Privacy Policy

1. Overview

Stepfault ("Provider," "we," "us") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website (stepfault.ai), submit inquiries, or engage us for services. By using our website or engaging our services, you consent to the practices described in this Policy.

2. Information We Collect

We collect information you provide directly to us, including:

• Name and business name
• Email address and phone number
• Project description, technical requirements, and SOW details
• Billing information (processed through Stripe; see Section 5)
• Communications and correspondence sent to us

We also collect certain information automatically when you visit our website, including IP address, browser type, pages visited, and referring URLs. This information is collected via standard server logs and analytics tools and does not identify you personally.

3. How We Use Your Information

We use the information we collect to:

• Respond to inquiries and deliver requested services
• Process payments and send invoices
• Communicate project status, deliverables, and support
• Send administrative messages, policy updates, and legal notices
• Improve our website and service offerings
• Comply with applicable laws and legal obligations

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4. Payment Processing via Stripe

ALL payment processing is handled by Stripe, Inc. ("Stripe"). When you make a payment, you are providing your payment information directly to Stripe through their secure infrastructure. Stepfault does not store, transmit, or have access to your full payment card details.

Stripe is a PCI-DSS Level 1 certified payment processor. By submitting a payment, you agree to Stripe's Terms of Service and Privacy Policy. We strongly encourage you to review Stripe's privacy practices at:

https://stripe.com/privacy

Stepfault receives confirmation of payment status, the last four digits of the card used, and the billing name from Stripe for record-keeping purposes only.

5. Information Sharing & Disclosure

We do not share your personal information with third parties except in the following limited circumstances:

• Service Providers: We engage trusted third-party vendors (e.g., Stripe for payment processing, cloud hosting providers) who require limited access to your data solely to perform services on our behalf. These parties are bound by contractual obligations to keep your data confidential.
• Legal Requirements: We may disclose your information if required to do so by law, subpoena, court order, or other governmental authority.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to equivalent privacy protections.
• Protection of Rights: We may disclose information where we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Policy, including maintaining business records, complying with legal obligations, resolving disputes, and enforcing our agreements. Project-related communications and records are typically retained for a minimum of seven (7) years to satisfy standard business and tax record-keeping requirements.

7. Security

We implement commercially reasonable technical and organizational measures to protect your information against unauthorized access, loss, destruction, or alteration. However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

8. Cookies & Tracking

Our website may use cookies and similar tracking technologies to enhance user experience and collect analytics data. You may configure your browser to refuse cookies; however, some features of the website may not function properly if cookies are disabled. We do not use third-party advertising cookies or behavioral tracking for ad targeting.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that a minor has provided us with personal information, we will take steps to delete such information promptly.

10. Your Rights

You may contact us to request access to, correction of, or deletion of the personal information we hold about you, subject to applicable legal requirements. We will respond to verified requests within thirty (30) calendar days.

11. Governing Law

This Privacy Policy and any disputes arising from it shall be governed exclusively by the laws of the State of Oklahoma, without regard to conflict of law principles. Venue for any legal proceeding shall be exclusive to Tulsa County, Oklahoma.

12. Policy Updates

We reserve the right to update this Privacy Policy at any time. The revised Policy will be posted at this URL with an updated effective date. Continued use of our website or services after the effective date constitutes acceptance of the updated Policy.

13. Contact

For privacy-related questions or requests, contact us at: stepfault.incorporated@stepfault.ai. Stepfault · STEPFAULT INCORPORATED · 522 South Boston Ave, Tulsa, OK 74103 · EIN: 42-2565954.