Privacy Policy

Effective Date: July 2025 Last Updated: July 2025

Introduction

This Privacy Policy ("Policy") governs the collection, processing, storage, and protection of personal and non-personal information by AddKPI.com ("Company", "We", "Us", or "Our").

The policy is designed to ensure transparency, compliance with global data protection regulations, and the highest standards of user privacy.

A. Legal Framework & Regulatory Compliance

This Policy is constructed to comply with, but not limited to:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Australian Privacy Principles (APP)
  • OECD Privacy Guidelines
  • International data protection best practices

1. Information Collection

1.1 Personal Information Categories

We collect the following personal information:

  • Identification Data: Full name, Company name, Contact information
  • Contact Information: Email addresses, Phone numbers
  • Financial and Transactional Data: This data is collected by Stripe via PayHip
  • Technical and Usage Data: IP addresses, Device identifiers, Browser type/version, Operating system, Geolocation data, Website interaction logs, Cookie data, Session duration.
  • Professional Profile Information: Industry sector, Company size, KPI maturity level, Specific KPI interests, Professional qualifications.

1.2 Information Collection Methods

  • Direct user submissions & Automated website tracking
  • Purchase transactions & Customer support interactions
  • Preview and template interaction
  • Third-party service providers & Public professional databases
  • Cookies and similar tracking technologies

1.3 Sensitive Information

We do NOT intentionally collect: Racial or ethnic origin, Political opinions, Religious beliefs, Trade union membership, Genetic data, Biometric data, Health information, or Sexual orientation.

2. Purpose of Data Processing

2.1 Primary Purposes

  • Facilitate digital product purchases
  • Provide customer support & Manage user accounts
  • Process payments & Deliver purchased templates
  • Communicate product updates

2.2 Secondary Purposes

  • Website performance optimization & User experience improvement
  • Fraud prevention & Compliance with legal obligations
  • Marketing communications (with explicit consent)
  • Product development research

3. Data Storage and Retention

  • Storage Locations: Secure cloud infrastructure, Geographically distributed data centers, Encrypted database systems.
  • Retention Periods: Transactional data (7 years), User account data (Active lifetime + 2 years), Communication logs (3 years), Technical logs (1 year).
  • Data Deletion: Users can request complete data deletion. Automatic deletion upon account closure occurs, except for minimal data retained for legal compliance.

4. Data Protection Mechanisms

4.1 Technical Safeguards

  • 256-bit SSL encryption & Multi-factor authentication
  • Regular security audits & Intrusion detection systems
  • Secure data transmission protocols & Vulnerability assessments

4.2 Organizational Safeguards

  • Limited employee data access & Mandatory privacy training
  • Non-disclosure agreements & Strict access control protocols
  • Regular compliance reviews

5. User Rights

You have the following rights regarding your data:

  • Right to Access: Request copy of personal data & understand processing activities.
  • Right to Correction: Update inaccurate information & supplement existing data.
  • Right to Deletion: Request erasure (the "Right to be Forgotten").
  • Right to Data Portability: Receive data in structured, machine-readable format.
  • Right to Restrict Processing: Limit specific usage or pause usage under certain conditions.

6. Third-Party Data Sharing

We share minimal data only with authorized partners: Payment processors (Stripe), Cloud service providers, Customer support platforms, Analytics services, and Legal/regulatory authorities. We never sell your personal information.

7. International Data Transfers

Transfers to countries occur only with adequate protection, standard contractual clauses, and encryption during transit in compliance with international regulations.

8. Cookies and Tracking

We use strictly necessary, performance, functional, and marketing cookies. User consent is required, and you have the ability to modify preferences at any time.

9. Marketing Communications

Explicit opt-in is required for marketing (product updates, educational content, special offers). We provide an easy opt-out mechanism and do not send unsolicited communications.

10. Children's Privacy

Our services are not intended for minors.

11. Updates to Privacy Policy

This policy may be updated periodically. Users will be notified of significant changes. Continued use of our site implies acceptance of the updated policy.

12. Privacy Contact

For any privacy-related inquiries, please contact our Data Protection Officer at:

privacy@AddKPI.com

13. Governing Jurisdiction

The primary jurisdiction for this policy is England and Wales, governed by applicable data protection laws and dispute resolution mechanisms.