Privacy Policy

1. Introduction

Welcome to Webs.ie ("we", "us", "our", or the "Company"). We are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your personal information.

This Privacy Policy applies to our website https://webs.ie and all related services (collectively, the "Service"). By using our Service, you agree to the terms outlined in this Privacy Policy.

Data Controller: Webs.ie
Contact: privacy@webs.ie

2. Information We Collect

2.1 Information You Provide Directly

When you use our Service, you may provide us with:

• Account Information: Name, email address, password (encrypted)
• Business Information: Company name, website URL, industry, target audience
• Content Data: Topics you submit for article generation, generated content, SEO preferences
• Payment Information: Billing address, payment method details (processed securely by Stripe)
• Communication Data: Messages you send us, support tickets, feedback

2.2 Information Collected Automatically

When you visit our Website, we automatically collect:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, time spent, click patterns, referral sources
• Technical Data: Log files, error reports, API calls, performance metrics

2.3 Information from Third-Party Services

We may receive information from third-party services we integrate with:

• DataForSEO API: Keyword research data, search volumes, competition metrics
• OpenAI API: Generated content based on your topics and preferences
• Perplexity AI: Research data and factual information for content generation
• Stripe: Payment processing and transaction data
• Cloudflare: Security analytics, DDoS protection data

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Delivery

• Generate SEO-optimized articles based on your topics and preferences
• Provide keyword research and content brief generation
• Perform website audits and SEO analysis
• Store and manage your generated content
• Deliver API responses and system notifications

3.2 Account Management

• Create and maintain your user account
• Authenticate your access to the Service
• Process payments and manage subscriptions
• Send account-related communications (password resets, security alerts)

3.3 Service Improvement

• Analyze usage patterns to improve features and performance
• Conduct A/B testing and user experience research
• Identify and fix bugs, errors, and technical issues
• Develop new features based on user feedback

3.4 Communication

• Respond to your inquiries and support requests
• Send service announcements and updates
• Provide educational content and best practices (with your consent)
• Send marketing communications (with your explicit opt-in consent)

3.5 Legal Compliance & Security

• Comply with legal obligations and regulatory requirements
• Detect, prevent, and investigate fraud and abuse
• Enforce our Terms of Service and protect user rights
• Respond to legal requests from law enforcement

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your personal data based on:

• Contract Performance (Art. 6(1)(b) GDPR): Processing necessary to provide the Service
• Legitimate Interests (Art. 6(1)(f) GDPR): Fraud prevention, security, analytics
• Consent (Art. 6(1)(a) GDPR): Marketing communications
• Legal Obligations (Art. 6(1)(c) GDPR): Tax compliance, legal requests

5. How We Share Your Information

We do not sell your personal information. We may share your information with:

5.1 Service Providers

• Cloudflare: Hosting, CDN, security, DDoS protection
• OpenAI: AI-powered content generation (prompts only, not stored by OpenAI)
• Perplexity AI: Research and factual data for content enhancement
• DataForSEO: Keyword research, search volume data, SEO metrics
• Stripe: Payment processing (PCI-DSS compliant)
• SendGrid: Transactional email delivery

5.2 Legal Requirements

We may disclose your information if required by law or in response to:

• Court orders, subpoenas, or legal processes
• Requests from law enforcement or government authorities
• Protection of our rights, property, or safety
• Investigation of fraud, security issues, or Terms violations

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.

6. Data Retention

We retain your personal information for as long as necessary to:

• Active Accounts: Duration of your account + 30 days after deletion request
• Generated Content: Stored indefinitely unless you request deletion
• Payment Records: 7 years (legal requirement for tax purposes)
• Analytics Data: Aggregated data retained for 24 months
• Support Communications: 3 years after resolution
• Security Logs: 12 months

After the retention period expires, we securely delete or anonymize your information.

7. Your Privacy Rights

7.1 Rights for All Users

• Access: Request a copy of your personal information
• Correction: Update inaccurate or incomplete information
• Deletion: Request deletion of your account and data
• Opt-Out: Unsubscribe from marketing emails

7.2 Additional Rights for EEA Users (GDPR)

• Data Portability: Receive your data in a structured, machine-readable format
• Restriction of Processing: Limit how we process your data
• Object to Processing: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for marketing
• Automated Decision-Making: Right not to be subject to solely automated decisions
• Lodge a Complaint: File a complaint with your data protection authority

7.3 Additional Rights for California Users (CCPA/CPRA)

• Know: Request details about personal information collected, used, and shared
• Delete: Request deletion of personal information
• Opt-Out of Sale: We do not sell personal information
• Non-Discrimination: We will not discriminate for exercising your rights
• Sensitive Personal Information: Limit use of sensitive data

7.4 How to Exercise Your Rights

To exercise any of these rights, contact us at:

• Email: privacy@webs.ie
• Subject Line: "Privacy Rights Request - [Your Right]"
• Include: Full name, email address, account details, specific request

We will respond to your request within 30 days (or as required by applicable law).

8. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: HTTPS/TLS for data in transit, AES-256 for data at rest
• Authentication: Password hashing (bcrypt), secure session management
• Access Controls: Role-based access, principle of least privilege
• Infrastructure: Cloudflare security, DDoS protection, WAF rules
• Monitoring: Real-time security alerts, audit logs, intrusion detection
• Compliance: SOC 2 Type II (Cloudflare), PCI-DSS (Stripe)

Note: No method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. International Data Transfers

Our Service is hosted on Cloudflare's global network. Your data may be transferred to and processed in countries outside your country of residence, including the United States.

For EEA users, we ensure adequate protection through:

• Standard Contractual Clauses (SCCs): EU Commission-approved data transfer agreements
• Adequacy Decisions: Transfers to countries with adequate data protection laws
• Cloudflare's DPA: Data Processing Agreement compliant with GDPR

10. Children's Privacy

Our Service is not directed to individuals under 16 years of age. We do not knowingly collect personal information from children under 16.

If you believe a child under 16 has provided us with personal information, please contact us immediately at privacy@webs.ie, and we will delete it promptly.

11. Third-Party Links

Our Service may contain links to third-party websites (e.g., OpenAI, DataForSEO). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

12. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors. The "Last Updated" date indicates when this policy was last revised.

Material changes will be notified via:

• Prominent notice on our Website
• Email notification to registered users
• In-app notification (for logged-in users)

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices:

• Email: privacy@webs.ie
• Data Protection Officer: dpo@webs.ie
• Website: https://webs.ie

14. Supervisory Authority (EEA Users)

If you are located in the EEA and have concerns about our data practices, you have the right to lodge a complaint with your local data protection authority:

• Ireland (our primary jurisdiction): Data Protection Commission (DPC)
• Find your authority: European Data Protection Board