Get your website

Policies

Privacy Policy

Last updated: March 31, 2026

1. Introduction

Welcome to Snapweb (“Snapweb”, “we”, “us”, “our”), a website generation and website subscription service operated under the Snapweb brand.

This Privacy Policy explains how we collect, use, disclose, store, and protect personal data when you:

  • visit yoursnapweb.com;
  • submit a request for an AI-generated website;
  • communicate with us;
  • receive or use a free trial website;
  • purchase a paid subscription;
  • or otherwise interact with our services.

Snapweb provides AI-assisted and partially automated website generation and related website subscription services based on WordPress open-source software, including website setup, website delivery, hosting-related coordination, domain-related provisioning, SSL-related configuration, website continuity support, and related technical operations.

If you do not agree with this Privacy Policy, please do not use our services.

2. Data Controller

For the purposes of applicable data protection law, including the General Data Protection Regulation (GDPR), the data controller is:

Snapweb
Operated by: “RUBBER DUCK” Ltd.
VAT No.: BG203539268
Country of establishment: Bulgaria

Registered / contact addresses:
Address 1: Dragan Tsankov Blvd. 59, Sofia, Bulgaria
Address 2: Banishora Residential District, Block 27, Sofia, Bulgaria

Public contact email: [email protected]

Support email: [email protected]
Billing / legal email: [email protected]
Privacy contact person: Velizar Malevski

3. Scope of This Policy

This Privacy Policy applies to personal data processed in connection with:

  • yoursnapweb.com
  • website request forms
  • pre-sale communication
  • website generation workflows
  • trial website delivery
  • paid subscriptions
  • website support and maintenance
  • payment-related administration
  • analytics and marketing tools
  • third-party technical integrations used to provide the service

4. What Personal Data We Collect

We collect only the personal data that is reasonably necessary to provide our services, operate our business, comply with legal obligations, and improve our services.

4.1 Data you provide before payment

When you submit a website request or otherwise contact us, we may collect:

  • Name
  • Email address
  • Any information you voluntarily include in your request, inquiry, or description of your project, such as business details, industry, brand name, target audience, desired website content, copy, visual direction, design preferences, website goals, desired functionality, uploaded or submitted content, and any other project-related information you choose to provide.

4.2 Data collected during website generation and delivery

When we generate and provide your website, we may process:

  • WordPress admin account information created for your website
  • website access credentials and user setup data
  • technical website configuration data
  • domain-related and hosting-related configuration records
  • AI prompt and workflow input data derived from your request
  • communication history relating to delivery and support
  • website-related service records

4.3 Data collected after payment / subscription

If you subscribe to a paid service, we may collect or process:

  • full legal name
  • billing identity details
  • billing address
  • invoicing and tax-related details where legally required
  • subscription and payment status
  • service plan information
  • transaction-related metadata
  • support history
  • service continuity and technical administration records

4.4 Payment data

Payments are processed by Stripe.

We do not intentionally store full payment card details on our own systems unless explicitly stated otherwise.
Payment card data is processed by Stripe in accordance with Stripe’s own privacy, security, and compliance framework.

4.5 Technical, device, and usage data

When you visit our website or use related services, we may automatically collect:

  • IP address
  • browser type and version
  • device type
  • operating system
  • language preferences
  • session information
  • referral URLs
  • pages visited
  • timestamps
  • clickstream / behavioral data
  • website activity logs
  • diagnostic records
  • cookie identifiers
  • analytics data
  • security logs
  • fraud prevention records

4.6 Marketing, analytics, and behavior data

Where enabled, we may collect usage and engagement data via analytics and marketing technologies such as:

  • Google Analytics
  • Meta Pixel
  • Hotjar
  • and potentially additional analytics, advertising, optimization, or diagnostic tools.

4.7 Data created through automation and AI workflows

To provide our services, we may transform information you submit into:

  • prompts
  • structured requests
  • automation instructions
  • technical provisioning inputs
  • content-generation instructions
  • AI-assisted website generation workflows
  • formatting and implementation instructions

5. How We Use Your Personal Data

We use your personal data only where reasonably necessary for legitimate business and service purposes.

We may use your personal data to:

  • review and process your request;
  • generate your requested website;
  • configure and deliver your trial or paid website;
  • create and administer your WordPress website access;
  • communicate with you before, during, and after service delivery;
  • provide customer support;
  • send service-related notices, reminders, billing messages, and technical alerts;
  • administer subscriptions, renewals, invoices, and payments;
  • maintain service continuity;
  • improve our AI-assisted generation systems and internal workflows;
  • operate analytics, diagnostics, and fraud-prevention systems;
  • comply with legal, accounting, tax, and regulatory obligations;
  • establish, exercise, or defend legal claims;
  • market our services where legally permitted.

6. Legal Bases for Processing (GDPR)

Where the GDPR or similar law applies, we rely on one or more of the following legal bases:

  • Contract: where processing is necessary to take steps at your request or perform a contract with you.
  • Legitimate Interests: where processing is necessary for operating, securing, improving, and administering Snapweb and our services.
  • Legal Obligation: where processing is necessary to comply with legal or regulatory obligations.
  • Consent: where required, including for certain cookies, analytics, or marketing communications.

7. Why We Need Your Name and Email

We collect your name and email because they are necessary to:

  • identify your request;
  • communicate with you about your website;
  • deliver your website and related service access;
  • provide support;
  • send billing and service-related notices;
  • administer your trial and/or subscription;
  • maintain an ongoing service relationship where relevant.

Without this information, we may not be able to provide the service.

8. Free Trial Data Handling

When your website is generated and delivered to you, you may receive access to a 5-calendar-day free trial.

During the free trial:

  • your website may remain active for trial use and editing;
  • you may receive WordPress admin access and AI-assisted editing tools;
  • we may process activity, usage, and technical data necessary to support the trial and maintain service integrity.

If you do not convert to a paid subscription, your website may be deleted immediately after the 5-day trial or within up to 2 additional calendar days as part of internal operational deletion cycles, infrastructure processing, or scheduled cleanup workflows.

You are responsible for exporting or preserving any content you wish to keep before trial expiry.

9. Paid Subscription Data Handling

If you subscribe after the trial, we continue to process your personal data as reasonably necessary to:

  • keep your website active and accessible;
  • coordinate hosting and infrastructure;
  • maintain domain-related and SSL-related functionality where included;
  • provide support within the scope of your plan;
  • administer billing and legal obligations;
  • maintain service records and technical continuity.

10. Special Category / Sensitive Data

Please do not submit sensitive personal data unless strictly necessary.

This includes, for example:

  • health data
  • biometric data
  • political opinions
  • religious beliefs
  • criminal records
  • or other special category data

If you voluntarily include such data in your request or website content, you acknowledge that you are providing it at your own initiative. We reserve the right to avoid processing, redact, or remove such data where not necessary for the service.

11. How We Share Personal Data

We do not sell your personal data.

We may share your personal data only where reasonably necessary with:

11.1 Payment providers

Including Stripe for billing, subscription administration, fraud prevention, and payment processing.

11.2 Hosting and infrastructure providers

Including providers such as:

  • JetHost
  • Cloudflare
  • Extendify
  • and potentially additional infrastructure, deployment, hosting, AI, software, automation, or technical service providers.

11.3 AI, automation, and software providers

We may use third-party tools, APIs, automation software, AI systems, and technical integrations to:

  • generate website drafts;
  • structure content;
  • provision hosting or software-related functions;
  • support workflow execution;
  • improve service quality and delivery.

11.4 Professional advisers

Including lawyers, accountants, tax advisers, auditors, consultants, and compliance professionals.

11.5 Authorities and legal process

Where required by law, regulation, court order, legal request, law enforcement request, or to protect our legal rights.

11.6 Business transfers

If Snapweb or its operator is involved in a merger, acquisition, restructuring, financing, sale, or transfer of assets, personal data may be transferred as part of that transaction, subject to appropriate safeguards where required.

12. International Data Transfers

Some of our service providers may process personal data outside your country or outside the European Economic Area (EEA).

Where required by applicable law, we rely on appropriate safeguards such as:

  • adequacy decisions;
  • Standard Contractual Clauses (SCCs);
  • contractual and organizational protections;
  • or other lawful transfer mechanisms.

13. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including legal, accounting, tax, security, business continuity, dispute resolution, and service administration purposes.

Examples:

  • inquiry / lead data: retained for a reasonable period for follow-up and business administration;
  • customer service data: retained during the customer relationship and for a reasonable period thereafter;
  • billing and accounting records: retained for as long as required by applicable law;
  • security logs and diagnostics: retained for as long as reasonably necessary for security, anti-abuse, and operational integrity;
  • trial websites and associated technical records: may be deleted after trial expiry according to internal operational cycles.

We may retain certain data longer where necessary to:

  • comply with law;
  • prevent fraud;
  • resolve disputes;
  • enforce agreements;
  • or defend legal claims.

14. Security

We use reasonable technical and organizational measures designed to protect personal data, including where appropriate:

  • access controls;
  • role-based permissions;
  • password and credential management;
  • provider-level security features;
  • encrypted connections where applicable;
  • logging and monitoring;
  • fraud-prevention and anti-abuse systems.

However, no website, platform, software environment, hosting system, payment flow, or internet transmission method can be guaranteed to be 100% secure. Accordingly, we cannot guarantee absolute security.

15. Your Rights

If you are in the EEA / UK or another jurisdiction that grants similar rights, you may have the right to:

  • request access to your personal data;
  • request correction of inaccurate data;
  • request deletion;
  • request restriction of processing;
  • object to certain processing;
  • request data portability where applicable;
  • withdraw consent where processing is based on consent;
  • lodge a complaint with a supervisory authority.

To exercise your rights, contact:
[email protected]
or
[email protected]

We may need to verify your identity before responding.

If you are in Bulgaria, you may also lodge a complaint with the competent Bulgarian data protection authority.

16. Marketing Communications

We may send:

  • service-related emails necessary for website delivery, support, billing, or subscription administration; and
  • marketing or promotional communications where permitted by law.

You may unsubscribe from non-essential marketing emails at any time. Service-related communications may still be sent where necessary to provide or administer the service.

17. Cookies and Similar Technologies

We may use:

  • essential cookies;
  • functional cookies;
  • analytics cookies;
  • advertising / remarketing cookies;
  • performance and session technologies;
  • and similar tracking technologies.

These may be used to:

  • operate and secure the website;
  • understand usage;
  • improve performance;
  • personalize user experience;
  • measure marketing effectiveness;
  • support analytics and advertising.

Where required by law, we will seek your consent before using non-essential cookies or similar technologies.

18. Third-Party Links and Services

Our website or services may include or rely on third-party websites, tools, services, plugins, providers, and software environments. We are not responsible for the privacy, security, or content practices of third parties. You should review their policies separately where relevant.

19. Children’s Privacy

Our services are not directed to children and are not intended for use by individuals who cannot legally enter into binding service arrangements under applicable law.

We do not knowingly collect personal data from children in violation of applicable law. If you believe a child has submitted personal data to us improperly, please contact us so that we can take appropriate action.

20. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

If we make material changes, we will update the “Last updated” date and may provide additional notice where appropriate or legally required.

Your continued use of our website or services after an updated version takes effect means you accept the updated Privacy Policy to the extent permitted by law.

21. Contact Us

If you have questions about this Privacy Policy or our data practices, contact:

Snapweb
Operated by: “RUBBER DUCK” Ltd.
VAT No.: BG203539268
Country: Bulgaria

Public email: [email protected]
Support email: [email protected]
Billing / legal email: [email protected]

Privacy contact person: Velizar Malevski

Scroll to Top