Privacy Policy
Last updated: December 29, 2024
At Wudo, we take your privacy seriously. This policy explains how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.
Quick Actions
We collect information you provide directly and information collected automatically:
Information You Provide
- Account Information: Email address, name, company name, password
- Payment Information: Billing address, payment method (processed by Stripe)
- Product Data: Product feeds, titles, descriptions, images you upload
- Communications: Support requests, feedback, survey responses
Information Collected Automatically
- Usage Data: Features used, optimization results, API calls
- Device Information: Browser type, operating system, IP address
- Cookies: Session cookies, preference cookies, analytics cookies
We use your information for the following purposes:
- Provide Services: Process your product feeds, generate optimizations, create blog content
- Improve Our Service: Analyze usage patterns to enhance features and performance
- Customer Support: Respond to inquiries and troubleshoot issues
- Billing: Process payments and manage subscriptions
- Security: Detect and prevent fraud, abuse, and security incidents
- Communications: Send service updates, product announcements (with consent)
- Legal Compliance: Meet regulatory requirements and respond to legal requests
Legal Basis (GDPR): We process data based on: contract performance, legitimate interests, legal obligations, and your consent where required.
We retain your data for as long as necessary to provide our services:
- Account Data: Retained while your account is active, deleted 30 days after account closure
- Product Data: Retained while your subscription is active, deleted 30 days after cancellation
- Optimization History: Retained for 12 months for A/B testing and analytics
- Payment Records: Retained for 7 years for tax and legal compliance
- Support Tickets: Retained for 3 years
- Analytics Data: Aggregated and anonymized after 26 months
Under GDPR and other privacy laws, you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your data ("right to be forgotten")
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
To exercise these rights, contact us at privacy@wudo.io. We will respond within 30 days.
You can export your data at any time from your dashboard settings. The export includes:
- Account information and preferences
- Product feeds and optimization history
- Generated blog content
- A/B test results and analytics
Data is provided in JSON and CSV formats. Large exports may take up to 24 hours to generate.
You can request deletion of your data in two ways:
- Account Deletion: Delete your account from dashboard settings. All data will be permanently removed within 30 days.
- Data Request: Email privacy@wudo.io with your request. We will process it within 30 days.
Note: Some data may be retained for legal compliance (e.g., payment records for tax purposes).
We share data only with trusted partners for specific purposes:
- Payment Processors: Stripe processes payments on our behalf
- Cloud Infrastructure: AWS/GCP for hosting and data storage
- AI Providers: OpenAI, Anthropic, Google for AI processing (data is not used for training)
- Analytics: Privacy-focused analytics for service improvement
We do not sell your personal data. We require all partners to maintain appropriate security measures and comply with applicable privacy laws.
We implement industry-standard security measures:
- Encryption in transit (TLS 1.3) and at rest (AES-256)
- Regular security audits and penetration testing
- Access controls and audit logging
- Employee security training
- Incident response procedures
In the event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by GDPR.
For privacy-related questions or to exercise your rights:
- Email: privacy@wudo.io
- Data Protection Officer: dpo@wudo.io
If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.
1. Data We Collect
We collect information you provide directly and information collected automatically:
Information You Provide
- Account Information: Email address, name, company name, password
- Payment Information: Billing address, payment method (processed by Stripe)
- Product Data: Product feeds, titles, descriptions, images you upload
- Communications: Support requests, feedback, survey responses
Information Collected Automatically
- Usage Data: Features used, optimization results, API calls
- Device Information: Browser type, operating system, IP address
- Cookies: Session cookies, preference cookies, analytics cookies
2. How We Use Your Data
We use your information for the following purposes:
- Provide Services: Process your product feeds, generate optimizations, create blog content
- Improve Our Service: Analyze usage patterns to enhance features and performance
- Customer Support: Respond to inquiries and troubleshoot issues
- Billing: Process payments and manage subscriptions
- Security: Detect and prevent fraud, abuse, and security incidents
- Communications: Send service updates, product announcements (with consent)
- Legal Compliance: Meet regulatory requirements and respond to legal requests
Legal Basis (GDPR): We process data based on: contract performance, legitimate interests, legal obligations, and your consent where required.
3. Data Retention
We retain your data for as long as necessary to provide our services:
- Account Data: Retained while your account is active, deleted 30 days after account closure
- Product Data: Retained while your subscription is active, deleted 30 days after cancellation
- Optimization History: Retained for 12 months for A/B testing and analytics
- Payment Records: Retained for 7 years for tax and legal compliance
- Support Tickets: Retained for 3 years
- Analytics Data: Aggregated and anonymized after 26 months
5. Your Rights (GDPR)
Under GDPR and other privacy laws, you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your data ("right to be forgotten")
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
To exercise these rights, contact us at privacy@wudo.io. We will respond within 30 days.
6. Export Your Data
You can export your data at any time from your dashboard settings. The export includes:
- Account information and preferences
- Product feeds and optimization history
- Generated blog content
- A/B test results and analytics
Data is provided in JSON and CSV formats. Large exports may take up to 24 hours to generate.
7. Delete Your Data
You can request deletion of your data in two ways:
- Account Deletion: Delete your account from dashboard settings. All data will be permanently removed within 30 days.
- Data Request: Email privacy@wudo.io with your request. We will process it within 30 days.
Note: Some data may be retained for legal compliance (e.g., payment records for tax purposes).
8. Data Sharing
We share data only with trusted partners for specific purposes:
- Payment Processors: Stripe processes payments on our behalf
- Cloud Infrastructure: AWS/GCP for hosting and data storage
- AI Providers: OpenAI, Anthropic, Google for AI processing (data is not used for training)
- Analytics: Privacy-focused analytics for service improvement
We do not sell your personal data. We require all partners to maintain appropriate security measures and comply with applicable privacy laws.
9. Data Security
We implement industry-standard security measures:
- Encryption in transit (TLS 1.3) and at rest (AES-256)
- Regular security audits and penetration testing
- Access controls and audit logging
- Employee security training
- Incident response procedures
In the event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by GDPR.
10. Contact Us
For privacy-related questions or to exercise your rights:
- Email: privacy@wudo.io
- Data Protection Officer: dpo@wudo.io
If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.