Legal Artifact
Privacy Policy
Last Updated: March 2026
At FOURAK, we prioritize user privacy through strict technical discipline and data minimization. Our "Zero-Egress" operational philosophy means we minimize third-party digital footprinting, localizing secure client workflows to the edge.
1. Core Information Principles
We build systems designed to operate with the smallest data footprint possible. Unlike conventional marketing agencies that capture and resell visitor footprints, we do not utilize marketing pixels, tracking beacons, cross-site identity scrapers, or invasive analytics cookies. Any data collected is restricted to direct client communications voluntarily initiated.
2. Active Web Form Submissions
When you engage with our agency via our project intake form, contact form, or audit booking widget, the data you transmit (including name, email, project parameters, budget details, and text requests) is processed securely:
- Processing Nodes: Submissions pass securely through our serverless Cloudflare Workers API proxy endpoint.
- Robot Verification: Cloudflare Turnstile token validation protects forms from automated spam, verifying human intent locally without harvesting personal browser histories.
- Direct Logging: Verified data is routed directly to our private Google Sheets database via encrypted HTTPS Webhooks for operations tracking.
- No Reselling: We never sell, rent, or lease your contact information or project specifications to third-party marketing networks.
3. Server Audit Logs
To maintain service availability, monitor edge performance, and prevent network security abuses (such as DDoS or brute force script submissions), standard metadata is generated temporarily at our edge hosting layers (provided via Cloudflare):
- Internet Protocol (IP) addresses of connecting devices.
- User-agent string detail (browser type and operating system).
- Timestamps, request paths, and transmission status codes.
These security logs are retained temporarily for security auditing purposes and automatically purged from active routers.
4. Technical Data Security
We employ robust administrative and digital protocols to defend your data:
- Transport Layer Security: 100% of local and edge traffic is encrypted in transit using TLS 1.3.
- Content Security Policies (CSP): Strict headers are enforced to prevent cross-site scripting (XSS) or remote injection attempts.
- Access Controls: Internal access to database spreadsheets is locked to authenticated administrators using multi-factor credentials.
5. Your Digital Rights
Under standard data protection frameworks, you maintain complete authority over any details you submit. You can request a summary of the contact information we hold for your business, request immediate deletion, or withdraw consent for email communications by contacting us at [email protected].