Effective 11 July 2026
Privacy Policy
This policy explains the data used to create accounts, receive project briefs, operate the client workspace, and deliver commissioned work.
Information collected
We store the information you submit: name, email, optional country/phone/timezone, brief answers, reference links, uploaded files, messages, appointments, order records, and project activity. Passwords are stored as one-way scrypt hashes; the site does not store plain-text passwords.
How information is used
- To review scope, create and manage orders, and deliver project work.
- To authenticate your private client workspace and enforce staff permissions.
- To communicate project, payment-verification, appointment, review, and delivery updates.
- To protect the service through rate limits, audit records, and security logs.
Sign-in and notifications
When Google sign-in is enabled, we store the verified email address, display name, authentication provider, and login timestamps returned for account access. We do not receive or store your Google password. If any visitor opts in to browser notifications, we store an encrypted browser push subscription endpoint and keys for that device; an anonymous subscription is not linked to a name or email unless the visitor later signs in on that device. You can unsubscribe from portal settings or browser settings. Administrative announcements and personal notifications remain recorded in the private portal until read.
Files and access
Brief attachments and deliverables are stored outside the public web directory. They are served only through authenticated endpoints to the owning client and authorised studio users. Do not upload passwords, payment-card data, government identity documents, or information you are not authorised to share.
Payments
Razorpay processes online payment details on its systems; card credentials never pass through CodingMarble servers. We store provider order/payment references, amount, currency, installment state, and verification timestamps for reconciliation. Never send full card credentials in a brief or chat.
Retention and requests
Project and financial records may be retained for delivery, dispute, tax, backup, and legal purposes. To request access, correction, or deletion, use your client portal or the contact method stated in your written quote. Some records may need to be retained where law or an active contract requires it.
International use and changes
Clients may access the service from different countries. Applicable transfer and retention requirements can vary. Material policy changes will be dated on this page.