Privacy Policy

1. Information We Collect

1.1 Personal Information You Provide

We collect information that you voluntarily provide to us, including:

• Contact Information: Name, email address, phone number, mailing address, company name
• Account Information: Username, password, profile information
• Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
• Communication Data: Information from emails, messages, support tickets, and inquiries
• Project Information: Details about your projects, websites, business requirements, and service preferences
• Professional Information: Business type, industry, website URLs, social media profiles

1.2 Information Collected Automatically

When you visit our website or use our services, we automatically collect:

• Technical Data: IP address, browser type and version, time zone setting, browser plug-in types, operating system and platform
• Usage Data: Information about how you use our website, products, and services
• Device Information: Device type, unique device identifiers, mobile network information
• Cookies and Tracking Technologies: Data collected through cookies, web beacons, and similar technologies (see Cookie Policy section)
• Log Information: Server logs, error reports, and performance data

1.3 Information from Third Parties

We may receive information about you from:

• Payment Processors: Transaction and payment verification data
• Analytics Providers: Website usage and performance data
• Social Media Platforms: If you connect your social media accounts or interact with us on social platforms
• Business Partners: Information shared when you engage with our partners or affiliate services
• Public Sources: Publicly available information for business verification purposes

2. How We Use Your Information

We use your personal data for the following purposes:

2.1 Service Delivery

• Providing and delivering our digital services across all brands
• Creating and managing your accounts
• Processing transactions and sending transaction confirmations
• Developing, customizing, and implementing WordPress websites (WP Crafters)
• Managing e-commerce solutions and marketplace operations (Sellerscraft)
• Delivering digital nomad services and remote work solutions (We Suffer Nomads)
• Implementing AI-powered solutions and automation (Agent AI Crafters)

2.2 Communication

• Responding to your inquiries and support requests
• Sending service-related notifications and updates
• Providing customer support and technical assistance
• Sending administrative information about account changes or policy updates

2.3 Marketing (with your consent where required)

• Sending promotional emails about our services, new features, and special offers
• Personalizing marketing messages based on your interests
• Conducting market research and surveys
• You can opt-out of marketing communications at any time

2.4 Business Operations

• Improving and optimizing our services and user experience
• Analyzing usage patterns and trends
• Conducting research and development
• Detecting, preventing, and addressing technical issues
• Enforcing our terms and conditions

2.5 Legal Compliance

• Complying with legal obligations and regulations
• Protecting our rights and property
• Preventing fraud and ensuring security
• Resolving disputes and enforcing agreements

3. Legal Basis for Processing (GDPR & UK GDPR)

For users in the UK and EU, we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to fulfill our contractual obligations to you
• Legitimate Interests: Processing necessary for our legitimate business interests (e.g., improving services, fraud prevention)
• Consent: Where you have given explicit consent for specific processing activities
• Legal Obligation: Where processing is required by law
• Vital Interests: Where processing is necessary to protect someone's life

4. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

• Active Account Data: Retained while your account is active and for a reasonable period after account closure
• Transaction Records: Retained for accounting and legal compliance purposes (typically 7 years)
• Marketing Data: Retained until you withdraw consent or opt-out
• Support Communications: Retained for quality assurance and legal purposes (typically 3-7 years)
• Legal Hold Data: Retained as required by law or for legal proceedings

After the retention period expires, we securely delete or anonymize your personal data.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

5.1 Service Providers

• Hosting Providers: For website and data hosting
• Payment Processors: For secure payment processing
• Email Service Providers: For communication and marketing emails
• Analytics Services: For website and service analytics (e.g., Google Analytics)
• Cloud Storage Providers: For secure data storage
• Customer Support Tools: For managing support tickets and communications

5.2 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your data may be transferred to the successor entity.

5.3 Legal Requirements

We may disclose your information when required by law, legal process, government request, or to:

• Protect our rights and property
• Prevent fraud or illegal activity
• Protect the safety of our users or the public
• Comply with regulatory obligations

5.4 Third-Party Platforms

When providing services through our brands, we may need to access third-party platforms you use (e.g., WordPress hosting, e-commerce platforms, Amazon seller accounts) with your explicit authorization.

6. International Data Transfers

As we operate globally, your personal data may be transferred to and processed in countries outside your jurisdiction, including:

• Data Centers: Located in various countries for hosting and storage
• Service Providers: Operating in different jurisdictions
• Cloud Services: With international infrastructure

6.1 Safeguards for International Transfers

For transfers from the UK/EU to countries without adequate data protection laws, we implement appropriate safeguards:

• Standard Contractual Clauses (SCCs): EU-approved contract terms
• Adequacy Decisions: Transfers to countries with adequate protection as recognized by UK/EU authorities
• Additional Security Measures: Encryption, access controls, and contractual protections
• Your Consent: Where applicable and legally permissible

7. Your Privacy Rights

Depending on your location, you may have the following rights:

7.1 Rights for UK/EU Users (GDPR & UK GDPR)

• Right of Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restriction: Request limitation of processing in certain circumstances
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent for processing at any time
• Right to Lodge a Complaint: File a complaint with your local data protection authority

7.2 Rights for California Users (CCPA/CPRA)

• Right to Know: Request information about data collection and use
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale or sharing of personal information (note: we do not sell personal data)
• Right to Non-Discrimination: Not receive discriminatory treatment for exercising privacy rights
• Right to Correct: Request correction of inaccurate information
• Right to Limit Use: Limit use and disclosure of sensitive personal information

7.3 Rights for Other Jurisdictions

We respect privacy rights under applicable local laws. Contact us to learn about your specific rights.

7.4 Exercising Your Rights

To exercise any of these rights, please contact us at:

We will respond to your request within the timeframe required by applicable law (typically 30 days for GDPR requests).

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

8.1 Security Measures

• Encryption: Data encryption in transit (SSL/TLS) and at rest
• Access Controls: Role-based access and authentication requirements
• Secure Infrastructure: Firewall protection and regular security updates
• Employee Training: Staff trained on data protection and security practices
• Vendor Management: Due diligence on third-party service providers
• Regular Audits: Periodic security assessments and vulnerability testing
• Incident Response: Procedures for detecting and responding to security breaches

8.2 Your Responsibility

• Use strong, unique passwords for your accounts
• Keep your login credentials confidential
• Enable two-factor authentication where available
• Report any suspected security breaches immediately

8.3 Data Breach Notification

In the event of a data breach affecting your personal data, we will notify you and relevant authorities as required by applicable law.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze usage.

9.1 Types of Cookies We Use

• Strictly Necessary Cookies: Essential for website functionality and security
• Performance Cookies: Collect information about how you use our website (e.g., Google Analytics)
• Functional Cookies: Remember your preferences and choices
• Targeting/Marketing Cookies: Track your browsing to deliver relevant advertising (only with your consent)

9.2 Managing Cookies

You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality.

For more detailed information, please see our separate Cookie Policy.

10. Third-Party Links and Services

Our website may contain links to third-party websites, plugins, or applications. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

11. Children's Privacy

Our services are not directed to individuals under the age of 16 (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without proper consent, we will take steps to delete that information promptly.

12. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, legal requirements, or business operations. We will notify you of material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending email notifications for significant changes (where we have your email address)
• Displaying a prominent notice on our website

Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

13. Contact Information

13.1 Data Controller

13.2 Privacy Questions

For questions, concerns, or requests regarding this privacy policy or our data practices, please contact us at:

We aim to respond to all inquiries within 7 business days.

13.3 Supervisory Authorities

UK Users:

• Information Commissioner's Office (ICO)
• Website: https://ico.org.uk

EU Users:

• Your local data protection authority
• List available at: https://edpb.europa.eu/about-edpb/board/members_en

California Users:

• California Attorney General's Office
• Website: https://oag.ca.gov/privacy

14. Specific Provisions by Jurisdiction

14.1 United Kingdom

This policy complies with UK GDPR and the Data Protection Act 2018. Our lawful basis for processing and your rights are as described in this policy.

14.2 European Union

This policy complies with the EU General Data Protection Regulation (GDPR). We do not process special categories of personal data without explicit consent or other lawful basis.

14.3 United States

California: We comply with the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). We do not sell personal information.

Other US States: We comply with applicable state privacy laws including those in Virginia, Colorado, Connecticut, and Utah.

14.4 Other Jurisdictions

We comply with applicable privacy and data protection laws in all jurisdictions where we operate. Contact us for jurisdiction-specific information.

15. Do Not Track Signals

Some browsers offer a "Do Not Track" (DNT) signal. Currently, there is no industry standard for responding to DNT signals. We do not currently respond to DNT signals, but we respect your privacy choices as outlined in this policy.

16. Your Consent

By using our services, you consent to the collection, use, and processing of your personal data as described in this privacy policy. For certain processing activities, we may seek your explicit consent, which you can withdraw at any time.