Privacy Policy

Effective Date: 02/08/2026 

Crafted IP LLC (“Company,” “we,” “our,” or “us”) respects your privacy and is committed to protecting it. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services. By accessing or using our website, services, or communications, you agree to the terms of this Privacy Policy.

  1. INFORMATION WE COLLECT

We may collect:

  1. HOW WE USE INFORMATION

We use information solely for:

  1. DISCLOSURE OF INFORMATION

We do not sell your information. We may disclose information only:

  1. DATA SECURITY

4.1 Overview

We implement commercially reasonable administrative, technical, and physical safeguards to protect your information, including encryption of data in transit and at rest, access controls, and regular security assessments. However, no electronic system is completely secure.

To the fullest extent permitted by law, we shall not be liable for unauthorized access, disclosure, or loss resulting from circumstances beyond our reasonable control, including but not limited to third-party cyberattacks, hacking, or security breaches, provided we have implemented and maintained the commercially reasonable safeguards described above.

This limitation does not apply to liability arising from our gross negligence or willful misconduct.

4.2 Technical Security Measures

We implement the following security measures:

(a) Encryption

(b) Access Controls

(c) Network Security

(d) Data Backup

(e) Monitoring and Logging

4.3 Administrative Security Measures

(a) Staff Training

(b) Policies and Procedures

(c) Regular Assessments

4.4 Physical Security

For physical documents and devices:

4.5 Disclaimer and Limitations

Despite our security measures:

(a) No Security is Absolute No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

(b) User Responsibility You are responsible for:

(c) Limitation of Liability To the fullest extent permitted by law, we shall not be liable for unauthorized access, disclosure, or loss resulting from circumstances beyond our reasonable control, provided we have implemented and maintained the security measures described above. This limitation does not apply to liability arising from our gross negligence or willful misconduct.

  1. DATA RETENTION

We retain personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law.

Retention Periods:

(a) Website Visitors (No Account/Service)

(b) Prospective Clients (Consultation Only)

(c) Active Clients (Engagement Agreement)

(d) Former Clients

(e) Legal Holds and Exceptions If litigation, governmental investigation, or audit is pending or reasonably anticipated, we may retain data beyond the standard retention period until the matter is resolved.

Deletion Methods:

When data is deleted, we use secure deletion methods including:

Archival Exceptions:

We may retain one archival copy of certain records for:

This archival copy remains subject to confidentiality obligations.

Important Note Regarding Deletion Requests:

While we honor deletion requests where legally permissible, certain records must be retained to comply with USPTO Rules of Professional Conduct (37 CFR § 11.18) and other legal obligations. We will explain any limitations on deletion when responding to your request.

  1. YOUR RIGHTS

6.1 Applicability and Voluntary Compliance

While Crafted IP LLC may not meet the statutory thresholds requiring compliance with certain international or out-of-state privacy laws (such as GDPR or CCPA revenue and data volume requirements), we provide the rights described below to our users as a matter of best practice and commitment to privacy.

6.2 California Consumer Privacy Act (CCPA) Rights

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

(a) Right to Know You may request disclosure of:

(b) Right to Delete You may request deletion of personal information we have collected from you, subject to certain exceptions under law (such as legal compliance, fraud prevention, or completing transactions).

(c) Right to Opt-Out of Sale We do NOT sell personal information. However, you have the right to opt out if our practices change in the future.

(d) Right to Non-Discrimination We will not discriminate against you for exercising your CCPA rights, including by:

(e) Right to Correct You may request correction of inaccurate personal information we maintain about you.

(f) Right to Limit Use of Sensitive Personal Information If we collect “sensitive personal information” as defined by CCPA (such as precise geolocation, financial account information, or contents of communications), you may request that we limit its use to certain purposes. Currently, we do not collect sensitive personal information beyond what is necessary for providing patent services.

How to Exercise Your Rights:

Submit requests via the contact page on our website or by email using the contact information in Section 16. We will respond within 45 days (extendable by 45 days if necessary). You may designate an authorized agent to make requests on your behalf by providing written authorization.

Verification Process:

To protect your privacy, we will verify your identity before fulfilling requests. We may request additional information to verify your identity, such as:

We will only use information provided for verification purposes.

No Sale of Personal Information:

We do not and will not sell your personal information to third parties for monetary consideration. We have not sold personal information in the preceding 12 months.

Categories of Personal Information Collected (Last 12 Months):

Sources of Personal Information:

Business Purposes for Collection:

Categories of Third Parties with Whom We Share Information:

6.3 General Data Protection Regulation (GDPR) Rights

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the GDPR:

(a) Right of Access (Article 15) You have the right to request a copy of the personal data we hold about you.

(b) Right to Rectification (Article 16) You may request correction of inaccurate or incomplete personal data.

(c) Right to Erasure / “Right to be Forgotten” (Article 17) You may request deletion of your personal data in certain circumstances, such as:

Exceptions apply where we must retain data for legal obligations (including USPTO professional obligations under 37 CFR § 11.18), defending claims, or exercising legal rights.

(d) Right to Restriction of Processing (Article 18) You may request that we limit how we use your personal data in certain situations.

(e) Right to Data Portability (Article 20) You have the right to receive your personal data in a structured, commonly used, and machine-readable format (such as CSV or JSON) and transmit it to another controller.

(f) Right to Object (Article 21) You may object to processing of your personal data based on legitimate interests or for direct marketing purposes.

(g) Right to Withdraw Consent (Article 7) Where processing is based on consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

(h) Right Not to be Subject to Automated Decision-Making (Article 22) You have the right not to be subject to decisions based solely on automated processing, including profiling, that produces legal effects or similarly significantly affects you. We do not engage in such automated decision-making.

(i) Right to Lodge a Complaint You have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or place of alleged infringement.

Legal Basis for Processing (GDPR Article 6):

We process personal data under the following legal bases:

International Data Transfers:

If you are located outside the United States, your information may be transferred to and processed in the U.S., where data protection laws may differ from those in your country.

We take steps to ensure adequate protection through:

How to Exercise Your Rights:

Submit requests via the contact page on our website using the information in Section 16. We will respond within one month (extendable by two months if complex). We may request additional information to verify your identity.

Data Protection Officer:

As of the effective date, we are not required to appoint a Data Protection Officer. For privacy inquiries, contact us using the information in Section 16.

  1. INTERNATIONAL DATA TRANSFERS

If you are located outside the United States, your information may be transferred to and processed in the U.S. or other jurisdictions. We take steps to ensure such transfers comply with applicable data protection laws, including GDPR, through the use of Standard Contractual Clauses, adequacy decisions, or other appropriate safeguards.

  1. THIRD-PARTY LINKS

Our services may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. Your use of third-party websites is governed by their respective privacy policies and terms of service.

  1. CHILDREN’S PRIVACY

(a) No Knowing Collection We do not knowingly collect personal information from children under 18 without verifiable parental consent.

(b) Parental Rights If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will delete such information from our systems within a reasonable timeframe.

(c) COPPA Compliance (Children Under 13) We comply with the Children’s Online Privacy Protection Act (COPPA) for children under 13. If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information as soon as possible.

(d) Age Verification By using our services, you represent that you are at least 18 years old. We may request age verification if we suspect a user is under 18.

(e) Educational Exceptions If you are under 18 and using our services as part of an educational program or project supervised by a parent, guardian, or teacher, such adult must provide consent and supervise your use of our services.

Our services are not directed to individuals under 18. We do not knowingly collect information from minors.

  1. LIMITATION OF LIABILITY

To the fullest extent permitted by law, our aggregate liability for any claims arising from this Privacy Policy or the collection, use, or disclosure of your information shall be limited to direct damages not to exceed $5,000 USD or the total amount of fees you paid to us in the twelve (12) months preceding the claim, whichever is lower. We shall not be liable for consequential, incidental, special, punitive, or exemplary damages.

For clients who have executed an Engagement Agreement with us, the liability limitations set forth in that Engagement Agreement shall supersede and control over the limitations in this Privacy Policy with respect to services provided under that agreement.

This limitation does not apply to:

(a) Liability arising from our gross negligence or willful misconduct;
(b) Violations of specific statutory privacy rights that cannot be waived; or
(c) Claims where applicable law prohibits such limitation.

Your use of our services is at your own risk for issues beyond the scope of our reasonable control.

  1. CHANGES TO THIS POLICY

We may update this Privacy Policy at any time. Updates will be posted on this page with a revised “Effective Date” and version number at the top of this document.

Continued use of our services after changes are posted constitutes acceptance of the updated Privacy Policy. If you do not agree to the modified Privacy Policy, you must stop using our services.

For material changes that significantly affect your rights, we will make reasonable efforts to provide notice through the website or via email if you have provided contact information.

We recommend reviewing this Privacy Policy periodically to stay informed of any changes.

  1. CONTACT US

If you have questions or concerns about this Privacy Policy or our privacy practices, contact us:

Via our website: Contact Us
By email: [email protected]
By mail: Crafted IP LLC, 5013 S Louise Ave Unit 5133, Sioux Falls, SD 57108

  1. ANALYTICS AND VISITOR TRACKING

We use web analytics tools to understand how visitors interact with our website. Analytics help us improve the site by collecting information such as:

This data is processed in a way that respects your privacy. IP addresses are anonymized, and no personal information such as your name or email address is tracked through analytics.

13.1 Data Retention for Analytics

Analytics data is retained for a maximum of 26 months. After this period, the data is automatically deleted. IP addresses are anonymized immediately upon collection and are never stored in identifiable form.

13.2 Cookies and Similar Technologies

What Are Cookies?

Cookies are small text files placed on your device by websites you visit. They help websites remember your preferences and improve your experience.

Essential

Essential cookies enable basic functions and are necessary for the proper function of the website.

NameDescriptionDuration
wpconsent_preferencesThis cookie is used to store the user's cookie consent preferences.30 days

Comments

These cookies are needed for adding comments on this website.

NameDescriptionDuration
comment_authorUsed to track the user across multiple sessions.Session
comment_author_emailUsed to track the user across multiple sessions.Session
comment_author_urlUsed to track the user across multiple sessions.Session

Login

These cookies are used for managing login functionality on this website.

NameDescriptionDuration
wordpress_logged_inUsed to store logged-in users.Persistent
wordpress_secUsed to track the user across multiple sessions.15 days
wordpress_test_cookieUsed to determine if cookies are enabled.Session

Types of Cookies We Use:

(a) Strictly Necessary Cookies

(b) Analytics Cookies

(c) Preference Cookies

We do NOT use:

Managing Cookies:

You can control and delete cookies through your browser settings. However, disabling certain cookies may limit website functionality.

Browser-specific cookie management instructions:

For more information about cookies and how to manage them, visit www.allaboutcookies.org.

13.3 Do Not Track (DNT) Signals

Some web browsers offer a “Do Not Track” (DNT) signal that requests websites not track users across websites.

Current Status: Currently, there is no industry-wide standard for how to respond to DNT signals. We do not respond to DNT signals at this time.

Alternative Privacy Controls:

You can control tracking through:

If industry standards develop, we will update our practices and this Privacy Policy accordingly.

13.4 Opt-Out of Analytics Tracking

We provide an opt-out option so you can choose not to be tracked by our analytics tools. If you opt out, analytics tools will no longer collect data about your visits to our site. Your choice will be stored in a cookie on your browser, and you can change it at any time.

We provide an opt‑out option below so you can choose not to be tracked by Matomo. If you use this widget to opt out, Matomo will no longer collect analytics data about your visits to our site. Your choice will be stored in a cookie on your browser, and you can change it at any time by revisiting the widget.

[matomo_opt_out]

  1. DATA BREACH NOTIFICATION

In the event of a data breach that affects your personal information, we will:

(a) Investigate the breach promptly and take steps to mitigate harm;

(b) Notify affected individuals without undue delay if the breach is likely to result in a high risk to your rights and freedoms (GDPR) or as otherwise required by applicable law. In accordance with South Dakota law (SDCL § 22-40-20), we will notify affected South Dakota residents within 60 days of the discovery of a breach, unless a longer period is requested by law enforcement or required by other applicable laws such as CCPA;

(c) Provide information about:

(d) Notify relevant supervisory authorities as required by law, including the South Dakota Attorney General where required under SDCL § 22-40-20; and

(e) Implement additional security measures to prevent future breaches.

Notification will be provided by email, posting on our website, or other appropriate means depending on the circumstances and legal requirements.

Limitation:

We are not required to provide notification if:

  1. THIRD-PARTY SERVICE PROVIDERS

We engage third-party service providers to assist with business operations. These providers have access to personal information only to perform specific tasks on our behalf and are obligated to protect your information through contractual agreements.

Categories of Service Providers:

We work with service providers in the following categories:

(a) Analytics Platforms

(b) Email Service Providers

(c) Cloud Storage Providers and AI Service Providers

(d) Payment Processors

(e) Website Hosting Providers

(f) Professional Service Platforms

Due Diligence:

We conduct due diligence on service providers to ensure they:

Limitation of Responsibility:

While we carefully select and monitor our service providers, we are not responsible for their privacy practices beyond our contractual agreements with them. Each service provider operates under their own privacy policy and security practices.

Additional Information Upon Request:

For security reasons, we do not publicly disclose the specific names of all service providers. However, if you would like more detailed information about specific service providers we use, you may submit a written request using the contact information in Section 16. We will provide additional details where doing so does not compromise our operational security.

Changes to Service Providers:

We may change service providers from time to time to improve our services or operational efficiency. Material changes will be reflected in updates to this Privacy Policy.

  1. HOW TO EXERCISE YOUR PRIVACY RIGHTS

Submitting Requests:

You may exercise your rights by:

(a) Completing the form on our contact page: Contact Us
(b) Emailing us at: [email protected]
(c) Mailing us at: Crafted IP LLC, 5013 S Louise Ave Unit 5133, Sioux Falls, SD 57108

Required Information:

To verify your identity, please provide:

Response Timeline:

Verification Process:

We take verification seriously to protect against fraudulent requests. We may:

We will only use information provided for verification purposes and will not retain it longer than necessary.

Fees:

We do not charge a fee for exercising privacy rights unless requests are manifestly unfounded or excessive, or you request duplicate copies beyond the first free copy.

If a fee applies, we will notify you in advance and explain the basis for the fee.

Authorized Agents (California Residents):

You may designate an authorized agent to submit requests on your behalf by:

The agent must verify both your identity and their authority to act on your behalf.

Denial of Requests:

If we deny a request (in whole or in part), we will explain:

Appeal Process:

If you believe we wrongfully denied your request, you may appeal by contacting us using the information above within 30 days of our response. We will respond to appeals within 45 days.

ACCESSIBILITY STATEMENT

We strive to maintain accessibility of this website and our privacy practices in accordance with applicable standards. If you experience difficulty accessing this Privacy Policy or any content on our website, or if you require this Privacy Policy in an alternative format, please contact us using the information in Section 16.