Privacy Policy

1. Who we are

Webwicked ("we", "us", "our") operates the Webwicked B2B platform at webwicked.com. We are the data controller for personal data collected through the Platform.

For data protection enquiries, contact us at bartekburnat309@gmail.com.

2. Data we collect

We collect the following categories of personal data:

• Account data: name, email address, password (hashed), and account settings.
• Business data: business name, address, company number, contact details, and profile information.
• Transaction data: order history, payment records, and deal activity.
• Usage data: pages visited, features used, IP address, browser type, and device information.
• Communications: messages sent through the platform's messaging system.
• Marketing data: email preferences and responses to communications (only if you have opted in).

3. How we use your data

We use your personal data to:

• Provide and operate the Webwicked platform.
• Process transactions and manage deal pipelines.
• Verify business identities and prevent fraud.
• Send account, transaction, and service notifications.
• Send marketing communications (only with your consent).
• Improve the Platform through analytics and user research.
• Comply with our legal obligations.

4. Legal basis for processing

Under UK GDPR, we process your data on the following legal bases:

• Contract performance: to deliver the services you have signed up for.
• Legitimate interests: to improve the Platform, prevent fraud, and ensure security.
• Legal obligation: where required by law.
• Consent: for marketing communications — you may withdraw consent at any time.

5. Sharing your data

We do not sell your personal data. We may share data with:

• Stripe: for payment processing. See Stripe's Privacy Policy.
• Hosting and infrastructure providers: under strict data processing agreements.
• Analytics providers: such as Google Analytics, in anonymised/aggregated form.
• Law enforcement: where legally required to do so.

6. Data retention

We retain your personal data for as long as your account is active or as needed to provide services. After account closure, we retain data for up to 7 years for legal and tax purposes, after which it is securely deleted.

7. Your rights

Under UK GDPR you have the right to:

• Access the personal data we hold about you.
• Rectify inaccurate data.
• Erase your data (subject to legal obligations).
• Restrict processing in certain circumstances.
• Data portability — receive your data in a machine-readable format.
• Object to processing based on legitimate interests.
• Withdraw consent for marketing at any time.

To exercise any of these rights, contact us at bartekburnat309@gmail.com.

8. Cookies

We use cookies to maintain your session, remember preferences, and collect analytics data. You can control cookies through your browser settings. Disabling cookies may affect Platform functionality.

9. Security

We implement industry-standard security measures including HTTPS encryption, hashed passwords, and access controls. While we take all reasonable precautions, no online platform can guarantee absolute security. Please use a strong, unique password and report any security concerns to us promptly.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email. The latest version will always be available at this page.

11. Contact & complaints

For privacy-related queries, contact us at bartekburnat309@gmail.com.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).