1. Data Controller
Wynpakt LLC
Contact: [email protected]
2. Scope
This policy applies to data processed through wynpakt.com — our corporate website for B2B inquiries and operational communications. It does not cover data processed within our mobile applications or SaaS products. App-specific policies are provided separately with each product.
3. Data We Process
When you visit wynpakt.com or contact us, we may process:
- Server log data — IP address, browser type, referring URL, timestamp, and request path (automatically collected by our web server).
- Website analytics — anonymized page views, referrer URL, browser type, device type, approximate geographic region (derived from IP address), pages visited, scroll depth (25/50/75/100%), and interactions such as outbound link or mailto clicks (including link labels and mail subject lines where present in the link, but not full email addresses). We use Umami, a cookieless analytics service hosted at stats.wynpakt.com on EU-based infrastructure. Umami does not use advertising identifiers, cross-site tracking, or persistent third-party cookies.
- Contact communications — email address, name, and message content when you email us for project inquiries or operational briefings.
We do not use advertising trackers or marketing cookies on this website.
4. Purpose and Legal Basis
We process data to operate and secure our website, understand how visitors use our content (via privacy-friendly analytics), respond to B2B inquiries, and maintain business communications. Where applicable under the GDPR, processing is based on legitimate interests (Art. 6(1)(f) GDPR) and, for communications you initiate, steps prior to entering a contract (Art. 6(1)(b) GDPR).
For server logs and analytics, our legitimate interests are operating a secure website, detecting abuse, and understanding aggregate content usage. You may object to processing based on legitimate interests at any time (see section 7).
5. Hosting and Data Location
Our website is served from secured EU-based infrastructure. Server logs and Umami analytics data are stored within the European Union. Email you send to us is processed through our mail infrastructure; message content may be handled outside the EU depending on provider routing.
6. Retention
Server logs are retained for a limited period necessary for security and troubleshooting (typically up to 30 days), then deleted or anonymized. Umami analytics data is retained according to our Umami instance configuration (typically up to 24 months for aggregated statistics). Email correspondence is retained as long as required for business and legal purposes.
7. Your Rights
Depending on your location, you may have rights to access, rectify, erase, restrict, or object to processing of your personal data, and to data portability. Contact [email protected] to exercise these rights.
Where processing is based on legitimate interests (Art. 6(1)(f) GDPR), you have the right to object under Art. 21 GDPR. You may also lodge a complaint with a supervisory authority in your jurisdiction.
8. Automated Decision-Making
We do not use automated decision-making or profiling that produces legal or similarly significant effects.
9. Provision of Data
You are not legally required to provide personal data to use this website. Contact details are required only if you choose to email us.
10. No Sale of Data
We do not sell personal data. We do not share data with third parties except infrastructure providers necessary to operate this website and our self-hosted Umami analytics instance (stats.wynpakt.com).
11. Changes
We may update this policy when our practices change. The date above reflects the latest revision.