Privacy

Privacy Policy

Plain-English answers to what we collect, how we use it, and the choices you have.

Last updated: April 30, 2026

ProjectThunder, Inc. ("ProjectThunder", "we", "us") respects your privacy. This policy explains what information we collect when you visit projectthunder.com, contact us, or request a free site scan, and what we do with it. If anything here is unclear, write us at hello@projectthunder.com and we will answer plainly.

1. Information we collect

Information you give us directly

  • Contact form (/contact.html): name, email address, phone number, and the message you send.
  • Free site scan (/scan.html): name, email, phone, the target URL you ask us to scan, and any optional notes you provide.
  • Email or phone: anything you send us when you reach out directly.

Information collected automatically

  • Server logs: when your browser requests a page, our web server records the IP address, the URL requested, the time, the response status, the referring page, and your user agent. We use this to keep the site running, prevent abuse, and diagnose problems.
  • Rate-limit data for the scan tool: we record the IP address that triggered each scan, the target URL, and the time, so we can enforce a limit of three scans per IP per 30 days. This is stored in a small local database on the server.

Cookies and similar technologies

We use a small number of analytics tools to understand which pages perform well and where visitors get stuck:

  • Google Analytics 4 (GA4) — first-party cookies (_ga, _ga_*) for session and page-view counts. Standard signals: page URL, referrer, session length, browser, country, device. Not used for advertising, remarketing, or identifying individuals. Governed by the Google Privacy Policy.
  • Microsoft Clarity — anonymous heatmaps and session replays so we can see where layouts confuse visitors. Personally-identifying form fields (names, emails, payment) are masked by default. Governed by the Microsoft Privacy Statement.

We do not use Meta pixels, ad-network trackers, or third-party advertising cookies. The Vimeo player embedded on the scan page may set cookies if you press play; those are governed by Vimeo’s privacy policy.

To opt out: install the Google Analytics Opt-out Browser Add-on, or use a privacy-respecting browser / extension that blocks tracking scripts.

2. How we use what we collect

  • To respond to your inquiry, schedule a call, or send the scan report you requested.
  • To enforce the per-IP scan rate limit and prevent abuse of the free tool.
  • To operate, secure, and improve the site (server logs, error monitoring).
  • To keep records of business communication, where applicable.

We do not sell your information. We do not use it to train AI models. We do not share it with marketing partners.

3. Third parties we share data with

We use a small number of vendors to operate the site. We share data with them only to the extent necessary to deliver what you asked for.

  • Anthropic (Claude API): when you request a free site scan, we send the target URL and the scan’s page content to Claude for analysis. Your contact information (name, email, phone) is never sent to Anthropic. Per Anthropic’s commercial terms, API content is not used to train models.
  • BuiltWith: for the same scan, we send the target URL to BuiltWith’s technology-detection API. Again, your contact information is not sent.
  • Email delivery (SMTP): when we email you a scan report or a contact-form acknowledgement, the message passes through standard email infrastructure.
  • Web hosting: the site runs on Microsoft IIS hosted by ProjectThunder; server logs live on those servers.
  • Google Analytics 4: tells us which pages get traffic and where visitors come from. Standard web-analytics signals only — no advertising or remarketing use.
  • Microsoft Clarity: anonymous heatmaps + session replays. Form fields with personal data (names, emails) are masked by default.

We may also disclose information if required by law or to protect against fraud, abuse, or security threats.

4. How long we keep it

  • Contact-form submissions and scan-tool submissions are retained as long as the business relationship is active, plus a reasonable period afterwards (typically up to seven years for accounting and tax recordkeeping).
  • Web server logs are kept for up to 90 days.
  • Scan-tool rate-limit records are pruned after 30 days.

5. Your choices and rights

You can:

  • Ask what we have on file for you and request a copy.
  • Ask us to correct or delete it.
  • Ask us to stop emailing you (we’ll honor it; we don’t run a marketing list).

If you live in California, the EU/UK, or another jurisdiction with specific privacy rights (CCPA/CPRA, GDPR, similar), those rights apply and we will honor them. Email hello@projectthunder.com with your request and we will respond within 30 days.

6. Children

This site is for businesses. We do not knowingly collect data from anyone under 13. If you believe a minor submitted information through the site, contact us and we will delete it.

7. Security

We use TLS for all traffic in and out of the site. Submission data is stored on our hosting infrastructure with access restricted to ProjectThunder employees who need it. No system is perfectly secure; if you believe a security issue affects your data, please write us and we will investigate.

8. Changes to this policy

If we change this policy in a material way, we will update the "Last updated" date above and, where appropriate, notify you. The current version is always available at this URL.

9. Contact us

ProjectThunder, Inc.
Email: hello@projectthunder.com
Phone: 877.609.9029