Improvement

We use analytics tools to understand how visitors use our website and to improve user experience. Specifically:

  • PostHog – We use PostHog for analytics and session recording. PostHog is configured to minimize data collection by disabling persistent cookies and local storage. Session recordings capture user interactions on our website to help us identify usability issues and improve functionality.
  • Meta Pixel (Facebook Pixel) – We use Meta Pixel to measure advertising effectiveness and understand how visitors interact with our website after seeing our ads. This tool places cookies and collects data including page views and user behavior, which may be used for advertising purposes.

These tools may collect data such as page views, traffic sources, device information, and interaction patterns.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies for the following purposes:

  • Essential Cookies: Required for website functionality (always active)
  • Analytics Cookies: Analyze site usage and user behavior (PostHog) - loaded by default
  • Advertising Cookies: Measure advertising effectiveness via Meta Pixel - requires consent

Cookie Consent

When you first visit our website, you will see a cookie consent banner. You have the following options:

  • Accept All: Allows all cookies, including advertising cookies (Meta Pixel)
  • Reject Non-Essential: Only essential cookies will be used; advertising cookies are blocked
  • Manage Preferences: View detailed information about cookie categories

Your consent choice is stored in your browser's local storage and will be remembered for future visits. You can change your preferences at any time by clearing your browser data or adjusting your browser's cookie settings.

Third-Party Tracking

Meta Pixel: Only loads if you click "Accept All." Data is shared with Meta Platforms, Inc. for advertising purposes. This may constitute a "sale" under CCPA.

PostHog: Loads by default for analytics purposes. Data is processed on EU servers and is not shared with third parties for advertising. PostHog is configured to respect "Do Not Track" signals.

How to Opt Out

  • Click "Reject Non-Essential" in the cookie banner when you first visit the site
  • Clear your browser cookies and revisit the site to see the consent banner again
  • Enable "Do Not Track" in your browser settings
  • Block third-party cookies in your browser settings
  • Opt out directly with Meta: https://www.facebook.com/help/568137493302217

7. Data Retention

We retain personal data only for as long as necessary for the purposes outlined in this policy, including:

  • Resolving inquiries
  • Fulfilling contractual obligations
  • Complying with legal and accounting requirements
  • Defending against potential legal claims

When data is no longer required, it is securely deleted or anonymized.

8. Data Sharing and Disclosure

We may share or disclose personal data with the following categories of recipients:

  • Advertising Partners: Meta Platforms, Inc. (via Meta Pixel) for advertising, marketing, and analytics purposes. This sharing may constitute a "sale" or "sharing" under CCPA/CPRA.
  • Analytics Providers: PostHog for website analytics and user experience improvement
  • Service Providers: Hosting providers, email service providers, and other vendors supporting our website operations
  • Professional Advisors: Legal counsel, accountants, and consultants where necessary
  • Legal/Regulatory Authorities: When required by law, court order, or to protect our legal rights

Business Purposes: We disclose personal information for operational purposes, security, fraud prevention, and legal compliance. All service providers are contractually required to protect personal data and use it only for specified purposes.

9. International Data Transfers

Some service providers may process data outside your country of residence, including outside the EU:

  • Meta Pixel: Data collected by Meta Pixel may be transferred to and processed in the United States by Meta Platforms, Inc.
  • PostHog: Data is processed on PostHog's EU servers to minimize international transfers.

Where required, we rely on appropriate safeguards such as standard contractual clauses or adequacy decisions to ensure adequate data protection.

10. Your Rights

For All Users

Depending on your jurisdiction, you may have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Deletion: Request deletion of your personal data
  • Right to Restriction: Request limitation on how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to certain processing activities
  • Right to Withdraw Consent: Withdraw consent at any time

For EU/EEA Residents (GDPR Rights)

If you are located in the European Union or European Economic Area, you have additional rights under GDPR, including the right to lodge a complaint with your local supervisory authority.

How to Exercise Your Rights

To exercise any of these rights, contact us at [email protected]. We will respond to verified requests within the timeframe required by applicable law (typically 30-45 days).

We will not discriminate against you for exercising any of your privacy rights.

11. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

Your California Rights

  1. Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes for collection, and the categories of third parties with whom we share it.
  2. Right to Delete: Request deletion of your personal information, subject to certain exceptions.
  3. Right to Opt-Out of Sale/Sharing: Request that we stop selling or sharing your personal information for cross-context behavioral advertising purposes.
  4. Right to Correct: Request correction of inaccurate personal information.
  5. Right to Limit Use of Sensitive Personal Information: We do not collect or use sensitive personal information, so this right does not apply.
  6. Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your CCPA rights.

Sale and Sharing of Personal Information

In the past 12 months, we have shared the following categories of personal information for advertising purposes, which may constitute a "sale" or "sharing" under CCPA:

  • Identifiers (IP address, device identifiers, cookies)
  • Internet/Network activity information (browsing behavior, page views)
  • Geolocation data (approximate location)
  • Inferences (preferences and characteristics)

This information is shared with Meta Platforms, Inc. via Meta Pixel for advertising and marketing purposes.

How California Residents Can Opt-Out

To opt out of the sale/sharing of your personal information:

  1. Email us at [email protected] with subject line "Do Not Sell My Personal Information"
  2. Visit your browser settings and enable "Do Not Track" or similar privacy settings
  3. Adjust your cookie preferences in your browser to block third-party cookies
  4. Opt out directly with Meta at https://www.facebook.com/help/568137493302217

How to Submit a CCPA Request

To exercise your CCPA rights, contact us at [email protected]. We will verify your identity before processing your request and respond within 45 days.

We do not sell personal information of consumers we know are under 16 years of age without affirmative authorization.

12. Information Security

We implement reasonable administrative, technical, and physical safeguards to protect personal data, including:

  • Secure hosting environments
  • Access controls
  • Regular system updates
  • Limited access to personal data on a need-to-know basis

No system is completely secure, but we take data protection seriously and continuously improve our safeguards.

13. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law, including GDPR (within 72 hours) and state breach notification laws.

14. Children's Privacy

Our website and services are not directed to children under 16 years of age. We do not knowingly collect personal information from children. If we learn we have collected information from a child under 16, we will delete it promptly.

15. Changes to This Policy

We reserve the right to update this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other factors.

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date.

16. Regular Policy Review Process

We conduct regular reviews of this Privacy Policy and our data protection practices to ensure ongoing compliance with GDPR, CCPA, HIPAA (where applicable), and other relevant privacy regulations. Our privacy practices are reviewed:

  • Quarterly by management
  • Whenever we implement new tracking technologies
  • When privacy laws change
  • Following any data security incidents
  • Upon receipt of regulatory guidance or inquiries

Last Review Date: December 22, 2025

17. Contact Information

If you have questions, concerns, or requests related to this Privacy Policy or your personal data, contact us at:

Privacy Contact:
[email protected]

For California Residents: To exercise your CCPA rights or opt out of the sale/sharing of your personal information, email [email protected] with "CCPA Request" or "Do Not Sell My Personal Information" in the subject line.

For EU/EEA Residents: To exercise your GDPR rights or submit a complaint, email [email protected] or contact your local data protection authority.