Privacy Policy

Effective Date: 26/05/2025
Last Updated: 26/05/2025

1. Introduction

Illumin IT Ltd ("WebVault Pro," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our platform services.

This Privacy Policy applies to all users of our services, including:

  • Website Visitors: Those who browse our public website
  • Platform Users: Those who create accounts and use our paid services

2. Information We Collect

2.1 Information from Website Visitors

Information You Provide:

  • Contact form submissions (name, email, company, message)
  • Newsletter subscription email addresses
  • Demo request information
  • Support inquiry details

Information Automatically Collected:

  • IP address and location data
  • Browser type and version
  • Operating system
  • Pages visited and time spent
  • Referring website
  • Device information
  • Cookies and tracking data

2.2 Information from Platform Users

Account Information:

  • Name, email address, and contact details
  • Company information
  • Billing address and payment information
  • Account credentials (encrypted)

Website Data You Store:

  • Website URLs and descriptions
  • Login credentials and access information
  • Domain and hosting details
  • SSL certificate information
  • Contact information for website owners
  • Uploaded documents and files
  • Security scan results and reports

Usage Information:

  • Platform feature usage and activity logs
  • Security scan history and results
  • Email alert preferences and delivery logs
  • Support interactions and communications

3. How We Use Your Information

3.1 Website Visitors

  • Respond to contact form inquiries
  • Send requested information about our services
  • Deliver newsletters and marketing communications (with consent)
  • Improve our website and user experience
  • Analyze website traffic and usage patterns
  • Comply with legal obligations

3.2 Platform Users

  • Provide and maintain our services
  • Process payments and manage subscriptions
  • Send security alerts and monitoring notifications
  • Provide customer support
  • Improve our platform and develop new features
  • Communicate service updates and changes
  • Comply with legal and regulatory requirements

4. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist us in:

  • Payment processing (Stripe)
  • Email delivery (SendGrid, Mailgun)
  • Analytics (Google Analytics)
  • Customer support (Freshdesk)
  • Cloud hosting and storage (AWS, Google Cloud)

4.2 Legal Requirements

  • Comply with legal processes or government requests
  • Protect our rights, property, or safety
  • Prevent fraud or security threats
  • Enforce our Terms of Use

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

5. Data Security

  • Encryption: Data is encrypted in transit using SSL/TLS and at rest using AES-256
  • Access Controls: Limited access to personal data on a need-to-know basis
  • Regular Security Audits: Periodic assessment of our security practices
  • Secure Infrastructure: Use of reputable cloud providers with strong security
  • Employee Training: Regular security awareness training for our team

However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

6.1 Website Visitors

  • Contact form data: 2 years from submission
  • Newsletter subscriptions: Until unsubscribed
  • Analytics data: 26 months (Google Analytics default)

6.2 Platform Users

  • Account data: For the duration of your subscription plus 90 days
  • Website data you store: Until you delete it or close your account
  • Security scan results: 1 year from scan date
  • Billing information: 7 years for tax and accounting purposes
  • Support communications: 3 years from last interaction

7. Your Rights and Choices

7.1 All Users

  • Access: Request a copy of the personal information we have about you
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information (subject to legal obligations)
  • Portability: Request your data in a portable format
  • Opt-out: Unsubscribe from marketing communications

7.2 Platform Users

  • Account Management: Update your account information at any time
  • Data Export: Export your stored website data
  • Account Deletion: Delete your account and associated data
  • Alert Preferences: Control what notifications you receive

7.3 How to Exercise Your Rights

To exercise these rights, contact us at [INSERT EMAIL] or through your account settings (for platform users).

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

  • Essential Cookies: Required for website functionality
    • Session management
    • Security features
    • Load balancing
  • Analytics Cookies: Help us understand website usage
    • Google Analytics
    • Performance monitoring
    • Error tracking
  • Marketing Cookies: Support our marketing efforts
    • Conversion tracking
    • Remarketing campaigns
    • Social media integration

8.2 Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

9. Third-Party Links and Services

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies.

10. International Data Transfers

Your information may be processed and stored in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses
  • Adequacy decisions by relevant authorities
  • Other lawful transfer mechanisms

Processors / Trusted Third Parties

ProcessorFunctionData ProcessingLocationLegal BasisPrivacy Policy of Processor for further information
Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109-5210, USAComputing hosting, Email providerIP addresses (end users), Geographical location, Request URL, User Agent, User ID, Connection TimesThe website is hosted on a server within EU member states, specifically Frankfurt in Germany; a CDN distributes the static website on several servers worldwide.GDPR Art. 6 (1) lit. bLegaL: https://aws.amazon.com/legal/

Privacy notice: https://aws.amazon.com/privacy/
Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USAContent delivery network (CDN), DDoS protection, DNS hostingIP address, DNS query data, SSL handshake data, Device information, Request URL, HeadersWorldwide (Global CDN); primary data processing in the USA and EUGDPR Art. 6 (1) lit. fPrivacy policy: https://www.cloudflare.com/privacypolicy/
Freshworks Inc. (Freshdesk), 2950 S. Delaware Street, Suite 201, San Mateo, CA 94403, USACustomer support and ticketing systemSupport inquiries, email address, name, IP address, metadataUSA and EU (based on user region)GDPR Art. 6 (1) lit. bPrivacy policy: https://www.freshworks.com/privacy/
Google Analytics, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, IrelandWeb analytics serviceGoogle Client ID, Click path, Date and time for visit, Device info, Location info, IP address, Pages visited, Referrer URL, Browser Info, Hostname, Browser language, Browser type, Screen resolution, Device operating system, Interaction data, User behavior, Visited URLIn Ireland and the USAGDPR Art. 6 (1) lit. ahttps://policies.google.com/privacy?hl=en
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USAOAuth login providerName, email, profile picture, Google IDEU and USAGDPR Art. 6 (1) lit. aPrivacy policy: https://policies.google.com/privacy
Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, GermanyDedicated server hosting and infrastructure providerIP address, connection logs, server access logs, user-uploaded data (if stored), metadataGermany (data centers in Nuremberg, Falkenstein, Helsinki)GDPR Art. 6 (1) lit. b/fPrivacy policy: https://www.hetzner.com/rechtliches/datenschutz/
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USAOAuth login providerName, email, profile picture, Microsoft IDEU and USAGDPR Art. 6 (1) lit. aPrivacy policy: https://privacy.microsoft.com/en-us/privacystatement
Stripe, Inc., 354 Oyster Point Blvd, South San Francisco, CA 94080, USAPayment processingPayment details, IP address, device info, billing address, transaction logsEU and USA, depending on payment regionGDPR Art. 6 (1) lit. b and cPrivacy policy: https://stripe.com/privacy
Supabase Inc., 970 Toa Payoh North, SingaporeBackend-as-a-Service: authentication, database, storageUser data (email, metadata), DB content, IP addresses, browser informationData hosted in selected Supabase region (EU or US depending on config)GDPR Art. 6 (1) lit. b/fPrivacy policy: https://supabase.com/privacy
Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USAWeb hosting and deployment platformIP addresses, request metadata, browser info, logs of incoming requestsWorldwide infrastructure; primarily USA and EUGDPR Art. 6 (1) lit. b/fPrivacy policy: https://vercel.com/legal/privacy-policy

11. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

12. California Privacy Rights (CCPA)

  • Right to Know: What personal information we collect and how we use it
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact us at [INSERT EMAIL].

13. European Privacy Rights (GDPR)

  • Lawful Basis: We process your data based on legitimate interests, contract performance, or consent
  • Data Protection Officer: Contact our DPO at [INSERT EMAIL] for privacy concerns
  • Supervisory Authority: You may lodge complaints with your local data protection authority

14. Contact Information

For privacy-related questions or to exercise your rights, contact us:

  • Email: info@web-vault.pro
  • Address: Kemp House, 160 City Road, London, EC1V 2NX
  • Phone: TBC

For platform users, you can also manage many privacy settings through your account dashboard.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Email notification to registered users
  • Prominent notice on our website
  • In-app notifications for platform users

Your continued use of our services after changes constitutes acceptance of the updated Privacy Policy.

This Privacy Policy was last updated on 26/05/2025. Please review this policy periodically for any changes.

WebVault Pro
We help businesses safeguard their websites with real-time monitoring, advanced security scans, and uptime optimization. Stay ahead of threats, minimize downtime, and keep your online presence running smoothly.
FeaturesPricingContact
Terms of UsePrivacy Policy
Copyright © 2025 WebVault Pro. All rights reserved.