This page describes what information The Holmor Group LLC collects when you visit our site, request a demo, sign up for the client portal, or hire us to build, host, or maintain your website. We wrote it in plain language so you actually finish reading it.
Effective May 19, 2026
Contact and demo requests, lead forms, package-builder submissions, and signup details (name, business name, email address, and a hashed password). If you reach out by email or phone, we keep what you send so we can answer it.
For active client portal accounts, we store role, status, assigned packages, and timestamps for changes. Payment is handled by QuickBooks Online and Intuit Payments — your card or bank details are entered on their hosted page and never reach our servers.
When you browse the site we automatically receive standard request metadata: IP address, user agent, referring page, and the routes you visit. We use this for rate limiting, abuse prevention, and basic operational diagnostics.
We set one signed session cookie when you sign in to the client portal. We do not use third-party advertising cookies or cross-site tracking pixels. A small number of essential cookies may be set by our hosting provider for security and load balancing.
Customer name, email, and invoice line items are sent to Intuit so they can email you a hosted Review and pay link and process the transaction. Their privacy policy applies to anything you enter on their pages.
Our hosting provider serves every request and stores standard server logs for security and performance. They do not receive your portal password or any QuickBooks token.
Used to deliver transactional email (signup notifications, approval messages, password reset links). They receive only the recipient address and the message body.
User accounts, package assignments, and password reset tokens (stored only as SHA-256 hashes) live in a managed Postgres database used solely to operate this site.
We will disclose information when required by valid legal process, or when narrowly necessary to protect the safety, rights, or property of our clients, our visitors, or our business.
Lead and contact submissions are kept while we're actively in conversation and for a reasonable follow-up window after. Client portal accounts and assigned packages are retained for the life of the engagement plus the period required by tax and accounting regulations. Password reset tokens expire one hour after they are issued and are stored only as hashes.
Server logs used for security and rate limiting are retained for a short operational window and then rotated out. If you ask us to delete your account, we will — except for records we are legally required to keep (paid invoices, tax records, and the like), which are isolated from active use.
lead_submissions : follow-up window
portal_accounts : life of engagement
invoices : tax-retention required
reset_tokens : 1 hour, hashed
server_logs : short operational window
ad_tracking_data : none — not collected
To exercise any of these rights, reach us at a.morris@theholmorgroup.com. We'll confirm the request, verify identity where appropriate, and respond within a reasonable timeframe.
Our services are intended for business owners and operators and are not directed to children under 13. We do not knowingly collect personal information from children.
The Holmor Group LLC is based in Milwaukee, Wisconsin, USA. Information you submit is processed in the United States. If you are visiting from outside the US, you consent to that transfer.
We update this page when our practices change. The effective date at the top reflects the most recent version. Material changes will be highlighted to active client portal accounts.
No support queue, no chatbot. You email us, we email you back — usually within a business day.
