What this policy covers
- How does WHMCS collect information from you?
- What information does WHMCS collect?
- What information does WHMCS collect if you're under the age of 13?
- How does WHMCS use and store the information it collects?
- Where is your Personal Information stored?
- How does WHMCS disclose the Personal Information it collects?
- How does WHMCS protect Personal Information and other information about you?
How does WHMCS collect information from you?
WHMCS collects information from you when you send it to WHMCS directly by filling out forms on WHMCS' Website (including any application you may make for Services), corresponding with WHMCS by e-mail, writing to WHMCS by post, or speaking to WHMCS by telephone. WHMCS also collects information from you when you browse the Website and use the Service, as set out in detail below. Some of the methods WHMCS uses to collect data are automated and will take effect automatically as you navigate the Website and/or use the Service.
What information does WHMCS collect?
Personal information means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person ("Personal Information").
WHMCS may collect the following Personal Information from you: name, address, telephone number, postal address, e-mail address, IP address, information about the type of browser you use, your operating system, the screen resolution of your browser, your ISP, which pages you view on the Website and the time and duration of your visits to the Website, domain name, credit card number (in the case of direct customers), the balance of your Credits, payment history, order history, account ledger, and, if applicable, company name, postal address, telephone number, e-mail address, credit card number or tax ID number as well as similar information concerning technical contacts, marketing contacts, and executive contacts within your company or organization.
If you communicate with WHMCS, WHMCS may collect information relating to that communication whether it takes the form of e-mail, letter, forum posting, testimonials or any other form of communication between you and WHMCS or submitted by you to the Website (collectively, "User Communications").
WHMCS also collects data in a form that does not, on its own, permit direct association with any specific individual. WHMCS may collect, use, transfer, and disclose non-personal information for any purpose.
What information does WHMCS collect if you're under the age of 13?
WHMCS does not knowingly collect Personal Information about children under the age of 13. If WHMCS becomes aware that it has inadvertently collected Personal Information about children under the age of 13, it will take steps to delete the information as soon as possible, except where WHMCS is required by applicable law to keep it.
Where WHMCS knows a child is above the age of 13, but considered a minor under applicable law, WHMCS will obtain parental/guardian consent prior to using that child's Personal Information.
How does WHMCS use and store the information it collects?
As a general matter, WHMCS may use the Personal Information you disclose to WHMCS to improve and provide the Website, the Services and WHMCS' other products and services, and for the specific purpose that you gave WHMCS your Personal Information. More specific details on how WHMCS use your information follows below.
WHMCS may use Personal Information to create and authenticate your account, to process transactions you request, such as purchases from third parties offered by the Service, in order to perform any contract you have entered into with WHMCS, to provide you with customer and technical support and to communicate with you about your account and WHMCS' products and services.
The Personal Information you provide to WHMCS allows WHMCS to provide you with the newsletters and mailing lists that you have signed up for with WHMCS. If you do not want to be on WHMCS' mailing list, you can opt out at any time by changing your settings in your 'My Details' page within the client area.
WHMCS may also use Personal Information to offer, market or advertise to you WHMCS products and services. While such WHMCS products and services may reference, incorporate or include third party products and services, WHMCS will not use your Personal Information to independently offer, market or advertise third party products and services unless WHMCS first obtains your consent to do so.
From time to time, WHMCS may use your Personal Information to send important notices, such as important product updates and communications about purchases as well as changes to WHMCS' terms, conditions, and policies. Because this information is important for your interaction with WHMCS, you may not opt out of receiving these communications.
Where you consent to WHMCS doing so, WHMCS may use your Personal Information to send you direct marketing communications. Should you ever choose to 'opt out' of receiving such communications, WHMCS may retain your Personal Information on file to ensure that WHMCS does not continue to target you with communications of the type that you have asked WHMCS to cease sending to you.
In accordance with established policies and procedures, WHMCS will periodically destroy or erase any Personal Information that is no longer needed.
WHMCS may use User Communications in the same way as WHMCS uses Personal Information. If you communicate with WHMCS for a particular purpose, WHMCS may use your User Communications for that purpose. For example, if you contact WHMCS for technical support, WHMCS may use your communications to provide technical support to you.
WHMCS may use Server Information to provide you with technical support services and to maintain, evaluate, improve and provide WHMCS products and services. WHMCS may also use such information to investigate unlicensed (and therefore unauthorized) uses of WHMCS' software. Server Information will also be provided to third parties, as noted below, in order to provide the Services to you.
Where is your Personal Information stored?
How does WHMCS disclose the Personal Information it collects?
WHMCS cannot be responsible for protecting your Personal Information if you share such information in publicly available sections of the Website such as the user forums or testimonials section. You should use your own judgment in disclosing this information on the Website.
In the event that WHMCS is purchased by another company, merges with another company or has a substantial portion of its assets purchased by another company, WHMCS may share your Personal Information with that company. In such an event, WHMCS will notify you in accordance with the notice provisions of the TOS.
WHMCS may share your Personal Information with third parties as permitted or required by applicable law, by a court order or by another judicial or governmental request. WHMCS may also disclose your Personal Information if WHMCS determines that such disclosure is necessary to protect WHMCS' rights and remedies or is necessary for national security, law enforcement, or other issues of public importance. Such disclosures could take place in the context of an investigation or to prevent or take action against illegal activity, suspected fraud, situations involving potential threats to the physical safety of any person, violations of WHMCS' TOS, applicable EULAs or other WHMCS agreements, or as otherwise required by applicable law. Where this is the case WHMCS will endeavor to give you notice of such disclosures, to the extent that WHMCS is lawfully permitted to do so.
WHMCS may disclose your Personal Information to affiliated third parties that assist WHMCS in providing maintaining, evaluating, improving and providing the Website, the Services and any other WHMCS products and services. WHMCS may disclose your Personal Information to affiliated third parties for the purposes of offering, marketing or advertising WHMCS products and services to you (such WHMCS products and services may reference, incorporate or include third party products and services). In such an event, WHMCS will take reasonable measures to prevent such affiliated third parties from using your Personal Information for other purposes.
Cookies do this by storing information about your preferences on your device, including the device model, manufacturer, screen resolution, device capabilities, service provider, country and city location data. WHMCS uses the following types of cookies:
- Strictly necessary: These cookies enable WHMCS' Website to function correctly and deliver the services and products you have requested.
Your cookie choices.
For more information about what cookies are and your rights to control cookies, please visit the third party educational resource www.allaboutcookies.org.
WHMCS does not use web beacons.
How does WHMCS protect Personal Information and other information about you?
WHMCS takes reasonable steps to protect any Personal Information WHMCS collects about you. Additionally, WHMCS may supply you with tools to evaluate the strength of the password you select for the Website. No security measures are foolproof, and WHMCS cannot guarantee the security of your information other than to take reasonable steps to protect it. In the event that WHMCS becomes aware of a security breach, unauthorized disclosure or inadvertent disclosure concerning your information, you agree that WHMCS may notify you of such an event using the notice provisions of the TOS.
You are responsible for maintaining your account's security (as more specifically explained in the TOS).
For EU Individuals: Your Rights under the General Data Protection Regulation.
As an EU Data Subject you have a number of rights in relation to your Personal Information. These include your rights:
- To ask WHMCS to confirm what (if any) Personal Information WHMCS holds relating to you and how that data is processed and used by WHMCS (often referred to as a 'Subject Access Request');
- To have WHMCS rectify Personal Information which WHMCS holds about you that is inaccurate;
- To have WHMCS erase Personal Information which relates to you if it is no longer necessary for WHMCS to continue to process it, or if WHMCS has no lawful basis to store, process or retain it (though WHMCS does have rights to refuse these requests in certain situations);
- To object to WHMCS processing your Personal Information;
- To be informed about the existence of any automated decision making and profiling of your Personal Information, and where appropriate, be provided with meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing that affects you;
- To have WHMCS provide you with a copy of your Personal Information for transfer to an alternative provider of similar services.
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
Third party websites.
WHMCS' Website may, from time to time, contain links to and from the websites of WHMCS' partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that WHMCS does not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Information to these websites.
For EU and Swiss Individuals: Privacy Shield Notice for Personal Data Transfers to the United States
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, WHMCS is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to firstname.lastname@example.org. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to email@example.com.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
WHMCS's accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, WHMCS remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless WHMCS proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, WHMCS commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact WHMCS by email at firstname.lastname@example.org
WHMCS has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction