Privacy policy

This Privacy Policy should be reviewed alongside our Terms of Service. By using our Website and Services, you acknowledge that you have read and agreed to both documents.

This Privacy Policy (“Policy”) outlines how Getwebcraft Limited (“Getwebcraft,” “we,” “us,” or “our” as appropriate) collects, stores, utilizes, and shares your information during your interactions with our Website and the usage of our products and services (collectively, “Services”). It also describes your rights in relation to your personal information.

By visiting our website and utilizing our Services, you give consent to the collection, transfer, manipulation, storage, disclosure, and other forms of using your information, as described within this Privacy Policy.

1. Introduction

1.1 We are committed to safeguarding the privacy of our website visitors and service users. A visitor of our website or end user of our service is referred to as “you”, “your(s)” or “yourself”.

1.2 This policy applies where we are acting as a data controller with respect to the Personally Identifiable Information (hereinafter to be referred to as “PII”), as defined in Article 4 of the GDPR, of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data.

1.3 This Privacy Policy also applies to the transfer of personal data from the UK to countries outside of the UK. We use the UK Addendum to ensure that personal data is transferred in a secure and compliant manner.

1.4 Our website incorporates privacy controls which affect how we will process your personal data. By using the privacy controls, you can specify whether you would like to receive direct marketing communications. You can access the privacy controls via your Getform dashboard.

1.5 In addition, the terms “collect”, “process”, “treat”, “use”, “share”, “disclose”, “divulge” and analogous words shall refer to your PII and other data collected from our visitors and end users.

1.6 From time to time, this Policy may be translated into other languages for your convenience. The English language version of each of these documents shall be the version that prevails and governs your use of Site and our products and services. Upon the case of any conflict between the English language version and any translated version, the English language version will prevail.

2. Information We Collect

2.1 When using our Services, we may ask you to provide us with some PII that can be used to contact or identify you, and information on your use or potential use of the Services. PII that we might collect includes information like your email address and name. PII may also include other information you supply to us concerning your preferences and interests expressed in the course of using the Services. By providing us with this information, you consent to your information being collected, used, disclosed, and stored by us in accordance with this Privacy Policy.

By providing us with this information, you consent to your information being collected, used, disclosed, and stored by us in accordance with this Privacy Policy.

We will only collect personal data that is necessary for the purposes described in this Privacy Policy. We will not collect any Special Categories of Personal Data (such as data about race, religion, or health) without your explicit consent.

2.2 We use your PII to administer your account and provide you services, to send communications and administrative emails, to respond to your inquiries, and to send marketing and product update messages to those who ask for such messages. Overall, through the provision of its Services, Getwebcraft will collect the following types of PII:

Personal Information

Personal Information includes information that can be used to personally identify an individual person, including but not limited to: first name, last name, title, date of birth, billing address, email address and telephone numbers.

Accordingly, you hereby represent and warrant to Getwebcraft that you have the necessary rights and authorizations required for the disclosure of any and all PII.

Personal Information collected by Getwebcraft includes: Name and Email

Non-Personal InformationNon-Personal Information includes information that cannot be used to personally identify an individual person, such as: general demographic information, anonymous usage data including number of clicks, platform types, preferences you submit and preferences that are generated based on the data you submit.
Personal Information Collected via Third-Party ToolsPersonal Information Collected via Third-Party Tools includes such information as aggregated user statistics, analytics, demographic information, and website usage information. As our user, you will generally be able to control and select the amount and type of PII you may disclose to us.
Personal Information Collected via Social Media IntegrationWe may allow our users to use single sign-on authentication services such as those provided by Facebook, Google, and others (if applicable). Henceforth, the Site might provide an option of using your social media credentials and, thus, by such action, we will collect your PII as given by such third-party platforms, but never more than the PII these platforms disclose. If you close your social media account, or if you deauthorize our access, your access to our website may be suspended. For more information, please read the terms and policies of such third-party platforms.
Technical Information Collected via our websiteAs you navigate through the website, certain information can be passively collected (that is, gathered without you actively providing the information) using various technologies and means, such as Internet Protocol addresses, cookies, Internet tags, and navigational data collection.
Internet Protocol (IP) addressesAn IP Address is a number assigned to your computer by your Internet service provider so you can access the Internet and is generally considered to be non-personally identifiable information, because in most cases an IP address is dynamic (changing each time you connect to the Internet), rather than static (unique to a particular user's computer). We use your IP address to diagnose problems with our server, report aggregate information, determine the fastest route for your computer to use in connecting to our Website, and administer and improve services to our consumers.
CookiesA "cookie" is a bit of information that a website sends to your web browser that helps the site remember information about you and your preferences. "Session cookies" are temporary bits of information that are erased once you exit your web browser window or otherwise turn your computer off. Session cookies are used to improve navigation on websites and to collect aggregate statistical information.
Persistent CookiesPersistent cookies are more permanent bits of information that are placed on the hard drive of your computer and stay there unless you delete the cookie. Persistent cookies store information on your computer for a number of purposes, such as retrieving certain information you have previously provided (e.g., username), helping to determine which areas of the website visitors find most valuable, and customizing the website based on your preferences.
Internet tagsInternet tags, also known as single-pixel GIFs, clear GIFs, invisible GIFs, and 1-by-1 GIFs, are smaller than cookies and tell the Site´s server information such as the IP address and browser type related to the visitor's computer.
Navigational dataNavigational data is also known as "log files," "server logs", "clickstream" data and "Internet Tags", and used for system management, to improve the content of the site, market research purposes, and to communicate information to visitors.

2.3 We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

2.4 We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

2.5 You can instruct your device or browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie. If you do not accept cookies, however, you may not be able to use all functionality of our Services.

2.6 When we send emails to our registered customers, we may track who opened the emails and who clicked on any of the hyperlinks. We do this to measure the performance of our email campaigns, and to improve our offerings.

3. Third-Party Links and Services

3.1 It is possible that the Website will contain links to third-party websites and services. Please remember that when you use a link to go from our Website to another website or you request a service from a third party, this privacy policy no longer applies.

3.2 Your browsing and interaction on any other website, or your dealings with any other third-party service provider, is subject to that website’s or third-party service provider’s own rules and policies.

3.3 We do not monitor, control, or endorse the privacy practices of any third parties.

3.4 We encourage you to become familiar with the privacy practices of every website you visit or third-party service provider that you deal with and to contact them if you have any questions about their respective privacy policies and practices.

3.5 This privacy policy applies solely to personal information collected by us through our Website and functionality and does not apply to these third-party websites and third-party service providers.

4. Use and Disclosure of Personal Information

4.1 We use your personal information to provide you with our services, to communicate with you, to improve our services, and to protect our legal rights. We may also share your personal information with third parties, such as our payment processors.

4.2 We do not use or disclose your PII without your consent unless one of the following circumstances applies:

  • We will need to use your PII in order to comply with the obligations we have under the service agreement we have with you.
  • We may share aggregated information with third parties that does not include PII and we may otherwise disclose aggregated service usage information with third parties.
  • We will use the information you provide to bill and collect sums owed to us. Uses for this purpose include sending you emails, invoices, receipts, and notices of delinquency, to alert you if we need a different credit card number, and to otherwise try to collect money owed. Financial transactions relating to our website and services are handled by our payment services providers called Adyen, Bluesnap, and PayPal. We advise you to read and agree to their terms and conditions and their privacy policy as well when using our Website. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
  • We may send you informational and promotional content in accordance with your marketing preferences. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email.
  • We may use your information to request feedback and to contact you about your use of our website, to administer a contest, promotion, survey or other site feature.
  • We may use your information as part of our efforts to keep our website safe and secure (for example, for fraud monitoring and prevention).
  • We may use your information and PII as supporting items in order to enforce our terms, conditions and policies for business purposes, to comply with legal and regulatory requirements or in connection with our contract, as well as to respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond. We may send you system alert messages. For example, we may inform you of temporary or permanent changes to our Services, such as planned outages, new features, version updates, releases, abuse warnings, and changes to our Privacy policy.
  • We may share Personal information with third parties if access, use, or disclosure of such information is necessary to (a) satisfy applicable law, regulation, legal process or an enforceable governmental request, (b) enforce the applicable Terms of service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against harm to the rights, property or safety of Getwebcraft, its users or the public as required or permitted by law.
  • If our business is sold or merges in whole or in part with another business that would become responsible for providing the website to you, we retain the right to transfer your PII to the new business. The new business would retain the right to use your PII according to the terms of this Privacy Policy as well as to any changes to this privacy notice as instituted by the new business. We will also retain the right to transfer your PII if our company files for bankruptcy and some or all of our assets are sold to another individual or business.

4.3 In order to provide our services, we use third-party platforms and tools, such as those provided by PayPal, Google, and Amazon, among other providers. Please be aware that such platforms are governed by their own terms, policies, and personal data collection practices and policies. Accordingly, by acknowledging your consent to this Policy, you are also acknowledging the applicable terms and conditions of such third-party platforms, which provide functionalities that include aggregated statistics. Upon the case of any discrepancy or conflict between this Policy and their terms, the terms of the latter entities will govern.

We will keep a list of any sub-processors that will be involved in the processing of your PII due to the provision of our service and will inform you of any intended material changes concerning the addition or replacement of sub-processors before such changes are effective, thereby giving you the opportunity to object to such changes.

4.4 Finally, we may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

5. Retaining and Deleting Personal Data

5.1 Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

5.2 We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation with respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

6. Your Privacy Rights as Data Subject

6.1 As we mentioned hereabove, for the purposes of the General Data Protection Regulation or GDPR, for European Union residents and United Kingdom residents, Getwebcraft is a “data controller” of the PII you provide to us for the primary purposes of providing you with our services.

This section below covers the certain situations that you, as a data subject, and we as a data controller, are most likely to see, but you should also carefully review the full list of data subject rights here: https://gdpr-info.eu/chapter-3/ and https://gdpr-info.eu/chapter-4/

  • You have the right to be informed about the PII we collect from you, and how we process it. For our EU and UK customers and users, by signing up, you agree to the terms and conditions of our services and hereby acknowledge, agree, and unequivocally consent to the collection, processing, management, treatment, transfer, and authorization of your PII by Getwebcraft, its affiliates, and authorized third parties.
  • If you are a resident of Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html.

6.2 You can request information provided be “forgotten”; that is, to have your entire PII removed from our service. If we are asked to do this, in accordance with Article 17 GDPR, we will remove any PII we collected from you as requested. We will also need to contact any third parties that process your PII on our behalf, such as our cloud service providers. To ensure that any personal data in the possession of Getwebcraft can be removed in a timely manner, you can relay any request to be “forgotten” to us by submitting a request.

6.3 As a data subject, in accordance with Article 15 GDPR, you have the right to obtain confirmation as to whether we process your personal data and, where we do, access the personal data. You can always ask us to confirm how and where your PII is being stored and processed. You also have the right to know how that data is shared with third parties by us.

6.4 As a data subject, in accordance with Article 16 GDPR, you have the right to have any inaccurate PII about you rectified and, considering the purposes of the processing, to have any incomplete PII data about you completed.

6.5 In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent for consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and/or the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include situations where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation or for the establishment, exercise or defence of legal claims.

6.6 In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

6.7 In accordance with Article 18 GDPR, you have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for:

  • the performance of a task carried out in the public interest or in the exercise of any official authority vested in us;
  • direct marketing (including profiling);
  • processing for purposes of scientific/historical research and statistics;
  • in relation to automated decision-making and profiling;
  • or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.

6.8 In accordance with Article 20 GDPR, our users located in the EU, EEA or/and UK may request Getwebcraft to send them any PII in our possession. In this case, we will provide you with any PII that you have in a commonly used, machine-readable format.

6.9 You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

6.10 To the extent that the legal basis for our processing of your personal information is consent, in accordance with Article 7 (3) GDPR, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

6.11 You have the right to file a complaint with supervisory authorities if your information has not been processed in compliance with the GDPR. In accordance with Article 77 GDPR, if the supervisory authorities fail to address your complaint properly, you may have the right to a judicial remedy.

6.12 In respect to data transfers from controllers to processors and/or processors to processors, standard contractual clauses pursuant to Article 28(7) of Regulation (EU) 2016/679 (including enforceable data subject rights and effective legal remedies, pursuant to Article 46(1) and Article 46(2)(c) of Regulation 2016/679), we act as a data exporter/controller transferring any data provided to us to the data importer/processor. We may transfer the information you provide to us to contractors and affiliated organisations that may be located outside of your home country. By agreeing to use our service and website, you hereby agree to such transfer. It is our responsibility to ensure such third parties agree to the same level of confidentiality as we have with you. As a data exporter, we will make all reasonable efforts to determine that the data importer is able, through the implementation of appropriate technical and organisational measures provide the required service and protect any data provided to them. We will also ensure the data provided to the data importer are used only for specific reasons to which you have consented or as may be required to provide our services to you.

6.13 This Privacy Policy complies with the relevant SCCs and the UK Addendum. We use these mechanisms to ensure that your personal information is transferred securely and in a compliant manner when it is transferred from the European Economic Area (EEA) or the United Kingdom (UK) to the United States of America (USA).

6.14 You may exercise any of your rights in relation to your PII data by means of a written notice to us. Your privacy notice request must include, at the least, the following information: (i) your complete name, address and/or e-mail address for us to notify you the response to your request; (ii) attached documents establishing your identity; and (iii) a clear and concise description of the PII with regard to which you seek to enforce any of your privacy rights. If you request rectification, please indicate amendments to be made and attach documentation to back up your request.

  • Upon receipt of your written privacy notice request, and after due review, we may then edit, deactivate and/or delete your PII from our services within thirty (30) days. In the case of secure databases under our control where deletion is impossible, we will make such information permanently inaccessible.

7. Safeguarding Your Information

7.1 We are committed to keeping the personal information you provide us secure and we will take reasonable precautions to protect your personal data from loss, misuse and unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the personal data.

7.2 You can be assured that personal information collected through the website is secure and is maintained in a manner consistent with current industry standards, but please remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

7.3 We have implemented information security policies, rules and technical measures to protect the personal information that we have under our control from:

  • unauthorized access;
  • improper use or disclosure;
  • unauthorized modification; and
  • unlawful destruction or accidental loss.

7.4 All our employees and data processors (i.e. those who process your personal information on our behalf, for the purposes listed above), who have access to, and are associated with the processing of personal information, are obliged to respect the confidentiality of the personal information of all users of the Site.

7.5 The importance of security for all PII associated with our users is of utmost concern to us. Your personal information is protected in several ways. We protect the information you input by undertaking the reasonable technical and administrative security measures (e.g. firewalls, data encryption, physical & administrative access controls to the data and servers) that limit the risk of loss, abuse, unauthorized access, disclosure, and alteration.

7.6 If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored within other encryption systems. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all requirements and implement additional generally accepted industry standards.

7.7 If you make a payment to us, we use third-party payment processors such as Adyen, Bluesnap or PayPal. Payments are encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) or analogous systems. Your purchase transaction data is stored only as long as it is necessary to complete your purchase transaction. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our site and related courses and its service providers.

8. User eligibility

8.1 This Website is not intended for children and we do not knowingly collect data relating to children. You must at least be eighteen (18) years of age or older to use our Website and our services. We may accept users under such age into our Services, provided, however, that they provide a valid consent proof of their parent or guardian.

8.2 We reserve the right to request any and all applicable proof of identification and consent proof from our users, at any moment, without prior notice, and at our sole and final discretion. Upon the failure to provide such proof of age, we reserve the right to immediately freeze, block or cancel the account, with no liability.

9. Amendments to this Privacy Policy

9.1 Periodically, and at our sole discretion, we may update, change, suspend and/modify our website, our Services, this Privacy Policy and/or our Terms of Use, in whole or in part.

9.2 You should check this page occasionally to ensure you are happy with any changes to this policy. Your use after any changes indicates your acceptance thereof.

9.3 We may notify you of changes to this policy by email.

10. Notice to California Residents

10.1 Pursuant to the California Consumer Privacy Act of 2018 or CCPA, Getwebcraft and its affiliates hereto provide the following notice regarding the categories of PII that we have collected or disclosed within the preceding twelve (12) months about California residents who are not employees, independent contractors, owners, directors, officers, or job applicants of Getwebcraft, or emergency contacts or benefits beneficiaries of the foregoing.

10.2 Henceforth, the CCPA provides Californians with the following rights:

  • Requests for Information:
    You (or your authorized agent) can request a copy of your PII, including how we have collected, used, and shared your PII over the past 12 months (if any), including the categories of PII we collected and our purposes for doing so; the categories of sources for that information; the categories of third parties with whom we shared it for a business purpose and our purposes for doing so.
  • Your Right to Opt Out of Sales:
    We do not sell your PII, thus, we do not offer opt out notices.
  • Your Right to Notification:
    Under the CCPA, we will not collect new categories of PII or use them for materially different purposes without first notifying you.
  • Nondiscrimination for exercising your CCPA Rights:
    The CCPA prohibits us from discriminating against you for exercising your rights under the law. Such discrimination may include denying services, charging different prices or rates for services, providing a different level or quality of services, or suggesting that you will receive a different level or quality of goods or services as a result of exercising your rights.
  • Your Right to Delete PII:
    You can request that we delete your PII by contacting Getwebcraft. You also can request that we delete specific information, and we will honor such requests, unless a due exception applies, such as when the information is necessary to complete a transaction, verify a fraud, review a chargeback or contract for which it was collected or when it is being used to detect, prevent, or investigate security incidents, comply with laws, identify and repair bugs or ensure another consumer’s ability to exercise their free speech rights or other rights provided by law.

Please take into consideration that we may deny your deletion request if retaining the PII is necessary for us, our affiliates, or our service providers in order to:

  • Complete the transaction for which we collected the PII information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
  • Debug our products to identify and repair errors that impair existing intended functionality;
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
  • Comply with a legal obligation that has substantive grounds;
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

10.3 Overall, we may collect or will collect the following categories of PII from our visitors, users, and customers as necessary to fulfill our legal obligations and operational business purposes:

  • Personal information, as defined in the California customer records law, such as contact information and financial information;
  • Identifiers, such as online identifier, IP address and name;
  • Financial information, such as transaction information and history and securities trading information and history;
  • Internet or network activity information, such as browsing history and interactions with our and other websites and systems;
  • Geolocation data, such as device location and IP location;
  • Audio, electronic, visual and similar information, such as video recordings created in connection with our business activities;
  • Inferences drawn from any of the PII listed above to create a profile or summary about, for example, an individual’s preferences and characteristics.

11. Questions and Complaints

If you have any questions or concerns about this Privacy policy, please feel free to contact us via email [email protected] or chat with us on our website or in the dashboard of your App.

Legal address
Klimentos 41-43, Klimentos Tower, Flat/Office 25, 1061, Nicosia, Cyprus

Date of last effective update is September 13, 2023.