Privacy Policy
Last updated: April 27, 2026
1. Introduction
Multigraphic.lb ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website at https://multigraphic-lb.vercel.app or use our services.
We comply with applicable Lebanese data protection regulations and, where applicable to our international clients, the EU General Data Protection Regulation (GDPR) and similar frameworks.
2. Data Controller
The data controller responsible for your personal data is:
- Company: Multigraphic.lb
- Contact: multigraphic.lb@gmail.com
- Phone: +961 3 691 906
- Location: Beirut, Lebanon
3. Data We Collect
3.1 Information You Provide
- Contact form submissions: Name, email address, phone number (optional), and message content
- Client portal accounts: Name, email address, company name, and hashed password (we never store plain-text passwords)
- Email communications: Content of emails you send to or receive from us
- Project information: Business details, project requirements, and content you provide for project execution
3.2 Information Collected Automatically
- Usage data: Pages visited, time spent, referral source, and navigation patterns
- Device information: Browser type, operating system, screen resolution, and device type
- IP address: Used for security purposes and approximate geographic location
- Cookies: See our Cookie Policy for full details
3.3 Information We Do Not Collect
- We do not collect financial information (credit card numbers, bank details) directly — payments are processed through secure third-party providers
- We do not collect sensitive personal data (race, religion, health, political opinions)
- We do not knowingly collect data from children under 16
4. How We Use Your Data
We use your personal data exclusively for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Respond to your inquiries and contact form submissions | Legitimate interest |
| Deliver contracted services and project work | Contractual necessity |
| Manage your Client Portal account | Contractual necessity |
| Send project updates, invoices, and payment reminders | Contractual necessity |
| Send newsletters (only with explicit consent) | Consent |
| Analyze website usage to improve our services | Legitimate interest |
| Protect against fraud and unauthorized access | Legitimate interest / Legal obligation |
5. Data Storage & Security
5.1 Where We Store Data
- Database: Hosted on Neon (PostgreSQL), with servers in the United States (US-East region), operated under strict data protection standards
- Website: Hosted on Vercel, with global edge network and data processing in the United States
- Email: Sent via Gmail SMTP with TLS encryption
5.2 Security Measures
- All data transmitted to and from our website is encrypted via HTTPS (TLS 1.3)
- Passwords are hashed using bcrypt with salt — we never store plain-text passwords
- Client Portal authentication uses signed JWT tokens with expiration
- Admin access is protected with separate authentication
- Database connections use SSL encryption
- Security headers (HSTS, X-Frame-Options, CSP, X-Content-Type-Options) are enforced
6. Data Sharing & Third Parties
We do not sell, rent, or trade your personal data. We share data only with:
| Third Party | Purpose | Data Shared |
|---|---|---|
| Vercel Inc. | Website hosting and deployment | IP address, usage data |
| Neon Tech Inc. | Database hosting | Account data, project data |
| Google (Gmail SMTP) | Email delivery | Email addresses, email content |
| Google Fonts | Font delivery | IP address (automatic by browser) |
We do not use any third-party analytics, advertising, or tracking services that would share your data with ad networks.
7. Data Retention
- Contact form data: Retained for 2 years, then deleted
- Client account data: Retained for the duration of the client relationship plus 5 years (legal/tax requirements)
- Project files: Retained for 1 year after project completion unless the client requests earlier deletion
- Email logs: Retained for 1 year
- Cookie consent preferences: Retained for 12 months
8. Your Rights
Depending on your jurisdiction, you have the following rights regarding your personal data:
- Right to Access: Request a copy of the personal data we hold about you
- Right to Rectification: Request correction of inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Restrict Processing: Request that we limit how we use your data
- Right to Data Portability: Request your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interest
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
To exercise any of these rights, contact us at multigraphic.lb@gmail.com. We will respond within 30 days.
9. International Data Transfers
Your data may be transferred to and processed in the United States (where our hosting and database providers operate). We ensure appropriate safeguards are in place, including reliance on providers that comply with industry-standard data protection frameworks.
10. Children's Privacy
Our services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically. Continued use of our website after changes constitutes acceptance.
12. Contact Us
For any privacy-related questions, requests, or complaints:
- Email: multigraphic.lb@gmail.com
- Phone: +961 3 691 906
- Address: Beirut, Lebanon
See also: Terms & Conditions · Cookie Policy