1. Security Measures

1.1 Website Security

SSL/TLS Encryption: All data transmission is protected with 256-bit SSL encryption

CSRF Protection: Cross-Site Request Forgery protection on all forms

XSS Prevention: Input sanitization and output encoding to prevent script injection

Content Security Policy: Strict CSP headers to prevent malicious content execution

Regular Security Audits: Quarterly penetration testing and vulnerability assessments

1.2 Data Protection

Encrypted Storage: All sensitive data is encrypted at rest using AES-256 encryption

Secure Backups: Regular encrypted backups stored in geographically distributed locations

Access Controls: Multi-factor authentication and role-based access controls

Network Security: Firewalls, intrusion detection systems, and DDoS protection

1.3 Server Infrastructure

Hardened Servers: Security-hardened Linux servers with minimal attack surface

Regular Updates: Automated security patches and system updates

Monitoring: 24/7 security monitoring and incident response

Compliance: SOC 2 Type II and PCI DSS compliant infrastructure

2. Privacy Policy

2.1 Information We Collect

We collect information to provide better services to our users:

Personal Information: Name, email address, phone number, billing address

Business Information: Company name, website details, business requirements

Technical Information: IP address, browser type, device information, usage analytics

Communication Data: Support tickets, consultation notes, feedback

2.2 How We Use Your Information

Service Delivery: To provide ecommerce website building and hosting services

Customer Support: To respond to inquiries and provide technical assistance

Service Improvement: To analyze usage patterns and improve our platform

Communication: To send service updates, security alerts, and marketing communications (opt-out available)

Legal Compliance: To comply with applicable laws and regulations

2.3 Information Sharing

We do not sell, trade, or rent your personal information. We may share information only in these limited circumstances:

Service Providers: With trusted third-party vendors who assist in service delivery (under strict confidentiality agreements)

Legal Requirements: When required by law, court order, or to protect our rights

Business Transfers: In connection with a merger, acquisition, or sale of assets (with prior notice)

Consent: When you explicitly consent to information sharing

3. Data Retention

We retain your information only as long as necessary for business purposes:

Active Accounts: Data retained while your account is active

Inactive Accounts: Data may be retained for up to 7 years for legal compliance

Marketing Data: Removed immediately upon unsubscribe request

Support Data: Retained for 3 years to improve service quality

4. Your Privacy Rights

Under GDPR, CCPA, and other privacy laws, you have the right to:

Access: Request a copy of your personal data we hold

Correction: Request correction of inaccurate or incomplete data

Deletion: Request deletion of your personal data (subject to legal requirements)

Portability: Request your data in a machine-readable format

Opt-Out: Unsubscribe from marketing communications at any time

Restriction: Request restriction of data processing in certain circumstances

5. Cookies and Tracking

5.1 Types of Cookies

Essential Cookies: Required for website functionality (login, security)

Analytics Cookies: Help us understand website usage and performance

Marketing Cookies: Used for targeted advertising (opt-in required)

Preference Cookies: Remember your settings and preferences

5.2 Cookie Management

You can control cookies through your browser settings. Note that disabling essential cookies may affect website functionality.

6. Third-Party Services

We work with trusted partners who meet our security standards:

Payment Processors: Stripe, PayPal (PCI DSS compliant)

Analytics: Google Analytics (anonymized data)

Email Services: Encrypted email delivery systems

CDN Services: Secure content delivery networks

7. International Data Transfers

Your data may be processed in the United States and other countries where we operate. We ensure adequate protection through:

Standard Contractual Clauses: EU-approved data transfer mechanisms

Privacy Shield: Participation in recognized privacy frameworks

Adequacy Decisions: Transfers only to countries with adequate protection

8. Security Incident Response

In the unlikely event of a security incident:

Immediate Response: 24/7 incident response team activation

Investigation: Thorough investigation and containment measures

Notification: Affected users notified within 72 hours

Remediation: Swift remediation and security improvements

9. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete the information immediately.

10. Updates to This Policy

We may update this policy to reflect changes in our practices or applicable laws. Material changes will be communicated via:

Email notification to registered users

Prominent notice on our website

30-day advance notice for material changes

11. Contact Information

For security or privacy concerns, contact our Data Protection Officer:

Email: [email protected]

Security Issues: [email protected]

Phone: 1 (307) 395-0300

Mailing Address:
ProEcommerce Data Protection Officer
1309 Coffeen Avenue Suite 1200
Sheridan, WY 82801 USA

Questions or Concerns? We're committed to transparency and are happy to address any questions about our security and privacy practices. Contact us anytime for clarification or assistance.