Last Revised: 12 April 2024
This Data Protection and Privacy Notice (“Notice”) describes Undeveloped B.V.’s (“Wilio.com”) core data protection and privacy practices.
Data Covered by this Notice
This notice covers personal data when we act as the data controller.
Personal Data identifies or could be used to identify a specific person, and any data about that person. For example, your name, address, and payment details are Personal Data.
We act as a controller when we process personal data for our own use. For example, we act as a controller when you provide your personal data to open an account.
This notice does not apply when you process personal data for your own benefit. For example, when you send email for your business purposes that includes personal data, you are acting as the controller. When you act as the controller, we act as the processor and process Personal Data only in accordance with your instructions or as required by law.
This notice also does not apply to business information or other information about a legal entity unless that business information is linked to a specific identifiable person. For example, the name, contact information, and phone number of a business are not personal data.
This notice also does not apply to third-party applications offered through our services or linked through our website. For information about the privacy practices of any third-party offerings, please review the data protection or privacy notice applicable to that third-party offering before using it.
Core Data Protection and Privacy Rights
We recognize several core data protection and privacy rights for all individuals:
the right to know what personal data we hold about you
the right to access, correct, or delete your personal data
the right to transfer your personal data (data portability)
the right to set your marketing and advertising preferences
We manually review requests to exercise privacy rights where self-service is not possible or appropriate. To exercise these rights, please contact us at support@wilio.com or at the addresses located in the Contact Us section below.
We promptly review requests to exercise data protection and privacy rights. If we need more information to process a request, we will contact the requestor by email or, if we do not have an email address on file for the requestor, by the same method the request was made.
If we do not honor a request for legal or other reasons, we will explain why we did not honor the request, the right to appeal, and any right to file a complaint.
Personal Data We Collect
We collect personal data when you set up an account, use our services, apply for a position, or contact us. Examples of personal data we may collect from you include your name, email address, phone number, physical address, and payment method.
We collect personal data automatically when you visit our websites, use our services, contact us, open our emails, or view our advertising. Examples of personal data we may collect include your device ID, your IP address, information about web pages and other websites you visit, and other similar details.
We may collect personal data about you from other sources. Examples of personal data obtained from other sources include publicly available data, social media information, and information lawfully gathered by third-party data providers.
We process data in connection with our business and services to generate inferences and insights that may be linked to a specific person, including through the use of data analytics, machine learning, and artificial intelligence.
Use of Personal Data
We use personal data to operate and improve our business and services. Examples of how we use personal data include:
Managing customer accounts
Processing purchase requests
Registering domains
Provisioning products and services
Providing customer support
Securing, updating, and improving our services
Detecting DNS abuse, fraud and other illegal activity
Marketing and advertising of our services
Contacting customers, prospective customers, and others by telephone, text or messaging applications to offer our services
Website traffic measurement
Other uses consistent with the purposes for which the personal data was collected or provided to us
No “Sale” of Personal Data
We do not sell, lease, or rent personal data to third parties for monetary or other consideration.
Disclosures to Others
We disclose personal data:
to processors to operate our business and provide services, including but not limited to providing security services, payment processing and customer support; conducting contests and surveys; generating data insights; and performing other activities related to our business and services.
to business partners to offer some services, such as email and payment processing.
to marketers and advertisers, including for the purpose of creating and delivering personalized marketing and advertising messages.
to comply with law enforcement and other legal requests, protect our legal rights, prevent harm to us or others, and enforce our policies and contracts.
In addition, if we sell some or all of our assets or merge with a third-party, we may transfer relevant personal data to the buyer or new company.
Controller
When you use services offered by Wilio.com, the data controller will be Undeveloped B.V.
Legal Basis for Individual Processing Activities
We use personal data primarily to provide you the services you request. We also use personal data to comply with our legal obligations and protect our legitimate interests, including providing you personalized services, communicating with you, improving our services, and detecting fraudulent and illegal activity. With your prior consent, we also may use your personal data to send you marketing materials and offers.
Cookies, Web Beacons, and Other Online Identifiers
We use three main types of “identifiers” on our website and in our services: cookies, web beacons, and scripts.
Cookies are text files placed on a device when a person visits our webpages or view messages from us. Some cookies are “session cookies” that expire at the end of a browser session, while others are “persistent cookies” that allow us to remember user preferences and settings over multiple visits and across other websites.
Web Beacons are image files placed in our web pages and emails that we use for such purposes as determining if an email has been opened or an advertisement has been viewed.
Scripts are small pieces of computer code that power customer service tools, deliver video, provide interactive experiences, and help us measure service use.
We manage some identifiers directly. Other identifiers are managed by third parties. For example, we use Google Analytics to monitor site performance and visitor engagement.
We use identifiers to provide customized services, measure website performance, provide customer support, deliver personalized advertising, and generate data insights, including through the use of machine learning and artificial intelligence. Specific examples of how we use identifiers include, but are not limited to:
Setting your service preferences
Managing your shopping cart
Guarding against fraud
Delivering relevant advertisements
Measuring website use
Conducting research on use of product features to improve our services
Identifier Management
We use optional and mandatory identifiers. Optional identifiers are used for support, website performance, and advertising. Mandatory identifiers are used for account verification, service continuity, security, and other essential functions necessary to provide our website and services.
You can also contact us at support@wilio.com or at the address set forth in the Contact Us section below.
In addition, many web browsers allow users to block cookies (directly or through plugins and extensions). Some cookies, however, are essential for our website and services to function. If you set your browser to block all cookies, you may not be able to use our services.
"Do Not Track" and other Preference Signals
Some web browsers provide a “Do Not Track” feature. There are no generally accepted standards for this feature, and we do not respond to “Do Not Track” signals.
Marketing and Advertising Preferences
You can manage your marketing and advertising preferences by contacting us at support@wilio.com.
Storage
We store personal data on our own systems and with trusted service providers, including Amazon Web Services.
Length of Retention
We retain personal data for our business needs and to comply with law. If we no longer need personal data, we may either delete it or de-identify it so that it no longer identifies a specific person. Factors we consider when deciding when to delete or de-identify your personal data include: (1) if you still have an account, (2) if we are required to retain personal data to comply with law, or (3) if the personal data is needed for tax other business purposes.
Security
We use risk-based measures to protect personal data, including appropriate security controls and employee training. We also require that our service providers, business partners, and advertisers use appropriate risk-based controls to protect personal data.
No Collection of PII about Children
We do not knowingly collect personal data about anyone under 18 without permission from their legal guardian. Please contact us at support@wilio.com if you believe we have collected information from a child without permission from their legal guardian.
Legal Basis for Processing
We process personal data with your consent, to fulfill our contract with you, based on our legitimate interest, or other lawful bases. The specific basis of processing depends on the services you are using, the data being processed, the place where the processing occurs, and the place where you live. If you have questions about our basis for processing your personal data, please contact us at support@wilio.com.
International Data Transfers
Personal data you provide may be transferred from your country to the United States or to another country where we do business. We make these transfers when necessary to provide our services, to perform our contract with you, or when we have your consent to transfer your personal data to another country.
We transfer personal data outside the UK, the EU/EEA, and Switzerland to countries that have been determined to offer an adequate level of data protection.
For transfers from the EU/EEA and Switzerland to countries that have not been deemed to offer an adequate level of data protection, we transfer personal data pursuant to a data protection addendum with standard contractual clauses and appropriate supplementary measures including, appropriate technical and organizational measures.
For transfers to the United States, certain of our subprocessors (including affiliated companies) have certified their compliance with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF (“UK-U.S. Data Bridge”), and/or the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. Where available, we transfer Personal Data to these subprocessors pursuant to the applicable DPF framework or extension.
Non-Discrimination
We will not discriminate against you for exercising your privacy rights.
No Financial Incentives
We do not provide any financial incentives for providing personal data to us.
Policy Changes
We may revise this notice by posting a revised statement at the same location as this notice or on another location on our website. If we change this notice, it will apply to personal data collected prior to adoption of the new statement only to the extent as the new statement does not reduce the rights of affected data subjects.
Complaints to Data Protection Authorities
In the EU/EEA, you have the right to lodge a complaint with your local data protection supervisory authority.
Contact Us
If you have any questions, you can contact us at support@wilio.com.