Privacy Policy

1. Who We Are

Business Name: Webspirio

Legal Entity: Oleksandr Chornous

Address: Wittelsbacherstr. 2, 83022 Rosenheim, Bayern, Deutschland

Website: webspirio.com

Email: contact@webspirio.com

Phone: +49 15124130699

VAT ID: DE456807932

Tax Number: 15620921421

Data Protection Officer: We do not have a designated DPO. For privacy concerns, contact us at the above details.

For complete legal disclosure, please see our Impressum.

2. Scope and Application

This privacy policy applies to all personal data we collect from:

• Website visitors to webspirio.com
• Registered users of our services
• Customers who purchase our web development services
• Anyone who contacts us for support or inquiries

3. Personal Data We Collect

We collect and process the following types of personal information:

3.1 Data Types

• Contact Information: First name, last name, email address, phone number
• Technical Information: IP address, browser type, language preferences
• Usage Data: Pages visited, time spent on site, interaction with features
• Financial Information: Invoice details, payment records, billing information
• Website Analytics Data: Page visits, session duration, referring sources, device information

3.2 Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

• Contract Performance (Art. 6(1)(b) GDPR): Name, email, phone number – necessary to deliver web development services
• Legitimate Interest (Art. 6(1)(f) GDPR): IP address, browser information – for security, fraud prevention, and service improvement
• Consent (Art. 6(1)(a) GDPR): Marketing communications – only with your explicit opt-in consent
• Legal Obligation (Art. 6(1)(c) GDPR): Financial records – required for tax and accounting compliance

4. How We Use Your Data

We use personal data for the following purposes:

• Service Delivery: To provide web development services, process orders, and manage accounts
• Customer Support: To respond to inquiries, resolve technical issues, and provide assistance
• Communication: To send service updates, invoices, and (with consent) marketing materials
• Service Improvement: To analyze usage patterns through privacy-friendly, cookie-less analytics and enhance user experience
• Security: To detect and prevent fraud, unauthorized access, and abuse

5. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy:

• Active Customer Data: Retained while your account is active and for 2 years after last activity
• Financial Records: Retained for 10 years to comply with German tax and accounting regulations
• Marketing Consent: Retained until you withdraw consent or unsubscribe
• Technical Logs: IP addresses and browser data retained for 90 days for security purposes
• Deleted Account Data: Permanently deleted within 30 days of account closure, except where legal retention is required

6. Data Sharing and Third Parties

We share personal data only when necessary and with appropriate safeguards:

6.1 Service Providers

We work with trusted third-party service providers who process data on our behalf under Data Processing Agreements (DPAs):

• Hosting Provider: Hostinger (Lithuania) – Server located in Germany (EU)
• Email Service: Hostinger – for transactional and marketing emails
• Payment Processor: Stripe – for secure payment processing
• Caching Service: QUIC.cloud – for website performance optimization and temporary data caching

6.2 Legal Disclosure

We may disclose personal data when required by law, court order, or to protect our legal rights and safety.

6.3 Caching Services

This site utilizes caching in order to facilitate a faster response time and better user experience. Caching potentially stores a duplicate copy of every web page that is on display on this site. All cache files are temporary, and are never accessed by any third party, except as necessary to obtain technical support from the cache plugin vendor. Cache files expire on a schedule set by the site administrator, but may easily be purged by the admin before their natural expiration, if necessary.

QUIC.cloud Services: We may use QUIC.cloud services to process and cache your data temporarily. For more information about how QUIC.cloud handles data, please see their privacy policy at: https://quic.cloud/privacy-policy/

7. Data Storage and Security

7.1 Storage Location

Personal data is stored on secure servers located in Germany (EU), hosted by Hostinger.

7.2 Security Measures

• Encryption: All data is encrypted in transit (TLS/SSL) and at rest (AES-256)
• Access Control: Strict access limitations – only authorized personnel with legitimate business need
• Monitoring: Regular security audits and continuous monitoring for unauthorized access
• Staff Training: Regular privacy and security training for all employees

7.3 International Transfers

Our primary data storage is within the EU (Germany). For services that involve data transfers outside the EU, we implement Standard Contractual Clauses (SCCs) approved by the European Commission and ensure adequate data protection measures are in place.

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of Access (Art. 15): Request a copy of your personal data and information about how we process it
• Right to Rectification (Art. 16): Correct inaccurate or incomplete personal data
• Right to Erasure (Art. 17): Request deletion of your personal data when no longer necessary
• Right to Restriction (Art. 18): Request limitation of processing under certain conditions
• Right to Data Portability (Art. 20): Receive your data in a machine-readable format and transfer it to another controller
• Right to Object (Art. 21): Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent (Art. 7(3)): Withdraw consent at any time without affecting prior processing
• Right to Lodge a Complaint (Art. 77): File a complaint with your local data protection authority if you believe we violated data protection laws

8.1 How to Exercise Your Rights

To exercise any of these rights, contact us at contact@webspirio.com or +49 15124130699. We will respond within 30 days and may need to verify your identity for security purposes.

9. Cookies and Tracking

At Webspirio, we respect your privacy. That’s why we use only essential cookies required for our website to function properly. We do not use any tracking, analytics, or third-party cookies.

9.1 Types of Cookies we use

• Essential Cookies: Necessary for website functionality (authentication, security). No consent required.

9.2 Cookie Consent

Upon first visit, you can accept all cookies, reject non-essential cookies, or customize preferences. You can change your cookie settings at any time through your browser or our cookie preference center.

10. Marketing and Communications

10.1 Marketing Opt-In

We only send marketing communications with your explicit consent. When you sign up, you can choose to receive:

• Product updates and new features
• Special offers and promotions
• Industry news and insights

10.2 Opt-Out and Unsubscribe

Every marketing email includes an unsubscribe link. You can opt out at any time by:

• Clicking the unsubscribe link in any marketing email
• Contacting us directly at contact@webspirio.com
• Managing preferences in your account settings

Note: You will still receive essential transactional emails (order confirmations, account notifications) regardless of marketing preferences.

11. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms:

11.1 Notification Timeline

• Supervisory Authority: We will notify the relevant data protection authority within 72 hours of discovering the breach
• Affected Individuals: If the breach poses high risk to you, we will notify you within 72 hours via email

11.2 Breach Response

Our notification will include:

• Nature and scope of the breach
• Types of personal data affected
• Likely consequences and potential risks
• Measures taken to address the breach
• Recommended actions to protect yourself
• Contact information for further questions

12. Children’s Privacy

We do not knowingly collect personal data from individuals under 16 years of age. Our services are intended for adults. If we discover we have inadvertently collected data from a child under 16, we will delete it immediately. If you believe we have collected information from a child, please contact us at contact@webspirio.com.

13. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on you. All decisions regarding your account, services, or data are made by human review.

14. Changes to This Policy

14.1 Policy Updates

We may update this privacy policy to reflect changes in our practices or legal requirements. When we make material changes:

• We will update the version number and effective date at the top of this document
• We will notify you via email at least 30 days before changes take effect
• We will display a prominent notice on our website

14.2 Material Changes Requiring Consent

For significant changes that expand how we use your data (such as sharing with new third parties or using data for new purposes), we will obtain your explicit consent before the changes take effect. Continued use of our services after notification constitutes acceptance of non-material changes.

You can always review the latest version of this policy at https://webspirio.com/privacy/

15. Contact Us

For questions, concerns, or to exercise your rights regarding personal data:

Business: Webspirio
Legal Entity: Oleksandr Chornous
Address: Wittelsbacherstr. 2, 83022 Rosenheim, Bayern, Deutschland
Email: contact@webspirio.com
Phone: +49 15124130699
Website: webspirio.com
VAT ID: DE456807932
Tax Number: 15620921421

For complete legal information, please see our Impressum.