1. Scope and status of this policy
This Privacy Policy applies to information collected through mouhastore.net and the website forms operated for MOUHA STORE LLC. It is a draft prepared for owner and legal review and must not be treated as final legal advice or a claim of compliance with every privacy law.
The website represents a remote graphic design business. It does not provide customer accounts, online payments, public file storage, or a client portal in the current version.
2. Information collected
The information collected depends on how a visitor uses the website. Visitors can browse the public pages without creating an account.
- Contact information, including name and email address, and optional business contact details voluntarily submitted through a form.
- Quote-request information, including business or brand name, country, requested service, project description, target audience, preferred style, deliverables, budget range, preferred deadline, referral source, and authorized reference links.
- Messages relating to an existing project, legal or privacy inquiry, accessibility feedback, or general business question.
- Limited technical and anti-abuse information necessary to receive a request, validate its origin, enforce request-size limits, detect automated submissions, and apply rate limiting. Hosting providers may also create standard server logs.
- Consent confirmations and submission timestamps needed to process and document the request.
3. Uploaded files and submitted materials
Direct file uploads are disabled in the current website because private object storage, malware scanning, access controls, retention rules, and deletion procedures have not yet been configured.
Visitors may submit authorized reference links. A visitor must own or have permission to share any linked or otherwise submitted logo, image, font, text, design, document, or other material. Visitors should not submit passwords, financial account details, government identification, medical information, or other unnecessary sensitive information.
4. Purposes of processing
Information may be used only for legitimate business and website-operational purposes connected with the inquiry or project relationship.
- Reviewing and responding to contact inquiries.
- Evaluating project requirements and preparing a quotation or proposed scope.
- Communicating about active or previous projects.
- Maintaining necessary business, contractual, security, and dispute-resolution records.
- Preventing spam, fraud, abuse, and unauthorized use of the forms.
- Protecting the website, the business, clients, and service providers.
- Complying with lawful obligations and responding to valid legal requests when applicable.
5. Service providers and disclosures
The website may use service providers for hosting, email delivery, domain and infrastructure services, rate limiting, security, error monitoring, and other operational functions. Only providers that are actually configured should be identified in the production version of this policy.
Information may be disclosed to a service provider only to the extent reasonably necessary for the provider to perform its configured function, subject to the provider's terms and the business's contractual arrangements. Information may also be disclosed where required by law, to protect legal rights, or in connection with a legitimate business transfer, subject to appropriate safeguards and notice where required.
6. Storage and security
Reasonable technical and organizational safeguards should be applied in proportion to the information processed. These may include HTTPS, restricted access, validated server-side processing, rate limiting, secret management, private provider credentials, and avoidance of sensitive-data logging.
No website or electronic transmission can be guaranteed completely secure. The production owner must keep dependencies, credentials, provider settings, and incident-response procedures current and must investigate suspected security incidents promptly.
7. Data retention
Information should be kept only for as long as reasonably necessary for the purpose for which it was collected, to maintain required business records, to resolve disputes, to enforce agreements, and to meet applicable legal obligations.
Specific production retention periods have not yet been approved. Before launch, the owner and legal reviewer must define documented periods for unsuccessful inquiries, quotations, active-project records, completed-project records, security records, provider logs, and deletion requests.
Owner action required: approve a written retention schedule before production launch.
8. International processing and transfers
MOUHA STORE LLC is formed in the United States and operates remotely. Visitors, clients, contractors, and service providers may be located in different countries. Information may therefore be processed in a country other than the visitor's country of residence.
The production business must assess any transfer requirements that apply to its actual clients, providers, and operating locations and implement suitable contractual or legal safeguards where required.
10. Privacy choices and rights
Depending on applicable law and the circumstances, an individual may have rights to request access, correction, deletion, restriction, objection, portability, withdrawal of consent, or information about how personal information is used.
A request may be submitted through the Contact page using the legal or privacy inquiry option. The business may need to verify the requester's identity and authority before acting. Some information may need to be retained where permitted or required for legal, security, contractual, or recordkeeping purposes.
11. Children's privacy
The services are intended for businesses and independent professionals and are not directed to children. The website should not knowingly request personal information from a child. If the business learns that information was submitted by a child without appropriate authorization, it should review and delete the information where required and reasonably possible.
12. Changes and contact
This draft may be updated when the website, service providers, business practices, or legal requirements change. The production policy should display an accurate effective date and should describe material changes where appropriate.
Questions or privacy requests can be submitted through the Contact page using the legal or privacy inquiry option. A verified legal-contact email must be added before production launch.