Privacy Policy

Effective date: 1 January 2020

We respect your right to privacy. Please read this privacy policy carefully because it explains in detail how we collect, use and disclose your personal data, and what choices you have with respect to your personal data.

1. GENERAL INFORMATION

In this section, we provide you with general information about the entity that is responsible for your personal data, this privacy policy, and wwwproof.

1.1. About the Privacy Policy. This wwwproof Privacy Policy (the “Privacy Policy”) governs the processing of personal data collected from individual users and business entities (the “Customer”, “you” and “your”) through the online platform https://wwwproof.com and the related services (collectively, the “Platform”). This Privacy Policy does not apply to any third-party applications or software that integrate with the Platform or any other third-party products, services or businesses.

1.2. Responsible entity. The company that is responsible for the processing of your personal data through the Platform is SC DEVLINE SOFTWARE SRL having a business address at Inului Street 2-5, 2nd floor, ap. 8, 400636 Cluj-Napoca, Romania, and the company registration number J12/3252/2015 (“we”, “us”, and “our”).

1.3. About the Platform. The Platform provides marketing support services by offering marketers a possibility to create and manage proof notifications displayable on marketer’s website (the “Notifications”).

1.4. Our role as a data controller and processor. When handling personal data through the Platform, we may act as a data controller and a data processor. Notwithstanding our role, we will comply with our respective obligations and strive to ensure that all personal data processed through the Platform is handled properly, in accordance with applicable data protection laws. Our role depends on a specific situation:

  • We will act as a data controller when we ask you to submit your personal data that is necessary for your use of the Platform (e.g., when you register your user account, make payments, or contact us directly).
  • We will act as a data processor in the situations when you conclude a service contract with us and, while using the Platform, you ask your end-users (the “Visitors”) to submit certain personal data through the Notifications (e.g., their email address or phone number). In such situations, you act as a data controller, whereas we act as a data processor. In order to ensure that personal data is processed in accordance with the strictest data protection standards, we provide a data processing agreement which can be received by contacting us directly.

1.5. Your consent to the Privacy Policy. Before you submit any personal data through the Platform, you are encouraged to read this Privacy Policy that is always available on the Platform. In some cases, we may seek to obtain your consent for the processing of your personal data. For example, we may seek your prior consent in the following instances:

  • If we intend to collect other types of personal data that are not mentioned in this Privacy Policy;
  • If we intend to use your personal data for purposes that are not indicated in this Privacy Policy;
  • If we would like to disclose or transfer your personal data to third parties that are not specified in this Privacy Policy; or
  • If we significantly amend this Privacy Policy. 

1.6. Minors. The Platform should not be accessed and used by persons under the age of 18. Therefore, we do not knowingly collect personal data of persons under 18. If we learn that a minor has submitted any personal data to us, we will immediately remove such personal data from our systems.

1.7. Cookies and tracking technologies. To ensure the best possible user experience, we use cookies on the Platform and while providing our services. For detailed information about our cookies and other tracking technologies, please refer to our cookie policy available at https://wwwproof.com/cookie-policy.

 

2. TYPES AND PURPOSES OF PERSONAL DATA

We collect only a minimal amount of personal data that is necessary for ensuring your proper use of the Platform. We use your personal data for specified and limited purposes. In this section, we explain what personal data we collect from you, for what purposes we use that data, and on what lawful bases we rely when processing personal data.

2.1. Types of personal data. We comply with data minimisation principles. Thus, we collect only a minimal amount of personal data that is necessary for your use of the Platform. If necessary to ensure the provision of our services, we will process the personal data submitted by your Visitors on your behalf. The list of the types of personal data processed by us is provided in Section 2.3 below.

2.2. Purposes of personal data. We process your personal data only for specified and legitimate purposes explicitly mentioned in this Privacy Policy. In short, we will use personal data only for the purposes of enabling you to use the Platform, providing the requested services, maintaining and improving the Platform, conducting research about our business activities, and replying to your enquiries. We will not use your personal data for any purposes that are different from the purposes for which your personal data was provided.

2.3. Overview of types and purposes of your personal data. The table below provides a detailed description of the types of personal data that we collect and process, the purposes for which we use it, and the legal bases on which we rely when processing your personal data.

Directly obtained personal data

Personal data

Purpose

Legal bases

When you register your user account, we collect your:

  • Full name;
  • Email address; and
  • Password.
  • To enable your access to the Platform;
  • To register and maintain your user account;
  • To deliver the requested services;
  • To contact you, if necessary; and
  • To analyse and improve our business.
  • Performing a contract with you; and
  • Pursuing our legitimate business interests (i.e., to administer and improve our business).

When you create a campaign, we collect:

  • Campaign name; and
  • Website domain name.
  • To deliver the requested services; and
  • To analyse and improve our business.
  • Performing a contract with you; and
  • Pursuing our legitimate business interests (i.e., to administer and improve our business).

When you make a payment, we collect your:

  • Payment transaction ID.

Please note our payment processor Paddle will collect from you certain personal data that will allow it to process your payments (please refer to section 2.4 form more information).

  • To maintain our accountancy records.
  • Pursuing our legitimate business interests (i.e., to administer our business).

When you contact us by email or by using our contact form, we collect your:

  • Name;
  • Email address; and
  • Any personal data that you decide to provide us in your message.
  • To respond to your enquiries; and
  • To provide you with the requested information.
  • Pursuing our legitimate business interests (i.e., to grow, support, and promote our business); and
  • Your consent (for optional personal data).

When you use the Platform, we collect your:

  • IP address;
  • Your approximate location; and
  • Cookie-related data.*

*Please refer to our cookie policy for more information.

  • To analyse, improve, and evaluate our business activities;
  • To customise the Platform for your location; and
  • To ensure security of the Platform.
  • Pursuing our legitimate business interests (i.e., to analyse and improve our business activities and ensure security)

Personal data processed on your behalf

Personal data

Purpose

Legal bases

When the Visitors submit any personal data through the Notifications, we will process that personal data, including Visitor’s:

  • Email address;
  • Phone number;  and
  • Any information that you decide to collect from the Visitors.

When you display the Notifications to the Visitors, we process Visitor’s:

  • Pixel keys;
  • IP address;
  • Location (country and city);
  • Agent, browser type, and version; and
  • Online behaviour data (e.g., track, hover, and click).
  • To deliver you the requested services;
  • To create and deliver analytics reports to you; and
  • To analyse our business.
  • Performing a contract with you; and
  • Pursuing our legitimate business interests (i.e., to analyse and improve our business).

2.4. Payment processing. All payments related to the Platform are processed by our third-party payment processor Paddle.com Market Limited (https://paddle.com) (“Paddle”). Please note that Paddle will collect from you some personal data, which will allow it to make the payments requested by you. Depending on the preferred payment method, such personal data includes your ZIP code, VAT number (optional), credit card details (card number, cardholder’s name, expiration date, and security code), and PayPal details (email address, name, and address). Paddle handles all the steps in the payment process through its systems, including data collection and data processing. We do not have access to your payment data or store your payment details in our systems, except for your payment transaction ID that is necessary for ensuring that the payment was successfully processed and maintaining our accountancy records. For more information on the privacy practices and security measures taken by Paddle, please refer to https://paddle.com/privacy/ .

2.5. Additional data. From time to time, we may receive certain additional data if you request support, interact with our social media accounts, submit your feedback, or otherwise communicate with us. Please note that the provision of such data is optional and you may choose what personal data you would like to share with us. We kindly request you to exercise your due diligence when disclosing any personal data. We will use such personal data to reply to you, provide you with the requested services, or for pursuing our legitimate business interests (i.e., to analyse and improve our business).

2.6. Sensitive data. We do not collect, under any circumstances, special categories of personal data (“sensitive data”) from you, such as your health information, opinion about your religious and political beliefs, racial origins, membership of a professional or trade association, or information about your sexual orientation, unless you decide to provide such sensitive data, at your own sole discretion.

2.7. Failure to provide personal data. All personal data that we ask you to submit is necessary for its purposes. If you fail to provide us with the personal data when requested, we may not be able to perform the requested operation and you may not be able to use the full functionality of the Platform, receive the services provided through the Platform, or get our response.

2.8. Visitor’s  personal data. If you are are a Visitor, i.e., an individual using the services provided by one of our Customers, and your personal data is processed by us on behalf of the Customer, this section should always be read in conjunction with the privacy policy of the respective Customer. Customer’s individual privacy policy provides further details regarding the processing of Visitor’s personal data. When providing our services through the Platform, we may process Visitor’s personal data (e.g., email address or phone number), as instructed by our Customer. Such data is owned and controlled by the Customer who acts as a data controller. We process Visitors’ personal data in strict confidentiality, in accordance with the applicable data protection laws and agreements concluded with the Customers. We do not use, re-purpose, or disclose Visitors’ personal data, except as authorised and required by the Customers and as provided for in our agreements with the Customers.

 

3. NON-PERSONAL DATA

When you use the Platform, we collect some technical data about your device and visits. In this section, we inform you what non-personal data we collect from you and for what purposes we use that data.

3.1. What non-personal data do we collect? When you use the Platform, we automatically collect certain technical non-personal data about your use of the Platform for analytics purposes. We also process non-personal data collected from the Visitors. Please note that de-identified personal data is also considered to be non-personal data. Although such non-personal data allows us to analyse the use of the Platform, it does not allow us to identify individual persons. The non-personal data collected by us includes the following information:

  • The type of device;
  • Operating system;
  • Browser type and version;
  • Log files;
  • URL address clicked from the Platform; and
  • Other online behaviour data.

3.2. Your feedback. If you contact us, we may keep records of any questions, complaints, recommendations, or compliments made by you and the response, if any. Where possible, we will de-identify your personal data.

3.3. How do we use non-personal data? We will use non-personal data for the following purposes:

  • To deliver our services to you;
  • To analyse what kind of users visit and use the Platform;
  • To examine the relevance, popularity, and engagement rate of the Platform;
  • To investigate and help prevent security issues and abuse;
  • To develop and provide additional features to the Platform; and
  • To personalise the Platform for your specific needs.

3.4. Aggregated and de-identified data. In case we combine non-personal data with certain elements of personal data in a way that allows us to identify a natural person, we will handle such aggregated data as personal data. If personal data is aggregated or de-identified in a way that it can no longer be associated with an identified or identifiable natural person, it will not be considered personal data and we may use it for any business purpose.

 

4. MARKETING COMMUNICATION

From time to time, you may receive promotional messages from us. In this section, we explain when you may receive notices from us and what you can do to decline our commercial communication.

4.1. Marketing messages. To keep you updated about the latest developments related to the Platform, our new services or special offers, we may send you marketing messages, such as newsletters, brochures, promotions and advertisements. You will receive such marketing messages or be contacted by us for marketing purposes only if:

  • We receive your express (“opt-in”) consent to receive marketing messages (please note that your voluntary subscription to our notifications substitutes such consent); or
  • We decide to send you marketing messages about our new services that are closely related to the services already used by you.

4.2. Opting-out. You can opt-out from receiving marketing messages at any time free of charge by clicking on the “unsubscribe” link contained in any of the messages sent to you or by contacting us directly.

4.3. Informational notices and service updates. From time to time (if we have your email address), we may send you important informational notices, such as service-related, technical or administrative emails, information about the Platform, your privacy and security, and other administrative matters. Please note that we will send such notices on an “if-needed” basis and they do not fall within the scope of direct marketing communication that requires your prior consent.

4.4. Marketing messages sent to the Visitors. We do not contact the Visitors for direct marketing purposes on your behalf, unless (i) you instruct us to do so and (ii) such activities fall within the scope of our services provided through the Platform. Please note that you, as a data controller, are responsible for ensuring that your Visitors’ personal data is obtained in a lawful manner and you comply with all your legal obligations regarding direct marketing communication sent to the Visitors. 

 

5. RETENTION PERIOD

We store your personal data only if it is necessary for its specific and limited purposes. In this section, we specify the time period for which we keep your personal and non-personal data in our systems.

5.1. Retention of personal data. We will store your personal data in our systems only until such personal data is required for the purposes described in this Privacy Policy or you request us to delete your personal data, whichever comes first. After your personal data is no longer necessary for its purposes and there is no other legal basis for storing it, we will immediately securely delete your personal data from our systems.

5.2. Retention of non-personal data. We may retain non-personal data pertaining to you for as long as necessary for the purposes described in this Privacy Policy. This may include keeping non-personal data after you have deactivated your user account for the period of time needed for us to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.

5.3. Retention as required by law. Please note that, in some cases, we may be obliged by law to store your personal data for certain period of time. In such cases, we will store your personal data for the time period stipulated by the applicable law and delete the personal data as soon as the required retention period expires.

 

6. DISCLOSING PERSONAL DATA

We may need to cooperate with external service providers and share some personal data with them. In this section, you can find information about third parties that have access to your personal data and the instances when we make data transfers.

6.1. Do we disclose your personal data? If necessary, we will disclose your personal data to the service providers with whom we cooperate (our data processors). For example, we may share your personal and non-personal data with entities that provide certain technical support services to us, such as hosting, business analytics, advertising, and email distribution services, or if you explicitly request us to disclose the personal data. We do not sell your personal data to third parties.

6.2. When do we disclose your personal data? The disclosure of your personal data is limited to the situations when such data is required for the following purposes:

  • Ensuring the proper operation of the Platform;
  • Ensuring the delivery of the services requested by you;
  • Providing you with the requested information;
  • Pursuing our legitimate business interests;
  • Enforcing our rights, preventing fraud, and security purposes;
  • Carrying out our contractual obligations;
  • Law enforcement purposes; or
  • If you provide your prior consent to such a disclosure.

6.3. With what data processors do we share your personal data? We will share your personal data only with the data processors that agree to ensure an adequate level of protection of personal data that is consistent with this Privacy Policy and the applicable data protection laws. The data processors that will have access to your personal data are listed in the table below.

Service

Name

Location

More information

Hosting service provider

Hetzner

Germany

https://www.hetzner.de

Payment service provider

Paddle

The United States

https://paddle.com

Analytics and marketing service providers

GoogleAnalytics

The United States

https://analytics.google.com

Facebook Pixel

The United States

https://www.facebook.com/business/learn/facebook-ads-pixel

Google Tag Manager

The United States

https://tagmanager.google.com

Google Conversion Tracking

The United States

https://support.google.com/google-ads/answer/1722022?hl=en

Email service provider

SendGrid

The United States

https://sendgrid.com/

Business advisors

Independent contractors

6.4. Sharing of non-personal data. Your non-personal data may be disclosed to third parties for any purpose. For example, we may share it with prospects or partners for business or research purposes, for improving the Platform, responding to lawful requests from public authorities or developing new products and services.

6.5. Legal requests. If requested by a public authority, we will disclose information about the users of the Platform to the extent necessary for pursuing a public interest objective, such as national security or law enforcement.

6.6. Successors. In case our business is sold partly or fully, we will provide your personal data to a purchaser or successor entity and request the successor to handle your personal data in line with this Privacy Policy.

 

7. INTERNATIONAL TRANSFERS OF PERSONA DATA

Your personal data may be transferred outside the country where you reside. In this section, we explain when we transfer personal data abroad and what safeguards we implement to ensure that your personal is properly protected.

Some of our data processors listed in Section 6 of this Privacy Policy are located outside the country in which you reside. For example, if you reside in the European Economic Area (EEA), we may need to transfer your personal data to jurisdictions outside the EEA. In case it is necessary to make such a transfer, we will make sure that the jurisdiction in which the recipient third party is located guarantees an adequate level of protection for your personal data (e.g., the recipient is a Privacy-Shield certified entity) or we conclude an agreement with the respective third party that ensures such protection (e.g., a data processing agreement based pre-approved standard contractual clauses).

 

8. PROTECTION OF PERSONAL DATA

We put our best efforts to keep your personal data safe and secure. In this section, we inform you about our technical measures that help us to protect your personal data.

8.1. Our security measures. We implement organisational and technical information security measures to protect your personal data from loss, misuse, unauthorised access, and disclosure. The security measures taken by us include secured networks, SSL protocol, strong passwords, password hashing, limited access to your personal data by our staff, and anonymisation of personal data (when possible). In order to ensure the security of your personal data, we kindly ask you to use the Platform through a secure network only.

8.2. Handling security breaches. Although we put our best efforts to protect your personal data, given the nature of communications and information processing technology and the Internet, we cannot be liable for any unlawful destruction, loss, use, copying, modification, leakage, and falsification of your personal data caused by circumstances that are beyond our reasonable control. In case a serious breach occurs, we will take reasonable measures to mitigate the breach, as required by the applicable law. Our liability for any security breach will be limited to the highest extent permitted by the applicable law.

 

9. YOUR RIGHTS REGARDING PERSONAL DATA

You have the right to control how we process your personal data. Below, we list the rights that you can exercise with regard to your personal data and explain how you can exercise those rights. 

9.1. What rights do you have? Subject to any exemptions provided by law, you may ask us to:

  • Get a copy of your personal data that we store;
  • Get a list of purposes for which your personal data is processed;
  • Rectify inaccurate personal data;
  • Move your personal data to another processor;
  • Delete your personal data from our systems;
  • Object and restrict processing of your personal data;
  • Withdraw your consent, if you have provided one; or
  • Process your complaint regarding your personal data.

9.2. How to exercise your rights? You can amend certain types of your personal data through your user account. For all other instances, please contact us by email at info@wwwproof.com  and explain your request in detail. In order to verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information, so that we would be able to identify you in our system. We will answer your request within a reasonable timeframe but no later than 30 days.

9.3. How to launch a complaint? If you would like to launch a complaint about the way in which we handle your personal data, we kindly ask you to contact us first and express your concerns. After you contact us, we will investigate your complaint and provide you with our response as soon as possible. If you are not satisfied with the outcome of your complaint, you have the right to lodge a complaint with your local data protection authority.

9.4. Requests received from the Visitors. If we receive a request from the Visitor wishing to exercise his/her rights with regard to Visitor’s personal data processed by us, we will immediately notify the respective data controller and suggest the Visitor to contact the controller directly. As a data processor, we do not accommodate requests from data subjects whose personal data we process on your behalf.

 

10. TERM, TERMINATION, AND AMENDMENTS

This Privacy Policy may be changed or terminated at any time. In this section, we explain for how long this document is valid and how you will be informed about any changes.

10.1. Term and termination. This Privacy Policy enters into force on the effective date indicated at the top of the Privacy Policy and remains valid until terminated or updated by us.

10.2. Amendments. The Privacy Policy may be changed from time to time to address the changes in laws, regulations, and industry standards. The amended version of the Privacy Policy will be posted on this page and, if we have your email address, we will send you a notice about all the changes implemented by us. We encourage you to review our Privacy Policy to stay informed. For significant material changes in the Privacy Policy or, where required by the applicable law, we may seek your consent. If you disagree with the changes to the Privacy Policy, you should cease using the Platform.

 

11. CONTACT US

Please feel free to contact us if you have any questions about the Privacy Policy, our privacy and security practices, or would like to exercise your rights listed in section 9 of the Privacy Policy. You may contact us by using the following contact details:

Email: info@wwwproof.com 

Postal address for communication: SC DEVLINE SOFTWARE SRL, Inului Street 2-5, 2nd floor, ap. 8, 400636 Cluj-Napoca, Romania

Phone number: +40 756 750 960