Privacy Policy

1. Introduction

Weblume ("Company," "we," "us," or "our") is committed to protecting and respecting your privacy. This Privacy Policy describes how we collect, use, store, share, and protect your personal information when you visit our website, use our Services, communicate with us, or otherwise interact with our business operations.

This Privacy Policy applies to all information collected through our website, email communications, project management tools, and any other channels through which you interact with Weblume. By using our Services, you consent to the collection and use of information in accordance with this Privacy Policy.

We encourage you to read this Privacy Policy carefully and in its entirety. If you have any questions or concerns about our privacy practices, please contact us using the information provided at the end of this document.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you:

• Contact us: When you submit a contact form, send us an email, or reach out by phone, we collect your name, email address, phone number, company name, and any other information you choose to include in your message.
• Engage our services: When you enter into a project agreement or subscribe to our services, we collect billing information, business details, project-related communications, and any materials or content you provide for design purposes.
• Subscribe to communications: If you opt in to receive newsletters, updates, or promotional materials, we collect your name and email address.
• Provide feedback: When you participate in surveys, provide testimonials, or submit reviews, we collect the information contained therein.

2.2 Information Collected Automatically

When you visit our website, certain information is collected automatically through the use of cookies, log files, and similar tracking technologies:

• Device Information: We collect information about the device you use to access our website, including device type, operating system, browser type and version, screen resolution, and device identifiers.
• Usage Data: We collect information about how you interact with our website, including pages visited, links clicked, time spent on pages, referring URL, and navigation patterns.
• IP Address: We collect your Internet Protocol (IP) address, which may be used to approximate your general geographic location.
• Cookies and Tracking Technologies: We use cookies, web beacons, pixels, and similar technologies to enhance your browsing experience, analyze website traffic, and understand usage patterns. You can control cookie preferences through your browser settings.

2.3 Information from Third Parties

We may receive information about you from third-party sources, including business partners, marketing partners, social media platforms, and publicly available databases. This information may be combined with other information we collect about you to improve our Services and communications.

3. How We Use Your Information

We use the personal information we collect for the following purposes:

• Service Delivery: To provide, operate, maintain, and improve our design services, including project management, communication, file delivery, and client support.
• Communication: To respond to your inquiries, send project updates, provide customer support, and communicate about your account or subscription.
• Billing and Payments: To process payments, send invoices, manage subscriptions, and maintain financial records as required by applicable law.
• Business Operations: To manage our internal business operations, including quality assurance, staff training, record keeping, and business analytics.
• Marketing: With your consent, to send promotional materials, newsletters, and information about our services that may be of interest to you. You may opt out of marketing communications at any time.
• Website Improvement: To analyze website usage patterns, diagnose technical issues, optimize website performance, and enhance user experience.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests, and to establish, exercise, or defend legal claims.
• Security: To detect, prevent, and address fraud, security breaches, and other potentially prohibited or illegal activities.

4. Legal Basis for Processing (For EEA/UK Users)

If you are located in the European Economic Area (EEA) or the United Kingdom (UK), we process your personal data under the following legal bases:

• Contractual Necessity: Processing is necessary for the performance of a contract with you (e.g., delivering design services you have purchased).
• Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our Services, marketing, and fraud prevention, provided these interests do not override your fundamental rights and freedoms.
• Consent: Where you have provided explicit consent for specific processing activities (e.g., receiving marketing emails). You may withdraw your consent at any time.
• Legal Obligation: Processing is necessary to comply with a legal obligation to which we are subject.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share your information in the following limited circumstances:

• Service Providers: We may share information with trusted third-party service providers who assist us in operating our business, such as payment processors, cloud hosting providers, email service providers, and analytics platforms. These service providers are contractually obligated to use your information only for the purposes of providing services to us and are bound by appropriate data protection obligations.
• Legal Requirements: We may disclose your information if required to do so by law, or in response to valid requests by public authorities (e.g., a court order, subpoena, or government regulation).
• Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or other similar event, your personal information may be transferred as part of the transaction. We will notify you of any such change in ownership or control of your personal information.
• Protection of Rights: We may disclose information when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. Specifically:

• Client project data: Retained for a minimum of five (5) years following project completion for reference, warranty, and legal compliance purposes.
• Financial records: Retained for a minimum of seven (7) years as required by applicable tax and accounting regulations.
• Contact form submissions: Retained for two (2) years, unless you enter into a client relationship with us, in which case your information will be retained as client data.
• Website analytics data: Retained in anonymized or aggregated form for up to three (3) years.
• Marketing preferences: Retained until you withdraw your consent or unsubscribe from communications.

When personal information is no longer required, we will securely delete or anonymize it in accordance with our data management procedures.

7. Data Security

We implement appropriate technical and organizational security measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using SSL/TLS protocols
• Secure cloud storage with access controls and regular security audits
• Regular software updates and security patches
• Employee access controls based on the principle of least privilege
• Regular backup procedures and disaster recovery planning

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee absolute security. In the event of a data breach that may affect your rights and freedoms, we will notify you and the relevant supervisory authorities as required by applicable law.

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

• Essential Cookies: Required for the basic functionality of our website, such as session management and security features. These cookies cannot be disabled.
• Analytics Cookies: Used to collect information about how visitors use our website, including which pages are visited most often and whether visitors encounter error messages. This information is used to improve website performance and user experience.
• Functional Cookies: Used to remember your preferences and settings, such as language preference and display settings, to enhance your browsing experience.

8.2 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or set your browser to alert you when cookies are being placed. Please note that disabling cookies may affect the functionality of our website.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Right of Access: You have the right to request a copy of the personal information we hold about you.
• Right to Rectification: You have the right to request correction of inaccurate or incomplete personal information.
• Right to Erasure: You have the right to request deletion of your personal information, subject to certain legal exceptions.
• Right to Restriction: You have the right to request restriction of processing of your personal information under certain circumstances.
• Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format.
• Right to Object: You have the right to object to the processing of your personal information for direct marketing purposes or processing based on legitimate interests.
• Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the information provided at the end of this Privacy Policy. We will respond to your request within 30 days. We may ask you to verify your identity before processing your request.

10. Children's Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have inadvertently collected personal information from a child under 16, we will take steps to delete such information promptly. If you believe that we may have collected information from a child under 16, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your jurisdiction. When we transfer your information internationally, we take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy and applicable data protection laws.

12. Third-Party Links

Our website may contain links to third-party websites, services, or resources that are not operated or controlled by Weblume. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any third-party sites you visit. We are not responsible for the privacy practices, content, or security of third-party websites.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this Privacy Policy, we will notify you by updating the "Last Updated" date at the top of this page and, where appropriate, providing additional notice (such as a prominent notice on our website or email notification). We encourage you to review this Privacy Policy periodically.

14. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we have collected about you, the right to request deletion of your personal information, and the right to opt out of the sale of your personal information. As stated above, we do not sell personal information. To exercise your California privacy rights, please contact us using the information below.