Privacy Policy

1. Information We Collect

At WandWeb, we believe privacy is a fundamental human right. However, to provide bespoke digital agency services, certain data collection is unavoidable. We collect information in the following ways:

• Directly Provided Data: Information you submit through our Portal, contact forms, or email communications. This includes names, corporate entity details, email addresses, phone numbers, and project specifications.
• Automated Data: When navigating our site, we automatically collect analytical data including IP addresses, browser types, interaction heatmaps, and timestamps via secure logging systems.
• Financial Data: While we log transaction histories and invoice generation locally, we do not store raw credit card numbers on our servers. All payment processing is vaulted entirely through our PCI-DSS compliant partner, Stripe.

2. How We Use Your Information

We strictly use your data for operational obligations and continuous service improvement.

• To authenticate your identity when securely logging into the WandWeb Client Portal.
• To architect your custom web development, SEO strategies, or marketing campaigns based on your submitted prerequisites.
• To issue invoices, process Nav Point allocations, and deliver critical infrastructural status alerts.
• To mathematically analyze traffic flows to improve the user experience of our public-facing websites.

WandWeb will never sell your personal data or your client list to third-party data brokers.

3. Third-Party Sharing & Affiliates

We operate a strict minimalist policy regarding third-party sharing. Your data is only transmitted to external vendors when absolutely necessary to fulfill the operational technical requirements of your contract.

These trusted sub-processors include:

• Cloud Hosting Providers: Data centers (e.g., AWS, DigitalOcean, Vercel) that physically host your website code and database text.
• Payment Gateways: Specifically Stripe, to authorize and clear billing transactions.
• Analytics Networks: Endpoints like Google Analytics or PostHog to anonymously measure digital traffic.

If law enforcement agencies issue a legally binding subpoena or court order, we are obligated to surrender the requested data within the confines of Australian territorial law.

4. Infrastructural Security Measures

WandWeb deploys enterprise-grade security protocols to prevent unauthorized access or corporate data breaches.

• Encryption in Transit: All HTTP traffic moving between your browser and our servers is strictly tethered via TLS/SSL encryption certificates.
• Encryption at Rest: Sensitive database entries (such as User Passwords) are deeply hashed (e.g., bcrypt) rather than stored in raw plaintext.
• Access Limits: Only assigned project managers and authorized engineers are granted access to your project's raw source code or CRM profile.

Despite these rigorous standards, no system connected to the global internet is 100% impenetrable. By utilizing our services, you acknowledge the inherent risks of digital data transmission.