Cookie Handler Privacy Policy

WODS.Agency ÖU ("we," "us," "our," or "Cookie Handler") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Cookie Handler service ("Service").

This Privacy Policy applies to information we collect:

• Through our website at cookiehandler.io
• Through our SaaS platform and dashboard
• Via email, text, and other electronic messages
• When you interact with our customer support

1. Information We Collect

1.1 Information You Provide Directly

Account Information: When you create an account, we collect:

• Name and email address
• Company/organization name
• Password (encrypted)
• Billing information (processed by our payment processor)
• Profile preferences and settings

Communication Data: When you contact us, we may collect:

• Email correspondence
• Support ticket information
• Feedback and survey responses
• Phone call records (with consent)

1.2 Information Collected Automatically

Usage Data: We automatically collect:

• Login dates and times
• Features used and actions taken
• API calls and integration data
• Error logs and performance metrics
• Device and browser information
• IP addresses and general location data

Cookies and Tracking: Our website uses:

• Essential cookies for functionality
• Analytics cookies (with consent)
• Performance and optimization cookies
• Session management cookies

1.3 Information from Third Parties

Payment Processors: We receive limited billing information from Stripe and other payment providers.

Integrations: When you connect third-party services, we may receive data necessary for those integrations to function.

2. How We Use Your Information

We use your information for the following purposes:

2.1 Service Provision

• Creating and managing your account
• Providing the Cookie Handler service
• Processing payments and billing
• Delivering customer support
• Sending service-related communications

2.2 Service Improvement

• Analyzing usage patterns and performance
• Developing new features and improvements
• Conducting research and analytics
• Testing and quality assurance
• Security monitoring and fraud prevention

2.3 Legal and Compliance

• Complying with legal obligations
• Protecting our rights and interests
• Responding to legal requests
• Enforcing our Terms of Service
• Preventing misuse of our Service

2.4 Marketing (With Consent)

• Sending product updates and newsletters
• Providing relevant offers and promotions
• Conducting customer satisfaction surveys
• Marketing our services to similar businesses

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process your personal data based on:

• Contract Performance: To provide the Service you have requested
• Legitimate Interests: For service improvement, security, and business operations
• Legal Compliance: To meet regulatory requirements
• Consent: For marketing communications and optional features (you can withdraw consent anytime)

4. Information Sharing and Disclosure

We do not sell your personal data. We may share your information in these situations:

4.1 Service Providers

We use trusted third-party providers for:

• Payment processing (Stripe)
• Email delivery (Mailjet)
• Cloud hosting and infrastructure
• Analytics and monitoring tools
• Customer support platforms

4.2 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal processes
• Respond to government requests
• Protect our rights and safety
• Prevent fraud or security threats
• Enforce our Terms of Service

4.3 Business Transfers

In connection with mergers, acquisitions, or asset sales, your information may be transferred to the new entity, subject to the same privacy protections.

4.4 With Your Consent

We may share information for other purposes with your explicit consent.

5. Data Security

We implement industry-standard security measures including:

Technical Safeguards:

• Encryption in transit and at rest
• Access controls and authentication
• Regular security audits and testing
• Secure development practices
• Network security and monitoring

Administrative Safeguards:

• Employee privacy training
• Access on a need-to-know basis
• Background checks for key personnel
• Incident response procedures
• Regular security policy reviews

Physical Safeguards:

• Secure data centers
• Environmental controls
• Restricted physical access
• Secure equipment disposal

Despite our efforts, no system is 100% secure. We cannot guarantee absolute security but will notify you of any material breaches as required by law.

6. Data Retention

We retain your information for as long as necessary to:

• Provide the Service to you
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Fulfill legitimate business purposes

Specific Retention Periods:

• Account data: Retained while your account is active plus 30 days after deletion
• Usage logs: 12 months
• Support communications: 3 years
• Financial records: 7 years (tax compliance)
• Marketing data: Until you unsubscribe plus 2 years

7. Your Privacy Rights

Depending on your location, you may have these rights:

7.1 General Rights

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate information
• Erasure: Request deletion of your data
• Portability: Receive your data in a structured format
• Objection: Object to certain processing activities

7.2 GDPR Rights (EU Residents)

• Right to restrict processing
• Right to withdraw consent
• Right to lodge complaints with supervisory authorities
• Right to be informed about automated decision-making

7.3 CCPA Rights (California Residents)

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt out of sale (we do not sell data)
• Right to non-discrimination for exercising privacy rights

To exercise your rights, contact us at privacy@cookiehandler.io or through your account settings.

8. International Data Transfers

Cookie Handler is based in Estonia (EU). If you are located outside the EU, your data may be transferred to and processed in the EU and other countries where we or our service providers operate.

We ensure adequate protection through:

• EU adequacy decisions
• Standard Contractual Clauses
• Other approved transfer mechanisms
• Appropriate safeguards as required by law

9. Privacy for Children

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

10. California Privacy Rights

10.1 CCPA Information

Under the California Consumer Privacy Act (CCPA), California residents have specific rights regarding their personal information.

Personal Information We Collect:

• Identifiers (name, email, IP address)
• Commercial information (purchase history)
• Internet activity (usage data)
• Professional information (company details)

Sources: Directly from you, automatically from device interaction, from third-party payment processors

Business Purposes: Service provision, security, analytics, customer support, legal compliance

Sharing: We share information with service providers under contract, not for commercial sale

10.2 CCPA Rights

• Right to Know: Categories and specific pieces of personal information collected
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: We do not sell personal information
• Right to Non-Discrimination: Equal service regardless of exercising rights

Contact us at privacy@cookiehandler.io to exercise CCPA rights.

11. Updates to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

• Email registered users about significant changes
• Post the updated policy on our website
• Update the "Last Updated" date
• Provide notice through our Service

Your continued use of the Service after changes indicates acceptance of the updated policy.

12. Contact Information

For privacy-related questions, concerns, or requests:

Privacy Officer: privacy@cookiehandler.io
General Support: support@cookiehandler.io
Mailing Address:
WODS.Agency ÖU
Harju maakond, Tallinn
Lasnamäe linnaosa, Sepapaja tn 6
15551, Estonia

EU Representative: For GDPR-related inquiries, contact privacy@cookiehandler.io

Response Time: We aim to respond to privacy requests within 30 days (or as required by applicable law).

13. Definitions

Personal Data: Any information relating to an identified or identifiable natural person.

Processing: Any operation performed on personal data, including collection, use, storage, and deletion.

Controller: The entity that determines the purposes and means of processing personal data.

Processor: The entity that processes personal data on behalf of a controller.