Privacy Policy

1. Who we are

Memodesk is operated by Hancock Digital Design LLC, a Colorado limited liability company located at 1500 N Grant St STE N, Denver, CO 80203. For the purposes of GDPR (where applicable), we are the data controller.

2. What we collect

You give us directly

• Name and email address (when you order or contact us)
• Billing address (collected by Stripe at checkout)
• The contents of your brief — including company name, decision context, and any documents or links you choose to share
• Any messages you send us

Collected automatically when you visit memodesk.co

• Server logs (IP address, browser type, page requested, referrer, timestamp) — retained for 30 days for security and debugging only

We do not use third-party advertising, tracking, or analytics cookies on memodesk.co. We do not maintain visitor profiles.

3. What we don’t collect

We don’t collect (and we don’t want):

• Payment card numbers, CVCs, or bank account details — Stripe handles all of this
• Browsing history outside memodesk.co
• Location data
• Information about anyone other than you

4. How we use what we collect

We use your information only to:

• Deliver the memo you ordered
• Process your payment (via Stripe)
• Communicate with you about your order
• Send a single follow-up email after delivery (one time, not a newsletter)
• Comply with legal obligations such as tax records

We do not use your information for advertising, profiling, or training AI models. We do not sell your information. We will never sell your information.

5. Who we share it with

We share information only with vendors who help us deliver the memo:

• Stripe, Inc. — payment processing (subject to Stripe’s privacy policy)
• Google LLC (Workspace) — email at hello@memodesk.co (subject to Google’s privacy policy)
• Tally Forms — intake form processing (subject to Tally’s privacy policy)
• Notion Labs, Inc. — internal project tracking (subject to Notion’s privacy policy)
• Cloudflare, Inc. — website hosting and DNS (subject to Cloudflare’s privacy policy)

We will also disclose information if required by law (for example, a valid subpoena), but will notify you first unless legally prohibited.

6. How long we keep it

• Brief contents and delivered memos: 24 months from delivery, then deleted from our systems. You can request earlier deletion at any time.
• Email correspondence: retained as long as needed to maintain the customer relationship, then deleted on request or after 24 months of inactivity.
• Payment records: retained for 7 years for tax and accounting compliance, as required by US law.
• Server logs: 30 days.

7. Your rights

Regardless of where you live, you can email hello@memodesk.co to:

• Get a copy of the personal data we hold about you
• Correct inaccurate information
• Delete your data (subject to legal retention requirements above)
• Object to or restrict our processing
• Withdraw consent (where processing is based on consent)
• Receive your data in a portable format

If you live in the EU/UK, you have these rights under the GDPR/UK GDPR. If you live in California, you have similar rights under the CCPA/CPRA. We respond to requests within 30 days. You also have the right to lodge a complaint with your local data protection authority.

8. Security

We use industry-standard security practices: HTTPS for all site traffic, two-factor authentication on all internal accounts, encrypted storage at our service providers, and minimal data collection. No system is perfectly secure, however, and we cannot guarantee that unauthorized access will never occur. If a breach affects your data, we will notify you within 72 hours of discovery, as required by GDPR and applicable US state laws.

9. International transfers

Memodesk operates from the United States. If you are located outside the US, your information will be transferred to and processed in the US, which has different data protection laws than your country. By ordering, you consent to this transfer.

10. Children

Memodesk is a B2B service intended for adults purchasing on behalf of a business. We do not knowingly collect information from anyone under 18. If you believe we have, contact us and we will delete it.

11. Changes

We may update this policy. Material changes will be communicated via email to active customers. The “Last updated” date at the top reflects the most recent revision.

12. Contact

Privacy questions, deletion requests, or data access requests: