top of page

Privacy Policy

Last updated: 18 August 2025

This Privacy Policy explains how [Plugzy] (“we”, “us”, “our”) collects, uses, shares, and protects personal data when you visit [plugzy.com], use our apps, plug-ins, and extensions (the “Services”), or interact with us.

 

 

1) Who we are (Controller vs Processor)

 

  • For our website, accounts, billing, marketing, and support: [Plugzy legal entity + address] is the data controller.

  • For end-user data processed through our plug-ins/extensions on your sites: we act as a data processor on your instructions; you (the customer) are the data controller.

 

Contact: accounts@plugzy.com

EU/EEA contact or DPO accounts@plugzy.com

UK contact: accounts@plugzy.com

 

 

2) What we collect

 

  • Account & Contact Data: name, email, company, role, password hash, preferences.

  • Billing & Payments: billing address, VAT/Tax ID, transaction details (payments handled by [Stripe/other]; we don’t store full card numbers).

  • Service/Usage Data: events from our plug-ins (e.g., activation, configuration, performance, feature use), logs, error/crash reports, device and browser info, IP, timestamps.

  • Support & Comms: tickets, chat, email correspondence, feedback, NPS.

  • Marketing Data: opt-ins/opt-outs, campaign interactions, cookies.

  • Job Applicants: CV/resume, cover letter, interview notes (if you apply).

 

We do not knowingly collect special category data.

 

 

3) How we use data & legal bases

 

  • Provide and maintain the Services (create accounts, authenticate, configure plug-ins, process payments, provide support). Legal basis: Contract.

  • Improve & secure the Services (analytics, debugging, preventing abuse). Legal basis: Legitimate interests.

  • Communications (service notices, updates, product changes). Legal basis: Legitimate interests/Contract.

  • Marketing (with your consent) (newsletters, offers). Legal basis: Consent (you can withdraw anytime).

  • Legal compliance (tax, accounting, enforcing terms). Legal basis: Legal obligation.

 

We do not use your personal data for automated decision-making that produces legal or similarly significant effects.

 

 

4) Cookies & similar tech

 

We use essential cookies to run the site and optional analytics/marketing cookies to understand usage and measure performance. You can manage preferences via our Cookie Settings and your browser. See our [Cookie Policy] for details.

 

 

5) Sharing & recipients

 

We share data only with trusted processors who help us deliver the Services, such as:

 

  • Hosting & Infrastructure: [e.g., AWS, Cloudflare]

  • Payments: [Stripe/other]

  • Product Analytics / Crash Reporting: [e.g., Plausible / PostHog / Sentry]

  • CRM/Support & Email: [e.g., HubSpot/Intercom/Help Scout, MailerSend]

 

We bind processors by contract (including confidentiality and security). We do not sell personal data.

 

 

6) International transfers

 

Where data is transferred outside the UK/EU/EEA, we rely on appropriate safeguards (e.g., EU Standard Contractual Clauses, UK IDTA/Addendum) and conduct risk assessments where required.

 
 
7) Data retention

 

  • Accounts & billing: kept while your account is active and for [6–7 years] afterwards to satisfy tax/accounting laws.

  • Service/usage logs: [90–365 days], unless needed longer for security or disputes.

  • Support tickets: [2–3 years] after closure.

  • Marketing data: until you withdraw consent or after [2 years] of inactivity.

    We may retain limited data to comply with legal obligations or resolve disputes.

 

 

8) Your rights

 

Subject to law, you may have the right to access, rectify, erase, restrict, object, and port your personal data, and to withdraw consent at any time.

 

  • EU/EEA: you can lodge a complaint with your local authority or the Office of the Commissioner for Personal Data Protection (Cyprus).

  • UK: you can contact the ICO.

 

To exercise rights, email accounts@plugzy.com.

 

 

9) Security

 

We use appropriate technical and organisational measures (encryption in transit, access controls, least privilege, logging/monitoring). No method is 100% secure, but we work to protect your data continuously.

 

 

10) Children

 

Our Services are not directed to children under 16 (or the age defined by local law). If you believe a child has provided data, contact us and we’ll delete it.

 

 

11) Controller responsibilities (for customers)

 

If you install our plug-ins or connect our APIs, you are responsible for:

 

  • Providing a lawful basis to process your end-users’ data;

  • Presenting accurate privacy notices and cookie disclosures on your site;

  • Configuring our plug-ins in line with your legal obligations;

  • Honouring end-user rights requests.

 

We act on your documented instructions as a processor and provide a Data Processing Addendum (DPA) on request.

 

 

12) Third-party links

 

Our site may link to third-party services. Their privacy practices are governed by their own policies.

 

 

13) Changes to this policy

 

We may update this Policy from time to time. We’ll post changes here and update the “Last updated” date. Material changes may be notified by email or in-app.

 

 

14) Contact us

 

Plugzy Ltd

Address: 14, Nikolaou I. Paphos 8010, Cyprus

Email: accounts@plugzy.com

EU/EEA representative or DPO: accounts@plugzy.com

UK representative: accounts@plugzy.com

bottom of page