Last updated: 01/01/2025
1. Information We Collect
Amagraphs Consulting is committed to protecting your privacy. This section outlines the types of information we collect through our WordPress maintenance and development services. As a technical service provider handling sensitive website data, we collect information necessary for service delivery while ensuring data protection.
Personal Information: When you engage our services, we collect essential information including your name, email address, phone number, and company details. This information is crucial for providing our services, communicating updates, and ensuring proper billing. We may also collect professional information such as your role and business requirements to better tailor our services.
Payment Information: We collect and process payment information necessary for our service transactions. This may include:
- Credit card details
- Payment history
- Billing addresses
- Transaction records
All payment processing is handled through secure, PCI-compliant payment processors. We never store sensitive payment details on our servers. Payment data is encrypted during transmission and processed according to industry security standards.
Website Information: To provide comprehensive WordPress maintenance services, we need access to various aspects of your website. This includes hosting credentials, admin access, FTP details, and database information. We collect performance metrics, security logs, and backup data to ensure optimal website functionality. Our systems also track website uptime, loading speeds, and security threats for proactive maintenance.
2. How We Use Information
Your information serves specific, business-critical purposes in our service delivery. The primary use is maintaining, securing, and optimizing your WordPress website. This includes implementing updates, monitoring security, performing backups, and conducting performance optimizations.
We analyze website data to identify potential issues before they impact your business. This proactive approach helps us maintain optimal website performance and security. Your contact information enables us to provide timely alerts about critical updates, security threats, or performance issues.
For clients on our Professional and Enterprise plans, we use website analytics to generate detailed performance reports and make data-driven optimization recommendations.
3. Data Storage and Security
Security is paramount in our operations. We implement enterprise-grade security measures to protect all client data. Our storage systems use 256-bit encryption, and all data transmissions occur through secure, encrypted channels.
We maintain strict access controls, limiting data access to essential personnel only. All access is logged and monitored for security purposes. Our backup systems ensure data redundancy, with copies stored in secure, geographically distributed locations.
For website credentials, we use industry-leading password management systems with encryption and regular rotation policies. Two-factor authentication is mandatory for all system access.
4. Client Website Access
Our website access protocols are designed to maintain the highest security standards while ensuring efficient service delivery. Access to client websites is strictly limited to maintenance activities outlined in our service agreement.
We maintain detailed logs of all access instances, including the purpose, duration, and actions performed. All maintenance activities are documented and available for client review. Remote access tools use encrypted connections and time-limited access tokens.
5. Third-Party Services
We partner with industry-leading service providers to deliver comprehensive WordPress maintenance. These include hosting providers, security services, backup systems, and monitoring tools. Each partner is carefully selected based on their security standards and reliability.
These partnerships enable us to provide enterprise-grade services while maintaining cost-effectiveness. All third-party services are bound by strict data protection agreements and regularly audited for compliance.
6. Data Protection Rights
Under data protection regulations, you have comprehensive rights regarding your personal data. We respect these rights and provide transparent access to your information upon request.
We ensure timely responses to all data-related requests, maintaining clear communication throughout the process. Our systems are designed to facilitate data export, modification, or deletion while maintaining service integrity.
7. Cookie Policy
Cookies are essential to delivering efficient maintenance services and monitoring website performance. We use them to track security metrics, analyze performance data, and maintain secure sessions.
Our cookie implementation follows best practices, collecting only necessary data. We regularly review and update our cookie policies to align with changing privacy regulations and technical requirements.
8. Data Breach Procedures
Our robust breach response protocol ensures immediate action in case of security incidents. This includes rapid assessment, containment, and client notification within 72 hours of discovery.
We maintain detailed incident response plans, regularly updated based on emerging threats. Our team conducts regular drills to ensure readiness for potential security incidents.
9. International Data Transfers
As a global service provider working with clients in North America and Europe, we ensure compliant international data transfers. Our practices align with GDPR and other relevant data protection regulations.
We implement appropriate safeguards for cross-border data transfers, including standard contractual clauses and regular compliance assessments.
10. Contact Information
Our dedicated privacy team is available to address your data protection concerns. We maintain transparent communication channels and provide timely responses to all privacy-related queries.