We are committed to safeguarding the privacy of our website visitors and service users and all the personal data we process shall always be in line with the General Data Protection Regulation (GDPR). This document contains details on what data we collect from you if you choose to use our service, what we need this data for as well as your rights pertaining to your data. In this document “we” and “us” refers to the data controller WP Robot, while “you” refers to the data subject of whom personal data is collected.
What Data We Collect
Below you can find details on what data we might collect from you depending on how you use our website and services as well as details on what we use your data for and why we need it.
When browsing our website
We do not collect any personal information when just browsing our site but as with most websites our server collects a series of general data, which gets stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address) and (7) the Internet service provider of the accessing system. This anonymously collected data is not used to draw conclusions about you but is needed to optimize the content of our website and provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack.
When using our contact form
When using our contact form to directly communicate with us you need to enter your email address, your name as well as the message you want to send. By using our contact form you agree to the storage of the data voluntarily entered by you for the specific purpose of processing and replying to your contact requests. The data is not shared with any third parties and not used for any other purpose.
When registering for a WP Robot account
You have the possibility to register on our website in order to order WP Robot and use our offered services. Which personal data are transmitted to us is determined by your respective input mask used for the registration. By registering for WP Robot you agree with the collection and use of your personal data as detailed below.
If you want to register you need to provide us with your email address. This is used to send you your account details after the registration process has been completed and may also be used to send you other transactional emails, such as notifications of available updates on your managed sites. It may also be used to send you information about new products or new features that we have made available.
You will also need to enter your full name and full address, including street name, city, ZIP code, country you live in and if applicable your business name and your European VAT-ID. We are required to collect these details in order to determine the correct VAT rate to charge you according to European tax laws as well as to store the data for accounting purposes.
If you want to sign up for a paid WP Robot account you have the choice to use your Paypal account during checkout. Please see the section “Third Parties We Share Data With” below for details.
By registering the IP address assigned by your Internet service provider (ISP), date, and time of the registration are also stored in order to prevent the possible misuse of our services, and, if necessary, to make it possible to investigate committed offenses. Insofar, the storage of this data is necessary to secure the controller. This data is not passed on to third parties unless there is a statutory obligation to pass on the data.
When installing WP Robot
After purchase when you install the WP Robot plugin on your websites you need to enter your license key to activate your copy. During the activation process your website address (URL) is sent to and stored by us for the purpose of tracking usage of our plugin and adherence to the license terms and license site limits.
Third Parties We Share Data With
Payment processor: Paypal
If you choose “PayPal” as the payment option during the ordering process, we automatically transmit your data to PayPal in order to complete the checkout process. By selecting this payment option, you agree to the transfer of personal data required for payment processing. The personal data transmitted to PayPal is usually first name, last name, address, email address, IP address, or other data necessary for payment processing. The processing of the purchase contract requires such personal data, which are in connection with the respective order.
The transmission of the data is aimed at payment processing and fraud prevention. The controller will transfer personal data to PayPal, in particular, if a legitimate interest in the transmission is given. The personal data exchanged between PayPal and the controller for the processing of the data will be transmitted by PayPal to economic credit agencies. This transmission is intended for identity and creditworthiness checks. PayPal will, if necessary, pass on personal data to affiliates and service providers or subcontractors to the extent that this is necessary to fulfill contractual obligations.
The European operating company of PayPal is PayPal (Europe) S.Ã .r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. The applicable data protection provisions of PayPal can be found at https://www.paypal.com/us/webapps/mpp/ua/privacy-full.
We use Google Analytics (with the anonymizer function) on this website for their web analytics services and traffic data collection. We have implemented Google’s “anonymizeIp” feature, which means that your IP address is abridged by Google and anonymised when accessing our website. That means all the traffic data Google collects, such as the access time, the location from which the access was made, and the frequency of visits, is also collected anonymously and can not be tracked back to your person.
The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States. Further information and the applicable data protection provisions of Google can be found under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html.
Wordfence Security Plugin
Wordfence is a security plugin for WordPress operated by Defiant, Inc. which protects our site from malicious attacks and automated bot networks. For the purpose of security for our services Wordfence collects your IP address, the pages visited, entry and exit points, the domains from which visitors come and browser types. Further information and the applicable data protection provisions of Defiant, Inc. can be found under https://www.wordfence.com/privacy-policy/
Period For Which Your Data Will Be Stored
In general personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose. That means that we will regularly delete data that we do not need anymore, for example after you have canceled your account with us and stopped using our services.
As an exception we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject. For example due to tax laws we are required to keep records of invoice data for 10 years.
You may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If you deactivate the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.
Users may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.
The newsletter and transactional emails of WP Robot contains so-called tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails, which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, WP Robot may see if and when an e-mail was opened by a data subject, and which links in the e-mail were called up by data subjects. Such personal data collected in the tracking pixels contained in the newsletters are stored and analyzed by the controller in order to optimize the shipping of the newsletter, as well as to adapt the content of future newsletters even better to the interests of the data subject. These personal data will not be passed on to third parties. Data subjects are at any time entitled to revoke the respective separate declaration of consent issued by means of the double-opt-in procedure. After a revocation, these personal data will be deleted by the controller. WP Robot automatically regards a withdrawal from the receipt of the newsletter as a revocation.
In this section we have summarized the rights that you have under data protection law. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
Your principal rights under data protection law are:
The right to access
You have the right to confirmation as to whether or not we process your personal data and if so access to the personal data. We will supply to you a copy of your personal data provided the rights and freedoms of others are not affected by doing so.
The right to rectification
You have the right to have any inaccurate personal data about you corrected and any incomplete data completed.
The right to erasure
In some circumstances you have the right to the erasure of your personal data without undue delay. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary, such as for compliance with a legal obligation or for the establishment, exercise or defence of legal claims.
The right to object to or restrict processing
You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
The right to data portability
To the extent that the legal basis for our processing of your personal data is consent and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.
The right to complain to a supervisory authority
If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
The right to withdraw consent
To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
You may exercise any of your rights in relation to your personal data by contacting us via email at firstname.lastname@example.org or by using our contact form.
In most cases the legal basis for processing operations is that we have obtained consent from you for a specific processing purpose according to Art. 6(1) lit. a GDPR. If the processing of personal data is necessary for the performance of a contract to which you are a party, such as providing our services, the processing is based on Article 6(1) lit. b GDPR. The same applies to such operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our services. If we subject to a legal obligation by which processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1) lit. c GDPR.
In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6(1) lit. d GDPR. Finally, processing operations could be based on Article 6(1) lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 GDPR).
Use of Services by Minors
Children under the age of 13 years are not the target audience for this website or service. To protect their privacy, we prohibit the solicitation of personal information from children. If you are under the age of 13, please do not submit your email address or any other personal information to us through this website. WP Robot does not intentionally gather personal data about visitors who are under the age of 13.
Click to Contact Us
This document was last updated on April 28, 2018