WHMCS Marketplace Privacy Policy

What this policy covers

WHMCS LLC ("WHMCS") respects and values your privacy. That's why WHMCS has established this Privacy Policy (referred to as the "Privacy Policy" herein) - so that WHMCS can disclose what information WHMCS collects about you and how WHMCS uses, stores and discloses such information. WHMCS wants to help you make an informed decision about whether or not to share your information with WHMCS.

WHMCS reserves the right to revise, modify, add or remove provisions to this Privacy Policy at any time. In the event that WHMCS does so, WHMCS will notify you in accordance with the notice provisions of WHMCS' Marketplace Terms of Service (TOS). Take note of the 'Last Updated' date listed at the foot of this Privacy Policy. If WHMCS makes changes to this Privacy Policy, WHMCS will update that date to notify you of the date of such changes. By continuing to use marketplace.whmcs.com (the"Website") after receiving notice of the updated Privacy Policy, you acknowledge that you have read and understand the revised Privacy Policy.

Capitalized terms in this Privacy Policy have the meaning given to such terms in WHMCS' TOS. This Privacy Policy supplements, but does not replace, any other agreements or policies applicable to you, including our TOS located [here] or the agreements of the service providers offered through the WHMCS MarketConnect service (the “Service”). It is important to know that service providers offered through the Service will have their own privacy policies, and that those privacy policies may differ from those of WHMCS. WHMCS is affiliated with WHMCS Ltd. Personal Information will be shared between these parties.

How does WHMCS collect information from you?

WHMCS collects information from you when you send it to WHMCS directly by filling out forms on WHMCS' Website (including any application you may make for Services), corresponding with WHMCS by e-mail, writing to WHMCS by post, or speaking to WHMCS by telephone. WHMCS also collects information from you when you browse the Website and use the Service, as set out in detail below. Some of the methods WHMCS uses to collect data are automated and will take effect automatically as you navigate the Website and/or use the Service.

What information does WHMCS collect?

Personal Information.

Personal information means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person ("Personal Information").

WHMCS may collect the following Personal Information from you: name, address, telephone number, postal address, e-mail address, IP address, information about the type of browser you use, your operating system, the screen resolution of your browser, your ISP, which pages you view on the Website and the time and duration of your visits to the Website, domain name, credit card number (in the case of direct customers), the balance of your Credits, payment history, order history, account ledger, and, if applicable, company name, postal address, telephone number, e-mail address, credit card number or tax ID number as well as similar information concerning technical contacts, marketing contacts, and executive contacts within your company or organization.

User Communications.

If you communicate with WHMCS, WHMCS may collect information relating to that communication whether it takes the form of e-mail, letter, forum posting, testimonials or any other form of communication between you and WHMCS or submitted by you to the Website (collectively, "User Communications").

Non-Personal Information.

WHMCS also collects data in a form that does not, on its own, permit direct association with any specific individual. WHMCS may collect, use, transfer, and disclose non-personal information for any purpose.

What information does WHMCS collect if you're under the age of 13?

WHMCS does not knowingly collect Personal Information about children under the age of 13. If WHMCS becomes aware that it has inadvertently collected Personal Information about children under the age of 13, it will take steps to delete the information as soon as possible, except where WHMCS is required by applicable law to keep it.

Where WHMCS knows a child is above the age of 13, but considered a minor under applicable law, WHMCS will obtain parental/guardian consent prior to using that child's Personal Information.

How does WHMCS use and store the information it collects?

As a general matter, WHMCS may use the Personal Information you disclose to WHMCS to improve and provide the Website, the Services and WHMCS' other products and services, and for the specific purpose that you gave WHMCS your Personal Information. More specific details on how WHMCS use your information follows below.

WHMCS may use Personal Information to create and authenticate your account, to process transactions you request, such as purchases from third parties offered by the Service, in order to perform any contract you have entered into with WHMCS, to provide you with customer and technical support and to communicate with you about your account and WHMCS' products and services.

The Personal Information you provide to WHMCS allows WHMCS to provide you with the newsletters and mailing lists that you have signed up for with WHMCS. If you do not want to be on WHMCS' mailing list, you can opt out at any time by changing your settings in your 'My Details' page within the client area.

WHMCS may also use Personal Information to offer, market or advertise to you WHMCS products and services. While such WHMCS products and services may reference, incorporate or include third party products and services, WHMCS will not use your Personal Information to independently offer, market or advertise third party products and services unless WHMCS first obtains your consent to do so.

From time to time, WHMCS may use your Personal Information to send important notices, such as important product updates and communications about purchases as well as changes to WHMCS' terms, conditions, and policies. Because this information is important for your interaction with WHMCS, you may not opt out of receiving these communications.

WHMCS may also use your Personal Information for any other legal purpose stated in this Privacy Policy, and any other purpose for which you have given WHMCS express consent.

Where you consent to WHMCS doing so, WHMCS may use your Personal Information to send you direct marketing communications. Should you ever choose to 'opt out' of receiving such communications, WHMCS may retain your Personal Information on file to ensure that WHMCS does not continue to target you with communications of the type that you have asked WHMCS to cease sending to you.

WHMCS limits the use of Personal Information to the purposes identified in this Privacy Policy and for which you have provided explicit consent. In accordance with established policies and procedures, WHMCS retains Personal Information only for as long as necessary to fulfill the stated purposes, unless it is required by law for a different period or WHMCS has the consent of the individual.

In accordance with established policies and procedures, WHMCS will periodically destroy or erase any Personal Information that is no longer needed.

WHMCS may use User Communications in the same way as WHMCS uses Personal Information. If you communicate with WHMCS for a particular purpose, WHMCS may use your User Communications for that purpose. For example, if you contact WHMCS for technical support, WHMCS may use your communications to provide technical support to you.

WHMCS may use Server Information to provide you with technical support services and to maintain, evaluate, improve and provide WHMCS products and services. WHMCS may also use such information to investigate unlicensed (and therefore unauthorized) uses of WHMCS' software. Server Information will also be provided to third parties, as noted below, in order to provide the Services to you.

Where is your Personal Information stored?

WHMCS IS A GLOBAL COMPANY. YOUR PERSONAL INFORMATION WILL NOT NECESSARILY BE HELD IN THE EUROPEAN ECONOMIC AREA ("EEA"). PERONAL DATA WILL BE TRANSFERRED TO AND STORED AT OUR U.S. OFFICE AND ASSOCIATED DATACENTERS AND BY ACCEPTING OUR TOS, YOU ARE EXPLICITLY CONSENTING TO THIS TRANSFER AND STORAGE TAKING PLACE. WE WILL TAKE ALL STEPS REASONABLY NECESSARY TO ENSURE THAT YOUR PERSONAL INFORMATION IS TREATED SECURELY AND IN ACCORDANCE WITH THIS PRIVACY POLICY.

How does WHMCS disclose the Personal Information it collects?

Except as disclosed in this Privacy Policy, WHMCS does not share your Personal Information with unaffiliated third parties other than as set out in this Privacy Policy. WHMCS will never disclose your Personal Information to an unaffiliated third party for the purposes of e-mail or other marketing unless WHMCS first obtains your consent to do so.

WHMCS cannot be responsible for protecting your Personal Information if you share such information in publicly available sections of the Website such as the user forums or testimonials section. You should use your own judgment in disclosing this information on the Website.

In the event that WHMCS is purchased by another company, merges with another company or has a substantial portion of its assets purchased by another company, WHMCS may share your Personal Information with that company. In such an event, WHMCS will notify you in accordance with the notice provisions of the TOS.

WHMCS may share your Personal Information with third parties as permitted or required by applicable law, by a court order or by another judicial or governmental request. WHMCS may also disclose your Personal Information if WHMCS determines that such disclosure is necessary to protect WHMCS' rights and remedies or is necessary for national security, law enforcement, or other issues of public importance. Such disclosures could take place in the context of an investigation or to prevent or take action against illegal activity, suspected fraud, situations involving potential threats to the physical safety of any person, violations of WHMCS' TOS, applicable EULAs or other WHMCS agreements, or as otherwise required by applicable law. Where this is the case WHMCS will endeavor to give you notice of such disclosures, to the extent that WHMCS is lawfully permitted to do so.

WHMCS may disclose your Personal Information to affiliated third parties that assist WHMCS in providing maintaining, evaluating, improving and providing the Website, the Services and any other WHMCS products and services. WHMCS may disclose your Personal Information to affiliated third parties for the purposes of offering, marketing or advertising WHMCS products and services to you (such WHMCS products and services may reference, incorporate or include third party products and services). In such an event, WHMCS will take reasonable measures to prevent such affiliated third parties from using your Personal Information for other purposes.

Does WHMCS use cookies and web beacons?

Cookies.

Yes, WHMCS uses cookies to distinguish you from other users of the Website and to improve your overall experience. When you use the Website, certain information may be stored locally on your device using 'cookies' or similar technologies such as objects stored in the device's local storage. A cookie is a small text file used to store limited information about the user of the device. They help WHMCS to identify how WHMCS' users use the Website, and so that WHMCS can continue to develop and improve it.

Cookies do this by storing information about your preferences on your device, including the device model, manufacturer, screen resolution, device capabilities, service provider, country and city location data. WHMCS uses the following types of cookies:

  • Strictly necessary: These cookies enable WHMCS' Website to function correctly and deliver the services and products you have requested.
  • Performance & Functionality: These cookies are used to enhance the performance and functionality of WHMCS' Website but are non-essential to their use (for example, WHMCS uses cookies to remember your preferences on the Website). However, without these cookies, certain functionality may become unavailable.
  • Analytical: These cookies collect information that is used either in aggregate form to help WHMCS understand how the Website is being used or to help WHMCS customize the Website for you. In particular, WHMCS uses the Google analytics cookies. For more information about Google's privacy policy, please visit https://policies.google.com/. If you do not wish to allow the use of Google Analytics cookies at all, Google provides an opt-out plug-in for most common website browsers https://tools.google.com/dlpage/gaoptout.

By using the Service, you accept the use of cookies in accordance with this Privacy Policy.

Your cookie choices.

You have the right to choose whether to accept or refuse cookies and similar technologies. You can exercise this choice by not accepting the TOS and this Privacy Policy, however, please note that if you choose to do so, you will not be able to use the Service.

For more information about what cookies are and your rights to control cookies, please visit the third party educational resource www.allaboutcookies.org.

Web beacons.

WHMCS does not use web beacons.

How does WHMCS protect Personal Information and other information about you?

WHMCS takes reasonable steps to protect any Personal Information WHMCS collects about you. Additionally, WHMCS may supply you with tools to evaluate the strength of the password you select for the Website. No security measures are foolproof, and WHMCS cannot guarantee the security of your information other than to take reasonable steps to protect it. In the event that WHMCS becomes aware of a security breach, unauthorized disclosure or inadvertent disclosure concerning your information, you agree that WHMCS may notify you of such an event using the notice provisions of the TOS.

You are responsible for maintaining your account's security (as more specifically explained in the TOS).

For EU Individuals: Your Rights under the General Data Protection Regulation.

As an EU Data Subject you have a number of rights in relation to your Personal Information. These include your rights:

  • To ask WHMCS to confirm what (if any) Personal Information WHMCS holds relating to you and how that data is processed and used by WHMCS (often referred to as a 'Subject Access Request');
  • To have WHMCS rectify Personal Information which WHMCS holds about you that is inaccurate;
  • To have WHMCS erase Personal Information which relates to you if it is no longer necessary for WHMCS to continue to process it, or if WHMCS has no lawful basis to store, process or retain it (though WHMCS does have rights to refuse these requests in certain situations);
  • To object to WHMCS processing your Personal Information;
  • To be informed about the existence of any automated decision making and profiling of your Personal Information, and where appropriate, be provided with meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing that affects you;
  • To have WHMCS provide you with a copy of your Personal Information for transfer to an alternative provider of similar services.

You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.

Third party websites.

WHMCS' Website may, from time to time, contain links to and from the websites of WHMCS' partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that WHMCS does not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Information to these websites.

For EU and Swiss Individuals: Privacy Shield Notice for Personal Data Transfers to the United States

WHMCS complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland transferred to the United States pursuant to Privacy Shield. WHMCS has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy or our Terms of Service, and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, WHMCS is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to privacy@whmcs.com. If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@whmcs.com.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

WHMCS's accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, WHMCS remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless WHMCS proves that it is not responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, WHMCS commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact WHMCS by email at privacy@whmcs.com

WHMCS has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction

What if you have questions, comments or complaints about this Privacy Policy?

Please feel free to direct any questions, comments or complaints regarding this Privacy Policy using the contact information listed in the Notices section of the TOS. It is WHMCS' policy to investigate and attempt to resolve all formal written complaints WHMCS receives concerning this Privacy Policy. WHMCS will cooperate with appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that cannot be resolved between WHMCS and an individual.

With effect from May 25, 2018 the General Data Protection Regulation (GDPR) enters force. Your rights under that new regulation are explained at https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/. Details of how you can exercise those rights are set out in 'Your Rights'. WHMCS has largely factored GDPR into this Privacy Policy but if you think WHMCS has failed to do so in any way, please notify WHMCS at privacy@whmcs.com. To the extent that aspects of this Privacy Policy must be interpreted under the GDPR as implemented in national law, that interpretation shall be undertaken subject to the laws of the Republic of Ireland.


Last Updated: 19th June 2018