Privacy Policy

Last Updated: October 15, 2025

FyreLit Designs, headquartered in Tennessee, USA (“we,” “us,” or “our”), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website (www.fyrelitdesigns.com), use Blaze, our web application for project tracking and management (“Blaze” or the “Service”), or engage with any other services we provide, hosted on U.S. servers. If you are in the European Economic Area (EEA), this policy includes details to comply with the General Data Protection Regulation (GDPR). By using our website or services, you agree to these practices.

1. Information We Collect

We collect:

• Personal Data: Name, email address, job title, organization details, and phone number (for SMS verification) when you create an account or interact with Blaze.
• Project Data: Project details, work instructions, part counts, photos, notes, and customer approvals you input.
• Usage Data: IP addresses, browser type, device information, and pages visited to improve functionality.
• Payment Data: Billing details (e.g., credit card information) processed securely via third-party payment providers.
• Website Data: When you visit our website, we collect information such as your name, email, company, phone number, and message through contact forms, as well as analytics data (e.g., IP address, browser type, pages visited) via cookies or tools like Google Analytics to improve user experience. You can manage cookie preferences via our cookie consent tool.

2. Legal Basis for Processing

We process personal data under the following GDPR lawful bases:

• Contract: To provide Blaze’s services (e.g., project tracking, report generation, team management, and account verification via SMS).
• Consent: For non-essential communications (e.g., marketing emails), where you explicitly opt in.
• Legitimate Interest: For analytics to improve Blaze and our website, provided it doesn’t override your rights.

3. How We Use Your Information

We use your data to:

• Deliver and enhance Blaze’s functionality (e.g., project tracking, approvals, invoicing).
• Send service-related communications (e.g., project updates, approval requests).
• Process payments and manage subscriptions.
• Analyze usage to optimize performance, subject to your consent for non-essential analytics.
• Support ISO 9001 compliance and maintain role-based permissions.
• Verify accounts via SMS using Twilio, our third-party processor.
• Respond to inquiries submitted via our website contact form.
• Analyze website usage to enhance content and functionality, subject to your cookie consent.

4. Cookies and Tracking Technologies

We use cookies and similar technologies (e.g., pixels, web beacons) to enhance your experience on our website, analyze traffic, and deliver personalized content. Cookies may include essential cookies (required for site functionality) and non-essential cookies (e.g., for analytics or marketing). You can manage your preferences through our cookie consent tool on your first visit. For more details, see our Cookie Policy.

5. SMS Communications

For account verification, we use Twilio to send one-time passcodes (OTPs) via SMS. By providing your phone number during signup, you consent to receive these verification messages (typically 1-2 per account creation/login attempt). This processing is necessary for contract performance (secure access to Blaze). Messages comply with U.S. laws, including the Telephone Consumer Protection Act (TCPA) and 10DLC registration for Application-to-Person (A2P) messaging. To opt out of non-essential SMS (if added later), reply “STOP” to any message or contact us. Twilio acts as our data processor under a Data Processing Addendum (DPA), ensuring secure handling and deletion after use. For EEA users, SMS data transfers to Twilio use Standard Contractual Clauses (SCCs) for GDPR compliance. We do not use SMS for marketing without separate consent.

6. How We Share Your Information

We do not sell your data. We may share it:

• With authorized users in your organization (e.g., management, technicians, customers) based on role-based permissions for Blaze users.
• With service providers like Twilio (for SMS), Google Cloud Platform (for hosting), and analytics providers (e.g., Google Analytics for website traffic), under strict confidentiality agreements and GDPR-compliant Data Processing Addendums (DPAs) or Standard Contractual Clauses (SCCs).
• To comply with legal obligations (e.g., lawful requests, fraud prevention).

7. International Data Transfers

Blaze and our website are hosted on U.S. servers. For EEA users, we transfer your data to the U.S. (including to Twilio) using Standard Contractual Clauses (SCCs) to ensure GDPR-compliant safeguards. Contact us for a copy of our SCCs or Twilio’s DPA.

8. Data Retention

We retain personal data only as long as necessary for the purposes outlined (e.g., active subscriptions, project completion, or 30 days for verification logs). Data is deleted or anonymized after account termination, except where required by law (e.g., tax records). SMS logs are retained for 7 days post-verification for security audits.

9. Your Data Protection Rights (EEA Users)

If you are in the EEA, you have the right to:

• Access: Request a copy of your personal data.
• Rectify: Correct inaccurate data.
• Delete: Request deletion, subject to legal obligations.
• Restrict: Limit processing in certain cases.
• Portability: Receive your data in a structured, machine-readable format.
• Object: Object to processing based on legitimate interests (e.g., analytics).
• Withdraw Consent: For consented processing (e.g., non-essential SMS), withdraw consent at any time without affecting prior processing.

To exercise these rights, contact us at privacy@fyrelitdesigns.com. We respond within one month (extendable under GDPR). You may also lodge a complaint with your local supervisory authority (e.g., CNIL in France, ICO in the UK).

10. Data Security

We use Google Cloud Platform, encryption, and role-based permissions to protect your data. Twilio employs similar measures for SMS. In case of a data breach, we will notify EEA supervisory authorities and affected users within 72 hours, as required by GDPR.

11. Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer at dpo@fyrelitdesigns.com.

12. Your Choices

Update your account information in Blaze.
Opt out of non-essential emails or SMS via preferences or by contacting us.
Request data deletion at dpo@fyrelitdesigns.com, subject to legal retention requirements.

13. Third-Party Links

Blaze integrates with third-party services (e.g., Twilio for SMS, accounting systems). We are not responsible for their privacy practices. Review their policies (e.g., Twilio’s GDPR resources) before use.

14. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. We will notify you of material changes via email or within Blaze.

15. Contact Us

FyreLit Designs
privacy@fyrelitdesigns.com
235 Bayshore Drive, Hendersonville, TN 37075
For EEA users: Contact our DPO at dpo@fyrelitdesigns.com or your local supervisory authority.