Webzilla (referred to as ‘we’, ‘us’, ‘our’, ‘Webzilla’ or the ‘Company’) is committed to protecting your privacy and handling your data in an open and transparent manner in accordance with applicable data protection laws and regulations. The personal data we collect and process depends on the product or service requested and agreed in each case.
In this privacy policy, your data is sometimes referred to as “personal data” or “personal information” and the terms may be used interchangeably but shall refer to the same thing. We may also sometimes collectively refer to handling, collecting, protecting and storing your personal data or any such action as “processing” such personal data.
For the purposes of this policy, personal data shall mean any information relating to you which identifies or may identify you (the “Data Subject”) and which includes, for example, your name, address, identification number.
Process, Processed, Processing shall mean any operation or set of operations performed on Personal Data or on sets of Personal Data, whether or not by automated means. Operations performed may include collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Data Controller - the entity that determines the purposes, conditions and means of the processing of personal data. For the avoidance of doubt when we are providing our service we are acting as Data Controllers.
Data Processor - the entity that processes data on behalf of the Data Controller.
GDPR means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
WHAT INFORMATION DO WE COLLECT AND HOW DO WE USE IT?
- When you place an order through Webzilla you need to be registered and logged into your account. From your account, we will capture your name, email address, phone number, address listed, identification data, birth date. You will be required to enter your credit card details. This information allows us to process and fulfil your order successfully. It also helps us in maintaining your account.
- When you contact us via any form of communication for any reason on our website or through email or otherwise we will collect and process the personal data you willingly provide to us when contacting us solely for the purpose of addressing your query.
- When placing your order online you will need to input your card details in order to process your order. If you pay using a credit card, we do not collect and store any payment information such as credit card numbers or verification codes. You disclose this information only to the respective payment service provider who needs it in order to process your order.
- We may collect information about how you use our website, products and services (please refer to our cookie policy for more information).
WHETHER YOU HAVE AN OBLIGATION TO PROVIDE US WITH YOUR PERSONAL DATA
Kindy note that if you do not provide us with the required data, then we will not be allowed to commence or continue our business relationship either to you as an individual or as the authorized representative/agent or beneficial owner of a legal entity.
WHY WE PROCESS YOUR PERSONAL DATA AND ON WHAT LEGAL BASIS
- In order to register you as a new account user of our services.
- For the performance of a contract. We process personal data in order to provide services based on contracts with our customer but also to be able to complete our acceptance procedure so as to enter into a contract with prospective customers.
- For compliance with a legal obligation. There are various supervisory authorities whose laws and regulations we may be subject, such obligations and requirements impose on us necessary personal data processing activities for identity verification, accounting, compliance with court, police or other regulatory orders, or other reporting obligations and controls.
- Provided that you have given us your specific consent for processing then the lawfulness of such processing is based on that consent. You have the right to revoke consent at any time. However, any processing of personal data prior to the receipt of your revocation will not be affected.
- For the purposes of our legitimate interests or those of a third party in line with applicable data protection legislation. A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. Examples of such processing activities include but are not limited to:
(i) Initiating legal claims and preparing our defense in litigation procedures,
(ii) Measures to manage business and for further developing and improving products and services;
(iii) to help verify accounts and activity, and to promote safety and security on and off of our services, such as by investigating suspicious activity or violations of our terms or policies.
WHO RECEIVES YOUR PERSONAL DATA?
In the course of the performance of our contractual and statutory obligations your personal data may be provided to various departments within Webzilla its affiliates, partners, service providers, or contractors for the purposes of achieving and fulfilling the purposes for which the Personal Data was originally provided. Such service providers and suppliers enter into contractual agreements with Webzilla by which they observe confidentiality and data protection according to applicable data protection laws and the GDPR. Webzilla may disclose your information where required to do so by law, if subject to subpoena or other legal proceeding or if you have given your consent. All data processors appointed by us to process personal data on our behalf are bound by contract to comply with the GDPR provisions.
Under the circumstances referred to above, recipients of personal data may be, for example:
- External legal consultants
- Financial and business advisors
- Auditors and accountants
- Marketing companies and market research companies
- Card Payment processing companies
TRANSFER OF YOUR PERSONAL DATA TO A THIRD COUNTRY OR TO AN INTERNATIONAL ORGANISATION
In order for us to, amongst others, perform the contract with you and be able to provide the services and invoice you etc. as otherwise set out above we may be required to transfer, store and process your personal data outside of the European Economic Area (“EEA”) and some of our affiliates, contractors or service providers who provide services on our behalf for the aforementioned reasons may be located outside of the EEA. Pursuant to the applicable requirements of the GDPR, we will ensure that transfers of personal information to a country outside of the EEA shall be subject to at least the same level of privacy protection and security and be subject to appropriate safeguards as described in Article 46 of the GDPR using the appropriate transfer mechanism, as is applicable in each instance.
In the instance where there is no adequacy decision in the country where data shall be transferred to for further processing the use of Standard Contractual Clauses for international transfers shall be used (as these may be amended and/or replaced from time to time) including any additional contractual and technical safeguards as may be necessary depending on the location of the data importer, in line with the GDPR. Whenever we transfer your personal data outside of the EEA, we ensure a similar degree of protection is afforded to it and that all third parties respect the security of your personal data and treat it in accordance with the law and in accordance with our written instructions and solely for the purposes for which the data was originally collected.
EU-US Data Privacy Framework
Webzilla Inc complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. Webzilla Inc has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union in reliance to the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance to the UK Extension to the EU-U.S. DPF. Webzilla Inc has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance to the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and the UK Extension to the EU-U.S. DPF and the Swiss-U.S, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Webzilla Inc’s participation in the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S DPF may be subject to investigation and enforcement by the US Federal Trade Commission. Moreover, we note that Webzilla may be required in some instances to disclose Personal Data in response to lawful requested by public authorities, including to meet national security or law enforcement requirements but shall always do so within the remits of the law.
Webzilla Inc has responsibility for the processing of personal information it receives under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S and subsequently transfers to a third party acting as an agent on its behalf as otherwise set out in this Policy. Webzilla Inc remains liable under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S if a third-party agent processes personal information covered by this Policy in a manner inconsistent with the applicable Principles, except where Webzilla Inc is not responsible for the event giving rise to the damage.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Webzilla Inc commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. In the event that Webzilla or such authorities determine that Webzilla did not comply with this Policy, Webzilla will take appropriate steps to address any adverse effects and to promote future compliance.
If you have any inquiries or complaints about our handling of your personal information for any reason please contact us at privacy@webzilla.com. We will respond to your inquiry promptly at no cost to you. Where a complaint cannot be resolved by any of the before mentioned recourse mechanisms, individuals have a right, as a last resort and under certain conditions, to invoke binding arbitration through the Data Privacy Framework Panel. For more information on how to submit a complaint to the EU data protection authorities or how to invoke the binding arbitration process please refer https://www.dataprivacyframework.gov/s/article/How-to-Submit-a-Complaint-Relating-to-a-Participating-Organization-s-Compliance-with-the-DPF-Principles-dpf
We commit to ensuring that we at all times comply with the Principles and commit to employing effective mechanisms for ensuring continued compliance with such Principles.
AUTOMATED DECISION-MAKING
Webzilla will only engage in Profiling and automated decision-making where it is necessary to enter into, or to perform, a contract with the Data Subject or where it is authorised by law. Where Webzilla utilises Profiling and automated decision-making, this will be disclosed to the relevant Data Subjects. In such cases the Data Subject will be given the opportunity to:
- Express their point of view.
- Obtain an explanation for the automated decision.
- Review the logic used by the automated system.
- Supplement the automated system with additional data.
- Have a human carry out a review of the automated decision.
- Contest the automated decision.
- Object to the automated decision-making being carried out.
Each Webzilla Entity must also ensure that all Profiling and automated decision-making relating to a Data Subject is based on accurate data.
HOW LONG WE KEEP YOUR PERSONAL INFORMATION FOR
Webzilla will retain personal data it processes on behalf of you for as long as needed to provide its services. Webzilla will retain this personal information as necessary to comply with its legal obligations, resolve disputes and enforce its agreements.
YOUR DATA PROTECTION RIGHTS
You have the following rights in terms of your personal data we hold about you.
(a) The right to access
You have the right to confirmation as to whether or not Webzilla process your personal data and, where Webzilla does, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, Webzilla will supply to you a copy of your personal data.
(b) The right to rectification
You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
(c) The right to erasure
In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.
(d) The right to object to processing
Where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground. If you lodge an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms. You also have the right to object where we are processing your personal data, for direct marketing purposes. This also includes profiling in as much is related to direct marketing.
If you object to processing for direct marketing purposes, then we shall stop the processing of your personal data for such purposes.
(e) The right to restrict processing
In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; Webzilla no longer needs the personal data for the purposes of Webzilla processing, but you require personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, Webzilla may continue to store your personal data. However, Webzilla will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
(f) The right to data portability
You have the right to request to receive a copy of your personal data in a format that Is structured and commonly used and transmit such data to other organisations. You also have the right to have your personal data transmitted directly by Webzilla to other organisations you will name.
(g) The right to complain to a supervisory authority
If you have exercised any or all of your data protection rights and still feel that its concerns about how the Company uses your personal data have not been adequately addressed by the Company, you have the right to complain.
(h) The right to withdraw consent.
You have right to withdraw the consent that you have given to the Company with regard to the processing of your personal data at any time. Note that any withdrawal of consent shall not affect the lawfulness of processing based on consent before it was withdrawn or revoked by you.
We endeavour to address all of your requests promptly.
DPO OFFICER
If you have any questions, or want more details about how we use your personal information, you can contact our Data Protection Officer at privacy@webzilla.com.
EU Representative of Webzilla Inc pursuant to Article 27 of the GDPR.
53-55 Agios Athanasios, Michael Angelo House, 4102 Limassol, Cyprus
We endeavor to address all of your requests promptly.
Last modified: March 26, 2024