Privacy Policy

Effective date: September 27, 2025

1. Who we are

This Privacy Policy describes how Windows Protector (“we,” “our,” “us”) collects, uses, and shares personal information when the website and software are used. Contact: contact@windowsprotector.pages.dev.

2. Scope

This Policy applies to the website, checkout, license fulfillment, and the Windows Protector software, including automatic updates and security definition downloads.

3. Information collected

• Account and purchase data: email address, plan selection, country, transaction identifiers, payment status, tax details (e.g., VAT/GST numbers when provided).
• Payment data: processed by a third‑party payment processor (e.g., Stripe). Card details are not stored on Windows Protector systems.
• Product telemetry (minimal and security‑focused): installation success/failure, app version, operating system version, update status, license activation status, and non‑content threat indicators (e.g., hash reputation outcomes). Telemetry avoids collecting file contents or personal documents.
• Website data: standard logs, approximate location from IP for fraud prevention and tax, cookies for session and checkout, and optional analytics if enabled.
• Support data: messages, email address, and any information voluntarily provided in support requests.

4. How information is used

• To process orders, deliver license keys, and provide the Services.
• To detect and prevent fraud, abuse, and security incidents.
• To maintain and improve functionality, including updates and compatibility.
• To provide support, notices about changes, and important service communications.
• To meet legal, tax, and compliance obligations.

5. Legal bases (EEA/UK)

• Contract: to provide the purchased Services and fulfill the license.
• Legitimate interests: security, fraud prevention, service improvement, and analytics suited to minimal privacy impact.
• Consent: for optional cookies or communications where required.
• Legal obligation: record‑keeping, tax, and regulatory requirements.

6. Sharing of information

• Payment processing: third‑party processors such as Stripe handle payments and store card data.
• Email and delivery: email service providers used to send keys, receipts, and support replies.
• Cloud and infrastructure: hosting, storage, and security monitoring vendors under appropriate safeguards.
• Compliance and safety: disclosures required by law, legal process, or to protect rights and safety.
• Business transfers: in the event of a reorganization, merger, or sale, consistent with this Policy.

7. Cookies and similar technologies

Essential cookies are used for session, security, and checkout. Optional analytics or preference cookies may be used with consent where required. Browser settings can be adjusted to manage cookies, though disabling essential cookies may impair functionality.

8. Data retention

Personal information is retained for as long as needed to provide the Services and meet legal, tax, and accounting obligations. License and transaction records may be retained to prevent fraud and to honor warranty and refund policies.

9. Security

Administrative, technical, and physical measures appropriate to the nature of the data are used, including encryption in transit, access controls, and least‑privilege practices. No method of transmission or storage is completely secure.

10. International transfers

Where information is transferred outside the origin country or region, appropriate safeguards are used, such as standard contractual clauses or equivalent mechanisms, in accordance with applicable laws.

11. Rights and choices

• Access, correction, deletion, portability, and restriction/objection, subject to legal limits.
• Withdrawal of consent where processing is based on consent.
• Opt‑out of marketing communications at any time (service and transactional emails will still be sent).
• For California residents: the right to know, delete, correct, and opt‑out of certain sharing under applicable state laws.

12. Children’s privacy

The Services are not directed to children, and accounts should not be created by individuals under the age required by local law for consent to online services.

13. Do Not Track

Because no industry standard is consistent, Do Not Track signals are not responded to at this time.

14. Changes to this Policy

This Policy may be updated periodically. The “Effective date” will be revised when changes are made, and continued use after changes indicates acknowledgment of the updated Policy.

15. Contact

Data requests and privacy inquiries: contact@windowsprotector.pages.dev