GDPR Compliance

XeroWP is committed to ensuring compliance with the General Data Protection Regulation (GDPR). This page explains your rights as a data subject under GDPR and how we handle your personal data in accordance with EU and UK data protection law.

The GDPR applies to all individuals within the European Economic Area (EEA) and gives you greater control over your personal data.

XeroWP (operated by Softias) acts as the data controller for personal data collected through our platform.

• Email: support@xerowp.com
• Website: https://xerowp.com

We process your personal data on the following lawful bases:

• Contract: Processing is necessary to provide our hosting services and fulfill our agreement with you.
• Legitimate Interests: Processing is necessary for fraud prevention, security monitoring, and platform improvements.
• Legal Obligation: Processing is required to comply with applicable laws and regulations.
• Consent: For marketing communications and non-essential cookies, where you have given your explicit consent.

As a data subject under GDPR, you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete personal data.
• Right to Erasure: Request deletion of your personal data ("right to be forgotten"), subject to legal obligations.
• Right to Restriction: Request that we restrict processing of your personal data in certain circumstances.
• Right to Data Portability: Receive your personal data in a structured, machine-readable format and transfer it to another controller.
• Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
• Rights Related to Automated Decision-Making: Not be subject to decisions based solely on automated processing that produce significant effects on you.

To exercise any of these rights, please contact us at support@xerowp.com. We will respond within 30 days.

We collect and process the following categories of personal data:

• Account Information: Name, email address, and password for your XeroWP account.
• Billing Information: Payment details processed securely through our payment providers.
• Technical Data: IP address, browser type, device information, and usage logs.
• Site Content: Data stored within your hosted WordPress sites necessary to deliver our services.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

• Account data is retained for the duration of your account and up to 90 days after deletion.
• Billing records are retained for 7 years to comply with financial regulations.
• Site backups are retained for up to 30 days.
• Server logs are retained for up to 90 days.

Your data may be processed in countries outside the EEA. When we transfer personal data internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, to protect your data in accordance with GDPR requirements.

We work with carefully selected third-party processors to deliver our services. All processors are bound by data processing agreements ensuring they handle your data in accordance with GDPR. Categories of processors include:

• Payment processors
• Cloud infrastructure providers
• Email and communication services
• Analytics providers

We use strictly necessary cookies to operate our platform and, with your consent, analytical and functional cookies to improve your experience. You may withdraw consent for non-essential cookies at any time through your browser settings.

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local data protection authority. In the EU, you can find your supervisory authority at edpb.europa.eu .

We would, however, appreciate the opportunity to address your concerns before you contact the authority, so please reach out to us first at support@xerowp.com.

For any GDPR-related requests or questions, please contact us:

• By email: support@xerowp.com
• Through our support ticket system in your dashboard