Privacy Policy

1.1 Purpose of This Privacy Notice

This privacy notice provides detailed information about how Wepremium collects and processes your personal data through your use of our website, client portal, and services. It explains your privacy rights and how the law protects you. Our commitment to transparency means we aim to be clear about our data practices while ensuring your information remains secure. This website and our services are not intended for children under 18 years old, and we do not knowingly collect data relating to children.

1.2 About Wepremium

Wepremium SARL is a professional web design and development agency registered in Morocco. We specialize in creating custom websites, WordPress development, UX/UI design, and comprehensive website maintenance services. In terms of your personal data, we act as both a data controller (when deciding how to process your data) and a data processor (when processing data on behalf of our clients). Our commitment to professional excellence extends to how we handle your information, ensuring it receives the highest level of protection throughout our relationship.

1.3 Regulatory Compliance

We operate primarily under Morocco's Data Protection Law 09-08, which provides the framework for how we handle personal data. Additionally, we align our practices with international data protection standards, including GDPR principles, to ensure comprehensive data protection for all our clients, whether local or international. We regularly review and update our practices to maintain compliance with these evolving regulations.

1.4 Contact Details

Company: Wepremium SARL
Registered office address: Av Annasr Hay Foum Oulik Mdiq
RC: 37557 Tetouan
Patente: 52004785
IF: 66272416
ICE: 003370151900027
Email: contact@wepremium.com
Website: wepremium.com

For any questions about this privacy notice or our data protection practices, please email us at contact@wepremium.com or write to our registered office address.

2.1 Website Visitor Data

When you visit our website, we automatically collect certain technical information necessary for providing you with the best possible experience. This includes basic technical data that your browser sends us, such as your IP address, browser specifications, time zone settings, and operating system details. We also gather information about how you interact with our website, including which pages you visit, the links you click, and the duration of your visit. This information helps us understand how visitors use our website and allows us to make improvements to better serve your needs.

2.2 Client Information

For clients who engage our services, we collect information necessary to establish and maintain our professional relationship. This includes your contact details, business information, and any specific requirements related to your project. During our business relationship, we may collect additional information through our communications, project management systems, and service delivery processes. While we collect transaction data for billing purposes, we prioritize your security by never storing complete payment card details, instead relying on secure payment processing partners for financial transactions.

2.3 Website Content and Assets

As part of our web development services, we collect and process the content you provide for your website project. This includes textual content, images, videos, branding materials, and any other media files necessary for creating your website. We maintain secure backups of this content as part of our service commitment, ensuring your valuable assets are protected and readily available when needed. All content is handled with strict confidentiality and used solely for the purpose of delivering our agreed services.

2.4 Technical and Hosting Data

For clients using our hosting services, we collect additional technical data essential for maintaining optimal website performance and security. This includes server logs, performance metrics, security events, and other technical information necessary for providing reliable hosting services. We use this data to monitor website health, prevent security issues, optimize performance, and ensure your website operates efficiently. This information is processed solely for the purpose of delivering and improving our hosting services.

3.1 Service Delivery

Your data plays an essential role in our ability to deliver high-quality web services. We use the information you provide to create and maintain your website, manage hosting services, handle domain registrations, and provide technical support. This includes using your content and technical requirements to build your website, implementing security measures to protect your online presence, and maintaining the necessary records to ensure consistent service delivery. This processing is fundamental to fulfilling our contractual obligations and ensuring you receive the professional service you expect from Wepremium.

3.2 Communications

We use your contact information to maintain effective communication throughout our business relationship. This includes sending important service updates, technical notifications, security alerts, and responses to your inquiries. For clients who have given their consent, we may also share relevant information about our services that could benefit your business. All our communications are designed to be purposeful and valuable, focusing on enhancing your experience with our services. We respect your communication preferences and provide clear options for managing how we contact you.

3.3 Website Improvement

The technical data we collect from website visitors helps us continuously improve our services and user experience. We analyze this information to understand how visitors interact with our website, identify and resolve technical issues, optimize performance, and enhance security measures. This analysis is conducted with respect for user privacy, focusing on aggregate patterns rather than individual behaviors. Our goal is to create a better, more efficient website experience while maintaining the highest standards of data protection.

3.4 Legal and Regulatory Compliance

We process certain data to meet our legal and regulatory obligations as a business operating in Morocco and serving international clients. This includes maintaining appropriate business records for tax purposes, responding to legitimate legal requests from authorized authorities, and protecting our legal rights. We retain data only for as long as necessary to fulfill these obligations and maintain compliance with applicable laws. All such processing is conducted with strict adherence to relevant data protection regulations and our commitment to protecting your privacy.

4.1 Security Measures

We implement comprehensive security measures to protect your data against unauthorized access, modification, or disclosure. Our security infrastructure includes enterprise-grade firewalls, real-time threat detection, and advanced encryption protocols for data in transit and at rest. We regularly update our security systems and conduct periodic assessments to identify and address potential vulnerabilities. Access to your data is strictly limited to authorized personnel who need it for providing our services, and all our team members are bound by confidentiality obligations. These measures reflect our commitment to maintaining the highest standards of data protection throughout our operations.

4.2 Data Storage

Your data is hosted on premium NVMe servers located in secure, state-of-the-art data centers. We implement a robust backup system that includes daily automated backups with 30-day retention, ensuring your data can be recovered quickly if needed. For website hosting clients, we maintain separate backup systems for website files and databases, providing an additional layer of data protection. Our storage systems are designed with redundancy in mind, utilizing enterprise-grade hardware and software to ensure data integrity and availability. All storage solutions are regularly monitored and maintained to ensure optimal performance and security.

4.3 Third-Party Services

In delivering our services, we sometimes need to work with carefully selected third-party service providers. These include secure payment processors, domain registration authorities, and email service providers. We thoroughly validate these partners to ensure they meet our stringent data protection standards and have appropriate security measures in place. Any third-party service provider we work with is contractually bound to protect your data and use it solely for the specific services they provide to us. We regularly review these partnerships to ensure continued compliance with our privacy and security requirements.

4.4 Incident Response

We maintain a comprehensive incident response plan to address any potential security incidents promptly and effectively. This includes immediate threat containment, thorough investigation processes, and appropriate notification procedures. Our team is trained to recognize and respond to security threats, with clear protocols for escalating and addressing any concerns. In the unlikely event of a security incident, we are committed to transparent communication with affected parties and taking all necessary steps to mitigate any potential impact.

5.1 Your Data Protection Rights

As a valued client or website visitor, you have specific rights regarding your personal data. You can request access to your personal data that we hold, obtain information about how we use it, and receive a copy in a structured, commonly used format. You have the right to request corrections to any inaccurate information we maintain about you. Additionally, you can request the deletion of your personal data when it's no longer necessary for the purposes for which it was collected. We are committed to honoring these rights and will respond to all legitimate requests within one month, though complex requests may require additional time. In such cases, we will keep you informed about the progress of your request.

5.2 Exercising Your Rights

To exercise any of your data protection rights, you can contact us through several channels. The most direct method is emailing us at contact@wepremium.com. You can also submit your request in writing to our office at 247 Annasr Street, 93200 Mdiq-Frideq, Morocco. To help us process your request efficiently, please clearly state which right you wish to exercise and provide relevant details about your relationship with us. We may need to verify your identity before processing certain requests to ensure the security of your personal data. There is no fee for exercising your rights, although we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.

5.3 Right to Withdraw Consent

Where we process your data based on consent, you maintain the right to withdraw that consent at any time. You can manage your communication preferences or opt out of marketing communications through your account settings or by contacting us directly. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it impact any data processing carried out on other legal grounds. However, please note that withdrawing certain consents may affect our ability to provide specific services. We will advise you if this is the case when you make your request.

5.4 Complaints and Concerns

If you have concerns about how we handle your personal data, we encourage you to contact us first so we can address your concerns directly. We take all privacy matters seriously and will work with you to resolve any issues promptly and fairly. If you are not satisfied with our response, you have the right to lodge a complaint with the Moroccan Data Protection Authority (CNDP) or your local data protection authority if you are based outside Morocco. We are committed to cooperating with data protection authorities and resolving any concerns about our data processing practices.

6.1 Our Role and Responsibilities

When managing your website, we serve dual roles as both a service provider and data processor, working under your direction as the data controller. Our responsibilities encompass the technical management and security of your website's infrastructure while respecting your ownership and control of the website's content and data. We implement robust security measures, maintain regular backups, and ensure proper functioning of your website's features. This arrangement allows you to focus on your business while we handle the technical aspects of your online presence, always operating within the scope of our agreed services and your explicit instructions.

6.2 Website Data Management

Our approach to handling data collected through your website is governed by strict protocols and your specific requirements. We process website data, such as form submissions, customer information, or user interactions, solely for maintaining your website's functionality and security. This data remains your property, and we never use it for our own purposes, sell it to third parties, or process it in ways not explicitly authorized by you. Our role is to ensure this data is handled securely, properly stored, and readily accessible to you while maintaining compliance with relevant data protection regulations.

6.3 Content and Updates

As part of our website maintenance services, we handle your website content with the utmost care and professionalism. Any content updates, modifications, or changes are made only with your authorization and according to your specific instructions. We maintain comprehensive version control and backup systems to protect against accidental loss or unauthorized changes. Our content management processes are designed to ensure your website remains current and effective while preserving your content's integrity and your brand's identity.

6.4 Security and Backups

We implement a comprehensive security and backup strategy for your website to protect against data loss and security threats. This includes regular automated backups, real-time security monitoring, and proactive threat prevention measures. Your website's files and databases are backed up daily and stored securely with a 30-day retention period. We maintain separate backup systems for different components of your website, ensuring quick recovery options in various scenarios. In the event of any security concerns or technical issues, we have established procedures for rapid response and resolution to minimize any potential impact on your business operations.