Privacy Policy

1. Information We Collect

When you use Webooto, we may collect the following types of information:

• Personal Information: Name, email address, billing address, and payment details when you create an account or purchase a subscription.
• Usage Data: Information on how you access and use the Service. This may include your device's Internet Protocol (IP) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, and other diagnostic data.
• Cookies: We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

2. Use of Your Personal Data

We may use Personal Data for the following purposes:

• To provide and maintain our Service, including to monitor the usage of our Service.
• To manage your Account: to manage your registration as a user of the Service.
• For the performance of a contract: the development, compliance, and undertaking of the purchase contract for the products, items, or services you have purchased.
• To contact you: by email, telephone calls, SMS, or other equivalent forms of electronic communication.

3. End-User Data (Your Customers' Data)

As a B2B platform, Webooto provides the infrastructure for you (the Tenant) to operate your own services (e.g., online ordering systems). Any personal data collected from your end-customers ("End-User Data") is your sole responsibility.

• Data Controller: You act as the Data Controller under GDPR for all End-User Data. You must provide your own Privacy Policy to your customers and obtain valid consent for data collection.
• Data Processor: Webooto acts exclusively as the Data Processor. We do not access, sell, or use End-User Data for our own purposes. We only process it automatically via the platform software as instructed by you.

4. Data Processing and Storage

Webooto relies on highly secure European cloud infrastructure providers (such as OVH and Vercel) to host our backend architecture. Any data you input into your custom application (tenant) is logically isolated and secured within our European data centers. Your information, including Personal Data and End-User Data, is processed ensuring full compliance with the General Data Protection Regulation (GDPR).

5. Data Retention & Deletion

We retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. As the Data Controller of your End-User Data, you have full control over the retention and deletion of your customers' records within the Webooto dashboard. Upon termination of your Webooto subscription, all tenant databases, including End-User Data, will be permanently purged from our active systems within 30 days.

6. Your GDPR Rights

As a resident of the European Economic Area (EEA), you have certain data protection rights regarding your direct relationship with Webooto, including:

• The right to access, update or delete the information we have on you.
• The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
• The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable format.

7. Disclosure of Data

Webooto may disclose your Personal Data in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend the rights or property of Webooto, prevent or investigate possible wrongdoing in connection with the Service, or protect the personal safety of users of the Service or the public.

6. Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this Privacy Policy.

7. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your GDPR rights, please contact our Data Protection Officer at privacy@webooto.com.