At Mighty and True LLC d/b/a Mighty and True (“We” or “Us”), We know that our users care about how their information is used and shared, and We take your privacy seriously. Please read the following to learn more about our Privacy Policy.

What does this Privacy Policy cover?

This Privacy Policy explains how we collect, use, and protect information through our website at mightyandtrue.com, as well as how we handle any information that clients or visitors voluntarily share with us during the course of doing business. It applies to prospective clients, current clients, and visitors to our site. It does not apply to your customers or end users—we do not market to them or store their data.

What information does Mighty & True collect?

Information You Knowingly Provide to Us

We may store information you provide to Us. For our Websites this includes contact info submitted through contact forms or emailed directly to Us.

Cookies

When you visit our website or fill out a form, we may collect basic business contact information such as your name, email address, company name, and role. We may also collect information about how you use the site—such as which pages you view, how long you stay, and what device or browser you use—via standard website analytics tools. If you email us, submit a form, or schedule a meeting, any information you choose to share with us is also collected.

We do not collect personally identifiable information about your customers or internal systems unless you explicitly share it with us for project purposes. In cases where clients choose to provide access credentials to platforms (e.g., web CMS, ad platforms, marketing tools), we treat those credentials as confidential, store them securely using an encrypted password manager, and use them only as needed for the engagement.

‍

Our website uses standard cookies and tracking tools, such as Google Analytics, to understand how users interact with our site. This helps us improve content and functionality. These tools collect anonymous data such as browser type, IP address, device type, and referral source. You can adjust your browser settings at any time to block cookies or prevent tracking.

‍

How does Mighty & True use and share the information it collects?

We use the information we collect to respond to inquiries, understand how visitors are using our website, and—if you opt in—send you occasional emails about our services, insights, or newsletter. Any information shared as part of a client relationship is used solely to deliver services that the client has requested. We do not use or repurpose client-shared data for marketing, resell it, or share it with any third party unless explicitly agreed upon.

How do we handle client provided access?

In some engagements, clients may grant us access to third-party tools or platforms such as Google Analytics, Figma, HubSpot, WordPress, or ad platforms. These credentials are always shared at the client’s discretion and remain their property. We use them only to perform agreed-upon services, and access is revoked immediately upon completion of the project or by client request. All logins are stored securely in a company-managed password manager with access restricted to the relevant team.

We do not request or retain access to customer databases, proprietary systems, or personally identifiable customer data unless necessary for a specific project and approved by the client in writing. In most cases, our work is conducted using client-approved assets and platforms, without the need for data access.

How do we protect information?

We use modern, cloud-based systems with strict access control policies. All team members work under company-managed accounts and are required to use two-factor authentication on all core platforms. We do not allow work to be conducted on personal devices or email accounts. Shared client credentials are managed through a secure password management system and reviewed regularly. Our team is trained on basic security best practices and we maintain internal documentation to guide secure project delivery.

We also conduct periodic access reviews and immediately revoke credentials when a project ends, an employee leaves, or a contractor role is concluded. While we are not subject to SOC 2 certification, we operate in line with many of its principles, including role-based access, security hygiene, and data minimization.

How do we store and manage data?

Data Retention and Deletion of Data

We retain client-related assets, shared credentials, or temporary access only for the duration of a project and for a reasonable period afterward—typically no more than six months—unless otherwise requested or contractually agreed. Marketing inquiries and website form submissions are retained only as long as needed to respond or to maintain business contact, and you may request deletion at any time. To request access to, update, or delete any information we hold about you, simply contact us at staybold@mightyandtrue.com.

How do we update and manage this policy?

We may revise this Privacy Policy from time to time to reflect updates to our practices or services. Any significant changes will be posted to our website, and the updated policy will include a revised “last updated” date at the top. We encourage you to review this page periodically.

Questions or concerns?

If you have any questions or concerns regarding our privacy policies, please send Us a detailed message to staybold@mightyandtrue.com.