Privacy & Cookies Policies

Acceptable Use Policy

Applies to all Easy CMS Products

We want the Easy CMS platform to be safe, lawful, and respectful for everyone.

Prohibited Content and Activities

• Pornographic, racist, defamatory, or otherwise illegal content.
• Copyrighted material without the explicit written permission of the rights holder.
• Images where individuals can be clearly identified in the foreground without their explicit consent.
• Advertising, promoting, or organizing illegal gatherings or events.
• Using the system for any type of sales or commercial transactions not authorized by JWBIZ. We have separate ecommerce options available. Contact us for more information.
• Harassment, threats, or content intended to bully or intimidate others.
• Impersonating someone else or misleading users about your identity or affiliation.
• Publishing sensitive personal information about third parties without consent.
• Sending spam, phishing, or other unsolicited communications.

Enforcement:

• Any attempt to create web pages or use the system in violation of these rules may result in immediate account suspension or termination.
• Refunds will only be withheld where permitted by UK law; statutory consumer rights are not affected.
• We actively monitor content and will act promptly to remove or disable access to illegal or prohibited material.

Eligibility:

• Users must be 18 years or older to use any JWBIZ CMS platform.
• These terms are governed by the laws of the United Kingdom, and any disputes will be dealt with accordingly.
• By completing your purchase, or by accepting a free trial, you agree to this Acceptable Use Policy.

Privacy Policy

JWBIZ Ltd (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by JWBIZ Ltd.

For the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018, JWBIZ Ltd of 4, Ynys Bridge Court Cardiff CF15 9SS United Kingdom is the Data Controller. Registered company number: 14179078. If you have any questions about this policy or how we process your personal data you can contact our Data Protection Officer via our contact page: https://jwbiz.com/contact.

This Privacy Policy applies to our website, its associated subdomains (collectively, our “Service”), and any related services or applications offered by JWBIZ Ltd. By accessing or using our Service you agree to the collection, storage, use and disclosure of your personal data as described in this Privacy Policy and our Terms & Conditions.

Definitions and key terms

To help explain things as clearly as possible in this Privacy Policy, these terms are defined as:

• Cookie: a small amount of data generated by a website and saved by your web browser, used to identify your browser and remember preferences.
• Company: when this policy mentions “Company,” “we,” “us,” or “our,” it refers to JWBIZ Ltd & Address, United Kingdom, which is responsible for your personal data under this Privacy Policy.
• Country: the United Kingdom.
• Customer: the company, organisation or person that signs up to use the JWBIZ Ltd Service.
• Device: any internet-connected device used to access the Service (phone, tablet, computer, etc.).
• IP address: an Internet Protocol address assigned to devices when connected to the internet; it may indicate approximate location.
• Personnel: employees, contractors or agents of JWBIZ Ltd.
• Personal Data: any information relating to an identified or identifiable natural person.
• Service: the service provided by JWBIZ Ltd as described on this platform.
• Third-party service: advertisers, partners, vendors and other providers that supply content, functionality or services.
• Website: JWBIZ Ltd's site at https://jwbiz.com/
• You: a person or entity registered with JWBIZ Ltd to use the Services, or otherwise visiting the Website.

What Information Do We Collect?

We collect information from you when you visit our website, register, place an order, subscribe to a newsletter, respond to a survey, contact support or otherwise interact with our Service.

• Name / Username
• Phone numbers
• Email addresses
• Mailing / billing addresses
• Job titles
• Payment details (processed by our payment providers)
• Account credentials (passwords are stored hashed as described below)
• Usage and analytics data (pages visited, device and browser information, IP address)
• Any content you submit in communications or via the Service (e.g. support tickets, messages)

Our Legal Bases for Processing

Under the UK GDPR we must have a lawful basis to process personal data. We rely on the following bases depending on the activity:

• Contract – to perform our contract with you (e.g. creating and managing your account, processing orders, providing the Service).
• Consent – where you have given explicit consent (e.g. marketing communications, non-essential cookies and targeted advertising).
• Legal obligation – where processing is necessary to comply with a legal obligation (e.g. tax, accounting, regulatory reporting).
• Legitimate interests – where necessary for our (or a third party’s) legitimate interests and where your rights do not override those interests (e.g. fraud prevention, site analytics, improving the Service, direct marketing in accordance with applicable law).

How Do We Use The Information We Collect?

We may use the information we collect for the following purposes (with the lawful basis in parentheses):

• To provide and manage your account, deliver the Service and respond to requests (Contract).
• To process payments, refunds and fulfil orders (Contract / Legal obligation).
• To communicate with you about your account, purchases, updates and support (Contract / Legitimate interest).
• To personalise and improve the Website and Services, and to run analytics (Legitimate interest / Consent where required).
• To send newsletters and marketing communications if you have opted-in (Consent).
• To detect, prevent and investigate fraud or other illegal activity (Legitimate interest / Legal obligation).
• To comply with legal or regulatory obligations (Legal obligation).

Marketing Communications & Targeted Advertising

We will only send marketing communications where you have given consent or where we have another lawful basis permitted by law. Where required by law (including the Privacy and Electronic Communications Regulations – PECR), we will obtain your prior consent before sending direct marketing by email, SMS or similar channels.

If you have opted-in to targeted advertising (for example, Facebook custom audiences), we will only use your data for that purpose with your explicit consent. You can withdraw consent or opt out of marketing at any time by clicking the unsubscribe link in any marketing email or by contacting us.

Do we share the information we collect with third parties?

We may share personal and non-personal information with third parties in the following circumstances:

• With service providers and processors who perform services on our behalf (e.g. hosting, payment processing, email delivery, analytics). We require such processors to act only on our instructions and to maintain appropriate technical and organisational measures (we enter Data Processing Agreements where required).
• With our affiliates and corporate group companies for the purposes described in this policy.
• With advertisers or marketing partners, but only where you have provided consent for such sharing or as otherwise permitted by law.
• When we believe disclosure is necessary to comply with a legal obligation, respond to legal process, enforce our Terms of Service, or protect the rights, property or safety of JWBIZ Ltd, our customers or others.
• In connection with a merger, sale, reorganisation, financing, acquisition, or transfer of company assets — in which case personal data may be transferred to the buyer subject to confidentiality and adherence to this Privacy Policy.

We may also share aggregated or de-identified information that does not identify any individual.

When does JWBIZ Ltd use end user information from third parties?

End users may voluntarily provide us with information they have made available on social media. If you provide us with such information, we may collect it and use it consistent with this Policy. You can control what social media platforms share by adjusting privacy settings on those platforms.

When does JWBIZ Ltd use customer information from third parties?

We may receive some information from third parties when you contact us (for example, fraud detection providers), and we may periodically obtain information that is publicly available or provided through integrations. We will only use such third-party information as permitted by law and this Policy.

Where and when is information collected from customers and end users?

We collect personal information you provide directly and automatically when you use our Services (e.g. account creation, purchases, browsing, customer support interactions). We may also obtain personal information from third-party sources as described above.

How Do We Use Your Email Address?

By submitting your email address on this website you agree to receive emails from us consistent with the permissions you grant. You can unsubscribe from marketing lists at any time by using the unsubscribe link included in our emails, or by contacting us. Transactional emails related to your account or orders will continue to be sent if necessary to perform our contract with you.

How Long Do We Keep Your Information?

We retain personal data only for as long as necessary to provide the Service, to fulfill the purposes described in this Policy, and to comply with legal, tax and accounting obligations. General retention guidelines (which may vary by data type):

• Account and transactional data: retained for the duration of the business relationship and typically up to 6 years after the last activity (to satisfy contractual, tax and legal obligations).
• Marketing preferences: retained until you withdraw consent or opt-out.
• Support and communications: retained for as long as required to resolve issues and for reasonable archival purposes (commonly up to 6 years).
• If you delete your account, we will delete or anonymise your personal data within 60 days where technically possible, except for data we must retain for legal or legitimate business reasons (e.g. tax records), which will be retained in accordance with the limits above. Backups may persist for a limited additional period (typically up to 90 days) until overwritten.

How Do We Protect Your Information?

We implement appropriate technical and organisational measures to protect personal data from accidental loss, misuse, unauthorised access, disclosure, alteration or destruction. These measures include HTTPS/TLS for data in transit, access controls, and industry standard encryption for sensitive data. Passwords are stored using secure hashing.

However, no system is completely secure and we cannot guarantee absolute security. If a data breach affects your personal data we will comply with our legal obligations to notify you and the Information Commissioner's Office where required.

Could my information be transferred to other countries?

We are incorporated in the United Kingdom. Personal data collected via our Website or Service may be processed or hosted in countries outside the UK. Where we transfer data outside the UK we will ensure a lawful transfer mechanism is in place (for example, an adequacy decision or UK-approved Standard Contractual Clauses) to protect your personal data in accordance with the UK GDPR.

Is the information collected through the JWBIZ Ltd Service secure?

We take reasonable steps to protect your information through technical and organisational controls (see above). However, because perfect security does not exist, we cannot guarantee that your data will never be breached. If applicable law imposes non-disclaimable duties, we will meet those duties in good faith and with reasonable care.

Can I update or correct my information?

Yes. You have the following rights under the UK GDPR (subject to certain exemptions):

• Right of access – obtain confirmation of processing and a copy of your personal data.
• Right to rectification – correct inaccurate or incomplete data.
• Right to erasure – request deletion of your personal data in certain circumstances.
• Right to restrict processing – in limited circumstances.
• Right to data portability – receive your data in a structured, commonly used format.
• Right to object – object to processing based on legitimate interests or direct marketing.
• Right to withdraw consent – where processing is based on your consent.

To exercise any of these rights please contact us via our contact page. We will take reasonable steps to verify your identity before responding to requests. We aim to respond to verifiable requests within one month (or longer where permitted by law and we notify you of any extension).

If you are not satisfied with our response, you have the right to complain to the UK supervisory authority, the Information Commissioner's Office (ICO): https://ico.org.uk.

Personnel

If you are a worker, applicant or contractor, we collect information you voluntarily provide for recruitment and HR purposes. We use such information for recruitment, payroll, benefits, background checks and statutory obligations. You can request access, correction or deletion of your employment-related personal data in line with the rights described above.

Sale of Business

We may disclose personal information to a prospective purchaser (and their advisers) in connection with a sale, reorganisation, merger, consolidation, change of control, financing, or acquisition of JWBIZ Ltd or its assets. Any transferee will be required to adhere to this Privacy Policy.

Affiliates

We may disclose information (including personal information) about you to our Corporate Affiliates. Any Corporate Affiliate will process personal information in accordance with this Privacy Policy and applicable law.

Governing Law

This Privacy Policy is governed by the laws of the United Kingdom. Any dispute arising from or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of England and Wales (unless otherwise required by applicable mandatory law).

Your Consent

By using our Website, registering an account, or making a purchase you consent to this Privacy Policy. Where required, you will be asked to provide explicit consent for specific processing activities (for example, marketing and non-essential cookies), and you can withdraw that consent at any time.

Links to Other Websites

This Privacy Policy applies only to our Services. Our Website may contain links to external sites operated by third parties. We are not responsible for the privacy practices of other sites — please review their policies before providing personal data.

Cookies & Tracking Technologies

We use cookies and similar technologies to operate our websites, improve performance, and—where you consent—deliver personalised content and advertising.

Details about the cookies we use are provided in the cookie banner on our main website and in the Cookie Policy pages in sub domains. You can manage your preferences in the cookie banner on the relevant website.

When you first visit the Website we will present a cookie banner (or equivalent control) explaining cookie categories and allowing you to accept or decline non-essential cookies. You can change cookie preferences at any time through your browser settings or via our cookie preference centre (if provided).

Local Storage

Local Storage (DOM storage) may be used to store client-side data such as preferences. This is separate from cookies and may be controlled through your browser settings.

Sessions

We use session data to identify and maintain your logged-in state while you use the Website. Session cookies typically expire when you close your browser.

Blocking and disabling cookies and similar technologies

You can block cookies using your browser settings. Blocking cookies may prevent some features of the Website from functioning correctly. Disabling or deleting cookies does not remove information held by third parties such as analytics providers; you should consult those providers’ policies for opt-out instructions.

Payment Details

We do not store unencrypted payment card data on our servers. Payment card processing is performed by our authorised payment processors; please refer to their privacy policies for details. All payment processing is conducted under appropriate security controls (including TLS/SSL and industry-standard measures).

Children's Privacy

Our Service is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe your child under 13 has provided personal information to us, please contact us and we will take steps to remove such information. Parents and guardians may contact us to request deletion of a child’s data.

Changes To Our Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. If we make material changes we will notify you via the Website or by other means prior to the changes taking effect. Continued use of the Service after the updated Policy comes into force indicates acceptance of the changes.

Third-Party Services

We may display or provide links to third-party content, products or services. We are not responsible for the practices, accuracy or completeness of any third-party content. Use of third-party services is at your own risk and subject to the third party’s terms and privacy policy.

Tracking Technologies

Cookies

(See the Cookies section above.)

Local Storage

(See the Local Storage section above.)

Sessions

(See the Sessions section above.)

Information about UK General Data Protection Regulation (UK GDPR)

If you are located in the UK (or your data originates in the UK), this section explains how UK GDPR applies. UK GDPR gives individuals greater control over their personal data and imposes obligations on organisations that process personal data.

What is personal data?

Personal data is any information that relates to an identifiable individual, whether direct (name, email) or indirect (IP address, device identifiers). Special category data (sensitive data) such as health, racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data and sexual orientation require additional protections and we will only process such data where lawful and strictly necessary.

Why is GDPR / UK GDPR important?

UK GDPR sets legal standards for personal data protection and increases rights and remedies for individuals. We follow UK GDPR principles (lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality) in our operations.

Individual Data Subject Rights – Access, Portability and Deletion

We aim to help customers meet their obligations to data subjects. In general we retain conversation and service data for up to 6 years where necessary for contractual, accounting, or legal reasons. If you request deletion or account closure we will comply within 60 days where technically feasible, except for information we are required to retain by law or for legitimate business reasons (see Retention section). If we cannot comply with a request we will explain why and outline any lawful reasons for refusal.

California Residents (CCPA)

This section applies to residents of California. The California Consumer Privacy Act (CCPA) provides California residents with specific rights regarding their personal information. These include the right to know what categories of personal information are collected, the right to request deletion, the right to opt-out of sale of personal information and the right to non-discrimination for exercising privacy rights.

We do not sell the Personal Information of our users. If you are a California resident and wish to exercise your CCPA rights, please contact us.. We will respond to verified requests in accordance with applicable law.

California Online Privacy Protection Act (CalOPPA)

CalOPPA requires that websites disclose certain information regarding how they respond to “Do Not Track” signals and provide a privacy policy that discloses the categories of information collected and how such information is used. Our policy discloses categories of personal information we collect and how we use it. We do not currently respond to browser Do Not Track signals; however, you can opt out of analytics and marketing cookies through our cookie controls.

Contact Us

Don't hesitate to contact us if you have any questions or wish to exercise your rights.