Privacy Policy

Last Updated: March 14, 2026

1. Introduction

WeyWeb IT Services ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

By using our services, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Personal Information

We collect the following personal information when you register or use our services:

  • Account Information: Name, email address, password (encrypted), phone number
  • Billing Information: Company name, billing address, payment method details
  • Service Usage: Services subscribed, usage metrics, support tickets
  • Communication Data: Email correspondence, support chat logs

2.2 Technical Information

  • Device Information: Browser type, operating system, device type
  • Session Data: IP address, login times, session duration
  • Cookies: Authentication tokens, session identifiers, preferences
  • Activity Logs: Actions performed, timestamps, access patterns

2.3 Payment Information

Payment card information is processed through secure third-party payment processors (Stripe, PayPal). We do not store complete credit card numbers. We only retain the last 4 digits, card brand, expiry date, and payment tokens.

3. How We Use Your Information

  • Service Delivery: Provide, maintain, and improve our services
  • Account Management: Create and manage your account, authenticate users
  • Billing & Payments: Process payments, send invoices, manage subscriptions
  • Communication: Send service updates, billing notifications, support responses
  • Security: Detect and prevent fraud, unauthorized access, security threats
  • Compliance: Meet legal obligations, enforce terms of service
  • Analytics: Analyze usage patterns to improve our services
  • Marketing: Send promotional emails (with your consent, opt-out available)

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your data based on:

  • Contract Performance: Processing necessary to provide services you requested
  • Consent: You have given explicit consent (e.g., marketing emails)
  • Legitimate Interests: Fraud prevention, security, service improvement
  • Legal Obligation: Compliance with tax, accounting, legal requirements

5. Data Sharing and Disclosure

We do not sell your personal information. We may share it with:

5.1 Service Providers

  • Payment Processors: Stripe, PayPal (PCI-DSS compliant)
  • Email Services: For transactional and marketing emails
  • Hosting Providers: Secure data center infrastructure
  • Analytics Tools: Usage and performance monitoring

5.2 Legal Requirements

We may disclose your information if required by law, to comply with legal processes, enforce our terms, protect our rights, or prevent fraud.

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

6. Data Retention

  • Active Accounts: Retained while account is active
  • Inactive Accounts: Retained for 12 months after last login, then deleted
  • Financial Records: Retained for 7 years (legal requirement)
  • Support Tickets: Retained for 3 years
  • Activity Logs: Retained for 90 days (security logs: 1 year)
  • Marketing Data: Deleted immediately upon opt-out request

You can request deletion of your account and personal data at any time (see Section 8).

7. Data Security

We implement industry-standard security measures:

  • Encryption: SSL/TLS for data in transit, AES-256 for data at rest
  • Access Controls: Role-based access, multi-factor authentication
  • Password Security: Bcrypt hashing, complexity requirements
  • Session Management: Token-based authentication, device fingerprinting
  • Monitoring: Real-time security alerts, audit logging
  • CSRF Protection: Token validation on all state-changing operations
  • Rate Limiting: Protection against brute-force attacks
While we use reasonable security measures, no method of transmission over the Internet is 100% secure.

8. Your Rights (GDPR & Privacy)

8.1 Right to Access

You can request a copy of all personal data we hold about you.

Download My Data

8.2 Right to Rectification

You can update or correct your personal information at any time.

Update Profile

8.3 Right to Erasure

You can request deletion of your account and all associated personal data.

Delete My Account

8.4 Right to Data Portability

You can export your data in a machine-readable format (JSON).

8.5 Right to Restrict Processing

You can request that we limit how we use your data.

8.6 Right to Object

You can object to processing of your data for marketing purposes.

Manage Email Preferences

8.7 Right to Withdraw Consent

You can withdraw consent for data processing at any time.

To exercise any of these rights, contact us at admin@wwit.uk. We will respond within 30 days.

9. Cookies and Tracking

  • Essential Cookies: Authentication, session management (required)
  • Functional Cookies: Remember your preferences
  • Analytics Cookies: Understand how you use our services
  • Remember Me: Keep you logged in across sessions (optional)

You can control cookies through your browser settings.

Manage Cookie Preferences

10. Third-Party Links

Our services may contain links to third-party websites. We are not responsible for the privacy practices of these websites.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

12. International Data Transfers

Your information may be transferred to countries with different data protection laws. We ensure appropriate safeguards are in place, including Standard Contractual Clauses and adequate data protection agreements.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email and by posting the updated policy with a new "Last Updated" date.

14. Contact Us

If you have questions or concerns about this Privacy Policy:

  • Email: admin@wwit.uk
  • Support Portal: Submit a Ticket
  • Data Protection Officer: privacy@mjvb.co.uk

15. Supervisory Authority

If you are located in the EEA and believe we have not addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

Your privacy matters to us. We are committed to protecting your personal information and being transparent about how we use it.
Back to Home Contact Support