Privacy Policy
How MDM Solutions collects, uses, and protects your information.
Last updated: May 26, 2026
1. Overview
MDMSolutions Company ("MDM Solutions," "we," "us," or "our") operates mdmsolutions.it and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.
Summary: We collect only what we need to deliver your website and communicate with you. We do not sell your personal data. Ever.
This policy applies to all information collected through our website, client portal, intake forms, demo generator, and any related services.
2. Information We Collect
Information You Provide
- Account information: Name, email address, and business name when you sign up or contact us
- Payment information: Billing details processed by Stripe, we never see or store your full card number
- Business brief: Business name, location, services, phone number, email, pricing, and other details you provide to build your website
- Uploaded files: Menu files, images, or documents you upload during the intake process
- Support communications: Messages you send to hello@mdmsolutions.it
- Demo requests: Business information submitted through our free demo generator
Information Collected Automatically
- Usage data: Pages visited, time spent, referring URLs, and browser type
- IP address: Used for security, fraud prevention, and approximate location
- Device information: Browser version, operating system, screen resolution
- Cookies: See Section 5 for details
Information from Third Parties
- Stripe: Payment confirmation and billing status
- Microsoft Entra ID: Authentication data when you sign in via Microsoft
- Google Places API: Publicly available business information used to enrich your website
3. How We Use Your Information
| Purpose | Data Used | Legal Basis |
|---|
| Deliver your website | Business brief, contact info | Contract performance |
| Process payments | Billing information (via Stripe) | Contract performance |
| Send delivery notifications | Email address | Contract performance |
| Provide customer support | Email, account data | Legitimate interest |
| Improve our AI pipeline | Anonymized site briefs | Legitimate interest |
| Prevent fraud & abuse | IP address, usage data | Legitimate interest |
| Send service updates | Email address | Legitimate interest |
| Legal compliance | As required by law | Legal obligation |
We do not use your information for targeted advertising. We do not sell your data to third parties.
4. Information Sharing
We share your information only with trusted service providers necessary to operate our business:
- Stripe, payment processing (US)
- Microsoft Azure, cloud infrastructure, database, and email delivery (US)
- Anthropic, AI website generation; business brief data is sent to generate your site
- Pexels, stock photo sourcing for website imagery
- Cloudflare, DNS, CDN, and site delivery infrastructure (US)
- n8n, workflow automation for site generation pipeline (self-hosted)
All service providers are contractually required to handle your data securely and only for the purposes we specify.
Legal Disclosures
We may disclose your information if required by law, court order, or to protect the rights and safety of MDM Solutions, our clients, or the public.
Business Transfers
If MDM Solutions is acquired, merges, or transfers assets, your information may be transferred as part of that transaction. We will notify you via email before your data is transferred and becomes subject to a different privacy policy.
5. Cookies & Tracking
We use a minimal set of cookies to operate our service:
| Cookie | Purpose | Duration |
|---|
| Authentication session | Keep you signed in to the client portal | Session / 7 days |
| Cloudflare security | Bot detection and DDoS protection | Session |
| Stripe | Fraud prevention during checkout | Session |
We do not use advertising cookies, retargeting pixels, or third-party analytics that track you across websites. You can disable cookies in your browser settings; note that this may affect your ability to sign in to the client portal.
6. Data Retention
- Active client data: Retained for the duration of your subscription plus 90 days
- Website files: Retained for 30 days after subscription cancellation, then deleted
- Payment records: Retained for 7 years as required by US tax law
- Demo requests: Retained for 30 days, then deleted
- Support emails: Retained for 2 years
- Uploaded files (menus, images): Retained while your subscription is active
You may request deletion of your data at any time by contacting hello@mdmsolutions.it. We will action deletion requests within 30 days, subject to legal retention requirements.
7. Security
We implement industry-standard security measures to protect your data:
- All data transmission encrypted via HTTPS/TLS
- Data stored on Microsoft Azure with encryption at rest
- Payment data handled exclusively by Stripe (PCI-DSS compliant)
- Access to client data restricted to authorized MDM Solutions personnel
- Multi-factor authentication required for all administrative access
While we take all reasonable precautions, no method of transmission over the internet is 100% secure. If you believe your account has been compromised, contact us immediately at hello@mdmsolutions.it.
8. Your Rights
All Users
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your personal data
- Portability: Receive your data in a machine-readable format
- Opt-out: Unsubscribe from marketing communications at any time
California Residents (CCPA)
California residents have additional rights under the California Consumer Privacy Act:
- Right to know what personal information is collected and how it is used
- Right to delete personal information
- Right to opt out of the sale of personal information (we do not sell data)
- Right to non-discrimination for exercising your privacy rights
EU/UK Residents (GDPR)
If you are in the European Union or United Kingdom, you have rights under the GDPR including the right to object to processing, restrict processing, and lodge a complaint with your local supervisory authority.
To exercise any of these rights, email hello@mdmsolutions.it. We will respond within 30 days.
9. Children's Privacy
MDM Solutions services are intended for business owners and are not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated policy on this page with a new "Last updated" date
- Sending an email notification to active clients at least 14 days before changes take effect
Your continued use of our services after changes take effect constitutes acceptance of the updated policy.