(Updated: May 10, 2018.)
If you are a customer who is subject to EU privacy laws, the Data Privacy Addendum located at https://wpengine.com/legal/dpa/ as it may be updated from time to time governs the obligations between us with regard to personal data as defined by such laws.
- Personal data we collect.
- Information you give us.
In order for you to use our Services and other features of our Site, we will ask you for some of your personal data (e.g. contact information, name, etc.). The amount and type of information that we gather depends on the nature of the interaction. For example, we ask visitors who would like to comment on our blog to provide a username. Those who purchase Services from us are asked to provide additional information including, as necessary, the personal and financial information required to process transactions. In each case, we collect such information only insofar as is necessary or appropriate to fulfill the purpose of your interaction with us. You can always refuse to supply personal data; however, doing so may prevent you from receiving our Services or engaging in other activities on the Site. In no event will we ever request sensitive personal data (e.g. health information, religious preferences, etc.) from you, and we expressly request that you not provide any such sensitive personal data to us.
- Web server logs.
As is true of most websites, we gather certain information automatically through your use of the Site. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring or exit pages, the files viewed on the Site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and clickstream data to analyze trends in the aggregate and administer the site. We use analytical software to help us understand this information. This software sends information to its licensor. Other sites and companies may also use this software. As a result, the licensor may collect information that, when aggregated by them, allows them to identify you individually. We have no responsibility for this collection and use.
- Information collected by our customers.
Our customers may collect personal data in connection with the Services we provide to them. WP Engine’s customers control the personal data they collect, and WP Engine will not use or disclose that personal data except as authorized or directed by the customer in the course of our provision of the Services. If your personal data is controlled by one of our customers and you have concerns about the way that data is managed, please contact that customer directly.
- Information you give us.
- How we use personal data.
WP Engine will only use the personal data we collect as reasonably necessary for the following purposes:
- to allow you to use and interact with the Site;
- to provide the Services to you as our customer;
- to inform our continued development of the Site and the Services;
- to communicate with you from time to time in response to your requests for information or as may be relevant to your account with us;
- to send marketing communications related to the services we provide;
- as required by applicable law or legal requirements pertaining to records retention or for internal administrative purposes; or
- as specifically authorized by you in writing.
- Disclosure to third parties.
We will not disclose your personal data to third parties except as follows:
- when we believe disclosure is reasonably required to comply with any law or legal request;
- to enforce our legal and contractual rights, or to protect the rights and safety of others;
- to third parties who help us provide any part of the Site or the Services, to the limited extent required for such help, and on condition that they may not further disclose your data or use it for any other purpose; or
- as part of a sale of our assets or a merger of our company.
- Procedures to protect personal data.
We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once it is received.
- Your rights over personal data that we control.
You may opt-out of receiving most e-mails from us by following the “unsubscribe” instructions provided in the e-mails. Alternatively, you may contact us as described herein. If you are our customer, you may not be able to opt out of all emails, including certain administrative or billing communications which are important to the ongoing maintenance of your account.
We may keep your personal data for as long as reasonably required to meet the purposes described herein. Additionally, we will retain this information as required by law, as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
- EU-US and Swiss-US Privacy Shield.
We participate in and have certified our compliance with the EU – U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov/list.
Under the Privacy Shield Frameworks, we are responsible for the processing of personal data that we collect from you and subsequently transfer to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including requests made to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions more fully described on the Privacy Shield website located at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.