At Webleadr, we are committed to protecting your privacy and ensuring that your personal data is handled in compliance with the General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, and safeguard your data.
What data do we collect
We collect personal data, including:
- Email Address: For account creation, authentication, and communication.
- Usage Information: Collected through PostHog for analytics, feature adoption tracking, user journey analysis, error tracking, and session replays.
- Payment Information: Processed by Paddle to handle orders and payments.
- AI-driven content generation: Data may be sent to OpenAI for generating content using AI.
- Cookies: Used for authentication, analytics, and YouTube embeds.
How do we collect and use your data
We collect data through:
- User Input: Data you provide during registration, login, and account management.
- Third party services:
- Cookies and Tracking Technologies: Used for functionality and YouTube embeds (Google's privacy policy).
Legal basis for processing
We process your data based on the following legal bases:
- Contract Performance: To provide services (e.g., account management, payments).
- Legitimate Interest: For technical functionality monitoring including app monitoring, error tracking, analytics, and session replays via PostHog. These tools are primarily used to identify and fix bugs, improve application performance, and ensure smooth user experience, not for commercial profiling or marketing purposes.
What are your data protection user rights
You have the following rights under GDPR:
- Right to Access: Request copies of your data.
- Right to Rectification: Correct inaccurate or incomplete data.
- Right to Erasure: Delete your account and associated data.
- Right to Restrict Processing: Limit how your data is used.
- Right to Object: Object to data processing under specific circumstances.
- Right to Data Portability: Request your data in a portable format.
To exercise your rights, contact us at [email protected].
What are cookies
Cookies are text files placed on your local computer to collect information for later use.
What types of cookies do we use
We use both essential cookies necessary for the operation of our application and technical monitoring cookies through PostHog. The essential cookies are primarily used for authentication purposes, enabling registered users to access and use our service. PostHog analytics, error tracking, and session replay tools are necessary for ensuring the proper functioning and stability of our service, helping us identify bugs quickly and efficiently. Without these technical monitoring tools, we would not be able to effectively fix issues that affect user experience. All data collected through these tools is used solely for improving application performance and fixing errors, not for commercial profiling or marketing purposes.
How to manage your cookies
You must accept our cookies to use our service. These cookies include essential cookies necessary for the proper functioning of the application and analytics cookies that help us improve our service. You will be presented with a cookie consent notice when first visiting our site, which explains our cookie usage. By clicking "I understand," you consent to our cookie usage as described in this policy.
Data security
We implement robust security measures to protect your personal data:
- Encryption: All data is encrypted during transmission and storage.
- Access Control: Only authorized personnel can access sensitive data.
- Secure Authentication: User accounts are protected by modern authentication protocols like OAuth and JWT.
- Password Protection: Passwords are stored using strong hashing algorithms.
Data retention
We retain your personal data only for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy. Account-related data, such as your email address and authentication details, is retained for the duration of your account’s existence. Once you delete your account, all associated personal data is permanently removed from our systems, except where retention is required by law.
Payment-related data is retained for a legally required period to comply with tax and financial regulations. This includes data related to invoices and transaction records, which are typically retained for six to ten years, depending on the applicable laws.
Links to Third-Party websites and services
We may include links to third-party websites or services that we do not control. We are not accountable for the practices or content of these linked websites or services. Your use of any third-party website or service is governed by their respective terms and policies, not ours. Using such websites or services is at your own risk, and we advise you to review their privacy policies before sharing any personal information.
International data transfers
Some of our third-party services transfer data outside the European Economic Area (EEA). These transfers comply with GDPR standards through the use of Standard Contractual Clauses (SCCs) and other safeguards. For example:
Paddle, PostHog, and Cloudflare have implemented SCCs to ensure your data is protected during international transfers.
Changes to our privacy policy
We regularly review our privacy policy and update this page accordingly.
How to contact us
For questions or comments about Webleadr's privacy policy or the data we hold on you, contact us at [email protected]