Privacy Policy | WeSolidify

1. Introduction

WeSolidify B.V. (KvK: 99809826), ("WeSolidify", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

We are based in the Netherlands and comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our services, you consent to the data practices described in this policy.

info

Data Controller: WeSolidify B.V. (KvK: 99809826), registered in the Netherlands. For contact details, see Section 10.

2. Information We Collect

2.1 Information You Provide

Account Information: Name, email address, company name, phone number, and password when you create an account.
Billing Information: Payment card details, billing address, and VAT number (processed by our payment provider, Stripe).
Profile Information: Profile picture, job title, and preferences you choose to provide.
Communications: Messages, support tickets, and feedback you send us.
API Credentials: Credentials for third-party SEO tools (Ahrefs, Semrush, etc.) that you connect to our platform.

2.2 Information Collected Automatically

Usage Data: Pages visited, features used, reports generated, and time spent on the platform.
Device Information: IP address, browser type, operating system, and device identifiers.
Log Data: Server logs including access times, referring URLs, and actions taken.
Cookies: See Section 7 for details on our cookie usage.

2.3 Information from Third Parties

SEO Tool Data: Data retrieved from connected tools (Ahrefs, Semrush, LocalFalcon, Google Search Console, etc.) based on your API permissions.
Payment Provider: Transaction status and payment confirmations from Stripe.

3. How We Use Information

We use the collected information for the following purposes:

3.1 Service Delivery

Provide, maintain, and improve our platform
Generate SEO audit reports based on connected tool data
Process payments and manage subscriptions
Provide customer support and respond to inquiries

3.2 Communication

Send service-related notifications (account updates, billing, security)
Send marketing communications (with your consent)
Respond to your requests and feedback

3.3 Improvement and Analytics

Analyze usage patterns to improve our services
Develop new features and functionality
Conduct research and analytics

3.4 Legal Compliance

Comply with legal obligations
Enforce our terms of service
Protect against fraudulent or illegal activity

gavel

Legal Basis (GDPR): We process your data based on: (a) performance of contract, (b) legitimate interests, (c) legal obligations, and (d) your consent where applicable.

4. Data Sharing

We do not sell your personal data. We may share information with:

4.1 Service Providers

Stripe: Payment processing
Digital Ocean: Cloud hosting and infrastructure
Amazon Web Services: Email hosting and transactional email delivery

4.2 Connected Third-Party Tools

To generate reports, we access data from SEO tools you've connected. We only access data necessary for report generation and do not store raw data beyond what's needed for the report.

4.3 Legal Requirements

We may disclose information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

5. Data Security

We implement appropriate technical and organizational measures to protect your data:

Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
Access Controls: Role-based access controls and multi-factor authentication for our team.
Infrastructure: Hosted on Digital Ocean with SOC 2 Type II certified data centers.
Monitoring: 24/7 security monitoring and intrusion detection.
Backups: Regular encrypted backups with geographic redundancy.
Audits: Regular security assessments and penetration testing.

warning

Security Notice: While we implement strong security measures, no system is 100% secure. We encourage you to use strong passwords and protect your API credentials.

6. Your Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

visibility

Right to Access

Request a copy of the personal data we hold about you.

edit

Right to Rectification

Request correction of inaccurate or incomplete data.

delete

Right to Erasure

Request deletion of your personal data ("right to be forgotten").

block

Right to Restrict

Request limitation of processing in certain circumstances.

download

Right to Portability

Receive your data in a structured, machine-readable format.

do_not_disturb

Right to Object

Object to processing based on legitimate interests or marketing.

To exercise these rights, contact us at Click to reveal email. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

7. Cookies

We use cookies and similar technologies for the following purposes:

7.1 Essential Cookies

Required for the platform to function. Cannot be disabled.

Authentication and session management
Security and fraud prevention
Load balancing and performance

7.2 Analytics Cookies

Help us understand how you use our platform. Can be disabled.

Page views and navigation patterns
Feature usage statistics
Performance monitoring

7.3 Managing Cookies

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect platform functionality.

8. Data Retention

We retain your data for as long as necessary to provide our services and comply with legal obligations:

Account Data: Retained while your account is active, plus 30 days after deletion request.
Reports: Starter plan: 60 days. Pro plan: indefinite (until account deletion).
Billing Records: 7 years (legal requirement).
Usage Logs: 90 days for operational purposes.
Support Tickets: 2 years after resolution.

9. International Data Transfers

Our primary infrastructure is located in the European Union (Digital Ocean Amsterdam). For certain services, data may be transferred to the United States (e.g., Stripe, AWS for email services). These transfers are protected by:

Standard Contractual Clauses (SCCs) approved by the European Commission
Data Processing Agreements with all service providers
EU-U.S. Data Privacy Framework certification (where applicable)

10. Contact Information

For privacy-related inquiries or to exercise your rights:

WeSolidify B.V.

KvK: 99809826

Email: Click to reveal email
General: Click to reveal email
Website: wesolidify.com

We aim to respond to all privacy inquiries within 30 days.

11. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on our platform. The "Last updated" date at the top indicates when this policy was last revised.

We encourage you to review this policy periodically. Continued use of our services after changes constitutes acceptance of the updated policy.