1. Definitions

In this Policy, the following terms shall have the meanings assigned below:

“Client Data” means all data, personal or otherwise, collected, stored, or managed by the Client, or by third-parties on behalf of the Client, at any time.

“Managed Data” means any portion of Client Data that is explicitly entrusted to CCD for the purpose of performing services under a written agreement.

“Services” means any marketing, design, development, management, or consulting services provided by CCD under a Client agreement.

2. Scope

This Policy governs CCD’s obligations and limitations with respect to Managed Data processed or stored by CCD in connection with the Services. This Policy does not cover Client Data that is collected, stored, or managed solely by the Client, outside the scope of CCD Services.

3. Security Measures

During the period CCD has access to or processes Managed Data, CCD will implement and maintain appropriate administrative, technical, and organizational safeguards reasonably designed to protect the confidentiality, integrity, and availability of such Managed Data. Such safeguards may include, but are not limited to: secure access controls, encryption (where applicable), password policies, regular backups, secure storage, and restricted access by authorized personnel only.

4. Client Responsibilities

The Client retains full responsibility for:

Collecting, maintaining, and storing Client Data that is not part of the Managed Data;

Ensuring that any data collection or handling practices employed by the Client comply with all applicable laws, regulations, and industry standards;

Managing security for systems, applications, and infrastructure not under CCD’s control; and

Retaining any necessary permissions or consents for data collection and processing.

5. Limitation on CCD Liability

Except as expressly provided herein, CCD shall have no liability for any loss, corruption, breach, theft, unauthorized access, destruction, or misuse of Client Data that was not part of the Managed Data — including without limitation any data the Client collects or stores independently, or through third-party tools or platforms not managed by CCD.

6. Incident Response

In the event of a detected or suspected security incident affecting Managed Data under CCD’s control, CCD will:

Promptly investigate the incident to determine its nature and scope;

Take reasonable steps to contain and mitigate the incident; and

Notify the Client without undue delay, and cooperate with the Client in assessing consequences and remediating impacts.

7. Disclaimer of Warranties

CCD provides no warranty, express or implied, that the safeguards described herein will prevent every security breach, loss, or unauthorized access. The Client acknowledges that, due to the inherent risks of the Internet and data processing, absolute security cannot be guaranteed.

8. Indemnification

The Client agrees to indemnify, defend, and hold harmless CCD, its officers, employees, agents, and subcontractors against any claims, liabilities, losses, damages, or expenses (including reasonable attorneys’ fees) arising out of or related to:

Client’s failure to comply with applicable laws, regulations, or industry standards;

Client’s mismanagement or misuse of Client Data outside the scope of Managed Data; or

Claims from third parties relating to any such failures or misuse.

9. Governing Law and Jurisdiction

This Policy shall be governed by and construed in accordance with the laws of the State of California, without regard to its conflict-of-law provisions. Any legal action arising out of or related to this Policy shall be brought exclusively in the state or federal courts located in Sonoma County, California.

10. Amendments and Updates

CCD reserves the right to modify or update this Policy at any time. Significant changes will be communicated to Clients. Continued use of CCD Services following such changes constitutes acceptance of the revised Policy.

11. Contact Information

For questions about this Policy or CCD’s data security practices, please contact us at:

   Email: hello@customcomdesign.com

   Phone: 707-710-0421