Offer AI Website Building Under Your Brand 👉 Learn More →

Privacy Policy

Last updated: March 31, 2025

ProWebCraft LTD ("Brizy," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share your personal information ("Personal Data"), as well as your rights regarding that information. It applies to all users of our services, including individuals and agencies/companies using Brizy’s website-building platform for their clients (collectively, "Users," "you," or "your").

This Privacy Policy covers all Brizy services Brizy for WordPress, Brizy Cloud, AI Website Builder, Brizy for Shopify, including our website, our platforms, and all subpages (collectively, the "Services"):

By accessing or using our Services, you confirm that you have read, understood, and agreed to this Privacy Policy and our Terms of Service. If you do not agree with our practices, you must immediately discontinue using our Services. If you have any questions or concerns, please contact us at dpo@brizy.io.

Brizy is committed to ensuring the protection of your rights and freedoms in relation to the processing of your Personal Data. We process your data securely and in accordance with all applicable legal obligations. Our Privacy Policy is designed to comply with the highest standards, including the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and the UK GDPR.

This Privacy Policy outlines the information we collect about you through our Website and Services. It also explains your choices regarding the processing of your data, including how you can access, update, and object to certain uses of your Personal Data.

We may update this Privacy Policy periodically to reflect changes in our data processing practices or legal requirements. Any updates will be posted on this page, and we encourage you to review the policy regularly.

Summary

We encourage you to read this Privacy Policy in full to understand how we handle your Personal Data. However, for your convenience, here are key points:

We do not sell your Personal Data to third parties, nor do we use it for commercial purposes beyond providing our Services.
We collect only the minimum necessary data to fulfill the purposes outlined in this Privacy Policy.
You have rights under the GDPR, including the right to access, rectify, delete, or restrict the processing of your data. You may contact us at any time to exercise these rights.
We may share your Personal Data with trusted third parties under contractual obligations, such as service providers, IT infrastructure providers, or payment processors, solely for the purpose of delivering our Services.

If you have any questions about this Privacy Policy, your rights, or how we handle your data, please contact us at dpo@brizy.io

Who Are We?

Brizy is the commercial name of ProWebCraft LTD, a company registered in the United Kingdom under company number 14303873. Our registered office is located at 71–75 Shelton Street, Covent Garden, London, England, WC2H 9JQ.

Brizy is a digital technology company that provides a visual website builder and design platform. Our services empower individuals, agencies, and businesses to create professional websites without writing code. We operate globally and offer both cloud-based and self-hosted solutions to accommodate diverse user needs.

In this Privacy Policy, references to “Brizy”, “we”, “us”, or “our” refer to ProWebCraft LTD, acting as the data controller or data processor depending on the context of data collection and processing.

Our Role as Data Controller and Data Processor

Brizy acts in different capacities depending on the nature of the data processing activities involved:

1. Brizy as a Data Controller:

Brizy functions as a data controller when we directly collect and process personal data from Users who create accounts, access workspaces, manage projects, subscribe to newsletters, participate in webinars, engage in affiliate marketing, or otherwise communicate through our platform. This category includes data processed for the purposes of account creation, user authentication, platform analytics, marketing and promotional activities, customer support, and any cookies set by Brizy on our website to enhance User experience and service functionality.

Examples of data collected as a data controller include:

Registration and account details (e.g., name, email address, login credentials).
Information collected for newsletter subscriptions and marketing communications.
Data from User interactions with our website, including cookies used for analytics and personalized advertising.
Information related to participation in webinars and other promotional or informational events hosted by Brizy.
Information related to affiliate marketing partnerships.

2. Brizy as a Data Controller:

Brizy acts as a data processor when providing our website-building platform and hosting services to our clients, such as Agencies or other commercial Users, who use Brizy’s infrastructure to create and manage websites. In these circumstances, the Client is the data controller, as they determine the purposes and means of processing their end users' data. Brizy only processes such personal data under the instructions provided by our clients and does not independently control this data processing.

Responsibilities of Brizy as a data processor include:

Hosting websites and providing technical infrastructure on AWS for our clients.
Storing data related to client-managed projects, including leads collected via client websites, as directed by the clients.
Ensuring backups and secure storage of clients' website data and related information.

Brizy does not independently set cookies, deploy tracking scripts, or control any data processing performed by our clients on their end-users' data. Clients remain solely responsible for compliance with applicable data protection laws, including transparency, obtaining necessary consents, managing cookie usage, and ensuring the lawful processing of their end users’ personal data.

We strongly recommend end-users visiting websites built with Brizy to consult the respective Client’s privacy policy to understand their data processing activities and practices.

Brizy does not control the content of websites built with our platform nor do we independently collect personal data from end users visiting these sites. The responsibility for the collection, processing, and management of end users' personal data lies entirely with the business or individual managing the respective website. This Privacy Policy applies exclusively to the data processing activities where Brizy acts as a data controller, as described above, and does not cover activities where we operate solely as a data processor on behalf of our clients.

Periodic updates to this Privacy Policy will be posted on this page to reflect any changes in our data processing practices or relevant legal obligations.

Your Personal Data

Personal Data You Provide Us

Customer Account Details:

When creating a Brizy account, we collect your email address, first name, last name, and password. This information is used to authenticate your account, provide you with secure access to our services, and communicate essential information about your account or subscription.

Payment and Billing Information:

When you subscribe to any of our paid services, your payments are securely processed by trusted third-party payment processors. Brizy does not directly access or store your full credit card details. However, we do collect partial payment details provided by our payment processors (such as the last four digits of your card, expiration date, and country of issuance), your billing address, and, if applicable, your business-related details required by payment processors, including bank account details, address, phone number, date of birth, government-issued identification numbers (social security number, passport number, driver's license number), tax identifier (EIN), and nationality. This data is collected and retained to fulfill contractual obligations and to comply with applicable financial and legal regulations.

Communication and Customer Support Information:

When you contact us through our support channels, customer forums, or direct email, we collect and store information provided by you, including your name, email address, phone number, company, and details of your inquiry or communication. This information allows us to effectively respond to your requests and provide assistance.

Marketing Preferences and Webinar Registrations:

If you choose to subscribe to our newsletters, webinars, promotional events, or affiliate marketing programs, we collect your first name, last name, job title, company name, phone number, country, email address, and company size. This information is used to provide relevant marketing content, promotional offers, event invitations, and other communications based on your interests and consent. You can unsubscribe or change your preferences at any time.

Survey, Research, and Promotion Information:

When you voluntarily participate in surveys, research activities, contests, or promotional campaigns, we collect the personal information you choose to provide. This information helps us improve our services, develop new features, and administer promotional activities effectively.

Enterprise Sales Information:

If you or your company engages with us regarding our enterprise offerings, we collect contact details and professional information including names, email addresses, job titles, phone numbers, and may also store recordings of sales conversations with your consent. This information helps us provide tailored business services and support to potential enterprise clients.

Affiliate Marketing Program Information:

If you choose to participate in Brizy’s Affiliate Marketing Program, we collect the information you provide when applying or logging into your affiliate account. This includes your full name, website URL, Brizy account email, and any additional information submitted through the affiliate application form. For the purpose of processing affiliate commissions, we also collect your preferred payment details, such as your PayPal or Payoneer account information.
This data is processed to assess your application, manage your affiliate status, track performance, and ensure accurate and timely payment of earned commissions. The legal basis for this processing is the execution of a contractual relationship and our legitimate interest in administering the affiliate program. You may contact us at any time to update your affiliate profile or terminate your participation.

Personal Data We Collect Automatically

Site Usage Information:

When you interact with our website or platform, we automatically collect certain technical data. This includes: IP addresses, preferences, web pages you visited prior to coming to our or our Users’ sites, information about your browser, network or device (such as browser type and version, operating system, internet service provider, preference settings, unique device IDs and language and other regional settings), information about how you interact with the Services and our Users’ sites (such as timestamps, clicks, scrolling, browsing times, searches, transactions, referral pages, load times, and problems you may encounter, such as loading errors). This data is collected via cookies or analytics tools and is used to analyze and enhance user experience, functionality, and security of our website and services.

Mobile Application Information:

If you access our services via mobile applications and have enabled location services on your device, we may also collect precise geolocation data to optimize your experience and provide relevant service functionality.

Personal Data Collected by Third Parties

We collaborate with trusted third-party service providers, such as payment processors, analytics providers, and hosting services (AWS), who collect personal data on our behalf or provide us with additional data required to deliver our services efficiently. These third parties are contractually required to process personal data securely and strictly in line with our instructions and applicable privacy regulations.

Third-Party Login (Google and LinkedIn)

You have the option to register or log in to your Brizy account using your existing Google or LinkedIn credentials. If you choose this method, we receive your basic profile information from the selected third-party service, which typically includes your name, email address, profile picture, and unique identifier. By using this option, you authorize Brizy to collect, store, and use this data in accordance with this Privacy Policy. We recommend reviewing the privacy policies of Google or LinkedIn for further details regarding their data processing practices.

Cookies & Technologies used to collect information about you:

We collect the following data directly and through the use of third parties. We collect this data by using certain technologies, such as cookies. Please refer to our Cookies Policy to learn more about your rights and responsibilities with respect to cookies and other technologies. If you have any questions about your rights under our Cookies Policy, we encourage you to contact us at dpo@brizy.io

Cookies (or browser cookies). Cookies are text files with small pieces of data that are used to identify your computer as you use a network. Specific cookies are used to identify specific users and improve their web browsing experience. When you access our website, you have the choice to refuse, or to accept browser cookies by activating the appropriate setting on your browser. However, if you refuse the use of cookies, you may be unable to access certain parts of the Website.
Analytics. Analytics are tools we use, such as Google Analytics, to help provide us with information about traffic to the Website and use of the Website, which Google may share with other services and websites who use the collected data to contextualize and personalize the ads of its own advertising network. Learn more on how Google Analytics may use your data.

Purpose of Data Processing

Brizy processes your personal data based on one or more of the following legal bases:

Processing is necessary for the conclusion or performance of a contract with you.
Processing is required to comply with our legal obligations (e.g., fiscal regulations, reporting to authorities).
Processing is necessary to fulfill our legitimate interests.
Processing is based on your explicit consent.

Below you will find details on how we use your personal data:

To provide and manage our services

We process your personal data to deliver and manage the services you request from Brizy. This includes:

Account Creation and Management: When you register an account with Brizy, we collect and process your email address, first and last name, and password to create and secure your user account. You can also choose to log in using Google or LinkedIn, in which case we collect limited profile data from these providers (name, email, and profile photo). This processing is necessary for us to fulfill our contractual obligations and provide you with access to our platform.

Payment Processing and Billing: When you purchase a subscription or other paid services, your payment details are securely processed by trusted third-party payment providers. Brizy receives limited payment information from these processors (such as the last four digits of your card, billing address, expiration date, and issuing country) as well as invoicing details, including tax identification numbers or bank details, to comply with applicable fiscal and financial obligations.

Service Administration and Account History: We process information related to your account usage, such as trials, subscription status, discount code usage, and other relevant transactional details to manage and improve your experience with our platform. This processing is based on our legitimate interest to maintain service quality and perform our contractual duties.

To personalize your experience and enhance our services

Platform Analytics and User Experience:

We analyze information collected through your interactions with our website and platform—including IP addresses, device information, browser type, and user behavior—to optimize and improve our services. Typically, this information is anonymized, pseudonymized, or aggregated. The legal basis for this processing is our legitimate interest in ensuring the functionality and continual enhancement of our platform.

To communicate with you effectively

We use your personal data to communicate important information and provide support:

Customer Support: If you contact us through forms, live chat, email, or by phone, we collect your name, email address, phone number, company information, and details of your inquiry to respond effectively and promptly. This processing is based on our legitimate interest to deliver quality customer service.

Service Updates and Notifications: We may use your contact details to inform you about important changes to our services, subscription renewals, updates, or other essential notifications related to your account. The legal basis for this processing is our contractual obligation and legitimate interest in keeping you informed.

Marketing Communications: With your consent or based on our legitimate interest, we use your data (including name, job title, email address, phone number, company size, and country) to send newsletters, promotional emails, webinar invitations, and marketing messages relevant to your interests. You can withdraw your consent or opt-out at any time.

To conduct research, surveys, and promotions

We may collect your personal data if you voluntarily participate in surveys, forums, research projects, contests, sweepstakes, or promotional activities. This information allows us to understand our customers better and continuously enhance our offerings. Processing in this context is typically based on your consent or our legitimate interest.

To facilitate enterprise services and business development

For potential enterprise customers, we collect and process data such as name, email address, phone number, job title, and company details. This processing is based on our legitimate interest in expanding our business and facilitating enterprise partnerships.

To ensure security and integrity of our platform

We use your personal data to detect, prevent, and investigate security incidents, fraud, and other illegal or unauthorized activities. This processing is necessary for our legitimate interest in maintaining the security and integrity of our services.

To comply with legal obligations

We process personal data to fulfill applicable legal requirements, such as tax obligations, regulatory compliance, reporting to authorities, and responding to legal inquiries or law enforcement requests. This processing is based on our compliance with relevant laws and regulations.

Third-party websites and user-generated content (User Content)

Brizy hosts websites created by our Clients (such as agencies, SaaS providers, and other Users). Any personal data processed by these websites, including data collected from end users, is solely controlled by the respective clients. Brizy does not independently collect or control this data, nor do we set cookies or tracking scripts on these sites. End users should refer to the specific privacy policy of the website they visit for information on their data processing practices.

For How Long Do We Keep Your Personal Data?

We retain your personal data only for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal, regulatory, or contractual obligations, or protect our legal rights.

In general, your personal data will be stored as follows:

Account and User Data: Personal data related to your Brizy account (such as email address, name, contact details, and billing information) will be retained as long as your account remains active, or as necessary to provide you with the requested services. If your account becomes inactive or you request account deletion, we will retain your data for a period up to 3 years after the termination of the account, unless a longer retention period is mandated by law (e.g., for financial, tax, or regulatory reasons).
Payment and Financial Data: Personal data related to payments, transactions, invoicing, and accounting will be retained for as long as required by applicable fiscal, financial, or tax legislation (generally between 5 to 10 years, depending on jurisdiction). After this period, such data will be securely deleted or anonymized.
Marketing and Communications Data: Personal data used for marketing purposes (e.g., newsletter subscriptions, webinar registrations, promotional communications) will be retained until you withdraw your consent, unsubscribe, or request the deletion of your data. Upon withdrawal or unsubscription, your data will be removed from our active marketing databases without undue delay.
Survey, Research, and Promotional Information: Information collected through voluntary participation in surveys, research initiatives, contests, or promotional activities will be retained only as long as necessary for the completion of the activity or campaign, and for an additional period of up to 2 years thereafter, unless you request earlier deletion.
Website and Platform Analytics: Technical data collected automatically through cookies or other analytics tools will be retained for up to 2 years from collection. This data is typically aggregated or anonymized promptly to ensure minimal privacy impact.
Enterprise Sales and Business Development Data: Personal data related to potential enterprise customers, including correspondence, proposals, and sales discussions, will typically be retained for up to 3 years following the last meaningful interaction or until you explicitly request deletion.
Legal and Security Data: We may retain certain personal data for longer periods when required for legal claims, dispute resolution, regulatory compliance, or investigation of fraud and security incidents. Such data will be retained as long as legally necessary to protect Brizy’s legitimate interests.

After the expiry of the relevant retention period, we securely delete or anonymize your personal data to ensure that it cannot be associated with you.

If you have questions about our data retention practices or wish to request deletion or access to your personal data, please contact us at dpo@brizy.io.

Protecting your personal data

Brizy has implemented robust technical and organizational security measures to protect your personal information against accidental loss, unauthorized access, disclosure, alteration, or any other unlawful processing. Your personal data is securely stored within protected networks, accessible only to a limited number of authorized personnel who are required to maintain confidentiality. All sensitive information you provide, especially financial details, is securely transmitted via Secure Socket Layer (SSL) encryption technology. Transactions are exclusively processed by trusted third-party payment gateways, and full payment details are never stored on Brizy’s servers.

To ensure high-level security, Brizy hosts all data on GDPR-compliant cloud servers provided by Amazon Web Services (AWS), a leading global cloud infrastructure provider. For more details about Amazon's data security and compliance practices, please review Amazon's Data Protection Addendum here.

All employees, collaborators, and third-party service providers are bound by confidentiality agreements and data protection obligations, and they access personal data strictly according to their professional responsibilities. Additionally, our internal systems and endpoint devices are secured by password protection, regularly updated antivirus software, anti-spam solutions, firewalls, and secure encryption protocols, ensuring continuous protection of your personal data.

Despite these comprehensive measures, please understand that no online platform or transmission method is completely secure. Should you have any concerns regarding the security of your personal data or if you wish to learn more about our security practices, please contact us at dpo@brizy.io.

Sharing Your Personal Data

We may disclose information about you in the following circumstances:

Vendors

We share information with vendors that perform services on our behalf. These vendors only process personal data as instructed by us and in accordance with applicable data protection laws:

Customer Support Vendors: These vendors help us host our support resources (such as chats, message boards, or forums) and track, manage, and respond to customer inquiries. We may share data such as Customer Account Details and Communication Information to enable them to provide these services effectively.
Sales and Marketing Vendors: These vendors assist us in sending marketing communications, newsletters, and other promotional materials. We may disclose Customer Account Details and Account History Information to facilitate targeted communications and promotional campaigns.
Information Technology Vendors: These vendors (including cloud hosting providers) enable us to operate Brizy’s Services reliably and at scale. We disclose Customer Account Details, Account History Information, Payment Information, and Site Usage Information to them so they can provide essential infrastructure, data hosting, and related IT services.
Safety and Security Vendors: we may use specialized service providers to monitor, detect, and investigate suspicious or fraudulent activities, as well as potential violations of our policies. We share Customer Account Details and Site Usage Information with these vendors to safeguard our Services and users.
Payments Services Vendors: These vendors (such as Stripe or PayPal) enable Brizy to operate payment-related services and functionalities. They may conduct identity or bank verification and help prevent or investigate suspicious or fraudulent behavior. We may disclose Customer Account Details, Payment Services Information, Account History Information, and Site Usage Information with them to facilitate secure transactions and maintain compliance with legal obligations.

Professional Advisors

In limited cases, we may share your information with our professional advisors (e.g., external legal counsel or financial advisors) to ensure compliance with our legal and financial obligations, or to protect our rights and interests. Depending on the circumstances, we may share any of the categories of personal data described in our “Personal Data We Collect” section with these advisors.

Business Partners

We also work with various partners who may receive certain data about you, always subject to appropriate safeguards:

Reseller Business Partners: We partner with entities authorized to resell Brizy’s products on our behalf to Customers. If you purchase a resold Service or request support via a reseller, we may share information, such as Account History Information, to help both the reseller and Brizy address your request or issue.
Online Advertising Partners: We collaborate with advertising platforms to present tailored ads and measure their effectiveness. For example, we may share limited data (like Account History Information or, if you’re a Customer, Site Usage Information) with social media or ad-serving platforms so they can either exclude existing customers from seeing new-customer offers or show relevant ads to users who haven’t yet upgraded their accounts.
Payments Services and Financial Product Partners: Brizy partners with other payment services and financial product providers to help Customers process transactions, receive additional services, or learn about third-party financial offerings. We share relevant Customer Account Details, Payment Services Information, and Account History Information as needed to facilitate these services and product offerings.
Third-Party Plugins and Social Networks: We may disclose information if you use third-party plugins (e.g., social media login) or deliberately interact with a social network. For instance, if you log into your Brizy account with a third-party service, we share the fact that you used that service for authentication.

Process Payments

We transmit your Payment Information to our third-party payment processors through encrypted channels to process transactions. Your payment details are not stored on our servers beyond the limited billing and verification information needed for record-keeping and compliance.

Following the Law or Protecting Rights and Interests

We disclose information if we believe such disclosure is necessary to:

Comply with the law (e.g., in response to lawful requests from government authorities).
Protect our rights, property, or interests.
Prevent fraud or abuse of Brizy, our Customers, or their End Users.
Investigate or prevent criminal or other illegal activities.

Depending on the circumstances, we may share any of the categories of personal data described in our “Personal Data We Collect” section to meet these obligations.

Business Transfers

If Brizy undertakes or is involved in any merger, acquisition, reorganization, sale of assets, or other business transaction, we may disclose personal data as part of the negotiation, due diligence, or completion of such a transaction. In such cases, appropriate measures will be taken to ensure the confidentiality and integrity of the data transferred.

When these third parties act as our data processors, we ensure that data processing agreements are in place under Article 28 of the GDPR (or equivalent obligations in other jurisdictions). These agreements obligate the service providers to protect your personal data and process it solely in accordance with our instructions and applicable legal standards.

Consult our list of approved sub-processors as of March 31, 2025, in Appendix 2.

International Data Transfers

Brizy is a global company, and some of our trusted service providers may be located outside your country of residence. If you are based in the EU, we primarily host data on servers within the EU to comply with GDPR and safeguard your privacy. However, certain providers, including those offering analytics, communication tools, or payment processing services, may store or process personal data in the United States or other locations. In such situations, we ensure the existence of adequate data protection measures, such as the European Commission’s Standard Contractual Clauses (SCCs), relevant adequacy decisions, or similar mechanisms required by local regulations. These measures are in place to protect your personal data and uphold your privacy rights regardless of where the data is processed.

If you have any questions or concerns about data transfers, please contact us at dpo@brizy.io

What Are Your Rights?

Under applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the EU GDPR, you have certain rights regarding your personal data. These rights may vary depending on your jurisdiction, but generally include:

Right of Access: You can ask us to confirm whether we process your personal data. If we do, you have the right to request a copy of the personal data we hold about you. We will also provide information about the purposes of processing, the categories of data processed, any recipients (or categories of recipients) to whom data is disclosed, the envisaged retention period, and your rights concerning your data.
Right to Rectification: If you believe your personal data is inaccurate or incomplete, you may request that we correct or update it. We may verify the accuracy of the data before making any changes.
Right to Erasure (“Right to be Forgotten”): You may request that we delete your personal data in certain circumstances, such as when:

The data is no longer necessary for the purposes for which it was collected.
You have withdrawn your consent and no other legal basis for processing applies.
The data was processed unlawfully.
You have exercised a legal right to object, and there is no overriding legitimate ground for processing.
We have a legal obligation to erase the data.

We are not obliged to comply with all requests for erasure (e.g., when we must retain data to comply with a legal obligation or to establish, exercise, or defend legal claims).

4. Right to Restrict Processing: You can request that we restrict (i.e., store but not further process) your personal data in limited circumstances, for example when:

You contest the accuracy of the data (for a period enabling us to verify it).
The processing is unlawful, but you oppose erasure and request restriction instead.
We no longer need the data for the original purpose, but you require it to establish, exercise, or defend legal claims.
You have objected to processing pending verification of whether we have overriding legitimate grounds.
We may continue to process your data if we have your consent or need it to establish, exercise, or defend legal claims, or to protect the rights of Brizy or another natural or legal person.

5. Right to Data Portability: Where we process your personal data based on your consent or the necessity to perform a contract with you, and the processing is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format. You can also request that we transfer your data directly to another data controller where technically feasible.

6. Right to Object You have the right to object to the processing of your personal data when it is based on our legitimate interests or those of a third party, if you believe your fundamental rights and freedoms outweigh those interests. You can also object to direct marketing at any time by using the “unsubscribe” link in such communications or contacting us.

7. Right Not to be Subject to Automated Decisions: You may request not to be subject to decisions based solely on automated processing (including profiling) which produce legal or similarly significant effects on you. This right does not apply if:

The automated decision is necessary for entering into or performing a contract with you.
It is authorized by law and safeguards are in place to protect your rights and freedoms.
It is based on your explicit consent.

8. Right to Lodge a Complaint

With Brizy:

If you have any concerns or complaints regarding the processing of your personal data, we encourage you to contact us first at dpo@brizy.io. We will do our best to investigate and address your concerns promptly.

Alternatively, you can contact us by post at:

ProWebCraft LTD: 71-75 Shelton Street, Covent Garden, WC2H 9JQ, London, United Kingdom

However, please note that given the global reach of our app, we strongly recommend that you contact us by email. We cannot guarantee the arrival on time by post. If you, however, choose to submit a request through the mail, we recommend that you mail your request with confirmation of receipt.

We will consider and act upon any request in accordance with applicable data protection laws.

With the ICO (UK):

If you are located in the United Kingdom and feel that we have not adequately resolved your complaint or concern, you have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner’s Office (ICO):

Website: https://ico.org.uk/
Helpline: +44 (0)303 123 1113
With Other Data Protection Authorities (EU/EEA):
. If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

We aim to respond to any valid request relating to your rights within one month, or within two months if the request is complex or if you have made multiple requests. In such cases, we will let you know about the delay and provide an explanation. You may also send your request by post if needed:

For any questions or concerns about this Privacy Policy or how we manage your personal data, please contact us at dpo@brizy.io.

Opting out of promotional communications

You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us at dpo@brizy.io. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.

Links to Other Websites

Our services may include links to third-party websites, mobile applications, or social media platforms. Brizy does not control and is not responsible for the content, accuracy, or practices of any third-party websites or materials accessible through such links. Any interactions with these external sites are governed by their own privacy policies and terms of service, and we encourage you to review them carefully before engaging in any transaction or providing personal data. We disclaim all responsibility and liability for your use of or access to any external websites. If you have difficulty locating a third party’s privacy policy, please contact them directly for more information or reach out to us at dpo@brizy.io for assistance.

Applicable Law

Unless otherwise required by local law, this Privacy Policy, and any dispute or claim arising from or related to its subject matter, shall be governed by and interpreted in accordance with the laws of the United Kingdom. You agree to submit to the exclusive jurisdiction of the state or federal courts located in the United Kingdom, with respect to any matter arising out of or relating to this Privacy Policy or the processing of your personal data.

Updates to This Notice

We reserve the right to update this Privacy Policy from time to time. The most current version of this Policy will be posted on our website under the “Last Updated” date. Any material changes will become effective as soon as they are posted, and we may also provide notice of significant updates via email or directly within our services. We encourage you to review this Privacy Policy regularly to stay informed about how we are protecting your information.

Contact us

We welcome any questions, comments, or concerns you may have about this Privacy Policy or our data processing practices. Please contact us at:

Email: dpo@brizy.io

Mailing Address: ProWebCraft LTD

71-75 Shelton Street, Covent Garden, WC2H 9JQ

London, United Kingdom

We will make every effort to address and resolve any issues promptly and professionally.

Appendix 1: State and Regional Privacy Rights

Certain jurisdictions provide individuals with specific rights regarding their personal data. Brizy respects and complies with these legal obligations. If you reside in one of the regions listed below, you may have additional rights under applicable data protection laws.

A. United States – State Privacy Laws

California (CCPA/CPRA)

Under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), California residents have the following rights (subject to applicable legal limitations):

The right to know the categories of personal information we collect and disclose.
The right to access specific pieces of personal information collected about you.
The right to request deletion of your personal information.
The right to correct inaccurate personal information.
The right to opt out of the “sale” or “sharing” of personal information (as defined under the CPRA).
The right to limit the use of sensitive personal information.

We do not knowingly Sell or Share the personal information of children under 16.

You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Brizy does not discriminate against California Residents for exercising their rights.

Brizy does not sell your personal information in exchange for monetary value. However, we may use third-party analytics or advertising services that could be considered a “sale” or “sharing” under the CPRA. You may exercise your rights by contacting us at dpo@brizy.io.

Nevada

Nevada residents have the right to opt out of the sale of certain personal information as defined under Nevada Revised Statutes Chapter 603A. Brizy does not currently sell personal information as defined under Nevada law. However, you may submit a request to opt out by emailing dpo@brizy.io.

Virginia (VCDPA)

Virginia residents have the following rights under the Virginia Consumer Data Protection Act (VCDPA):

The right to access and confirm personal data processed by Brizy.
The right to correct inaccuracies in your personal data.
The right to request deletion of your personal data.
The right to obtain a copy of your data in a portable format.
The right to opt out of targeted advertising, profiling, and the sale of personal data.

To exercise your rights, please contact dpo@brizy.io.

Appendix 2: List of sub-processors

Third-party	Purpose	Entity Location
1Password	Password management and secure storage	United States, Canada, & the EU
aMember	Membership and subscription management platform	USA (assumed)
AWS	Cloud infrastructure and hosting services	Global (notably USA, Europe, Asia-Pacific)
Brevo	Email marketing and CRM	France (headquarters), European Union
Close	Sales CRM and lead management	USA
Customer.io	Customer engagement and marketing automation platform	USA
Dext	Expense management and receipt processing	United Kingdom
DigitalOcean	Cloud hosting and virtual servers	USA, Netherlands, Germany, Singapore, India, Australia, Canada
Discord	Internal communication and collaboration	USA
Docker	Containerization and software deployment	USA
Figma	Design and prototyping collaboration	USA
Fusion Consulting SRL	Externalized development, maintenance, and operations	Republic of Moldova
GitHub	Code hosting, version control, and collaboration	USA
Google Analytics	Website traffic analytics and user behavior tracking	USA
Jumpshare	File sharing, collaboration, and quick media capture	USA
Miro	Collaborative online whiteboarding and visual workspace	USA
Notion	Project management and knowledge management	USA
Paddle	Payment processing and subscription management	USA and Europe
Slack	Team communication and collaboration	USA
Stripe	Payment processing and financial transaction management	North America, Europe, and Asia-Pacific
OpenAI	AI Content Generation	USA
Xero	Accounting software and financial management	New Zealand, USA
Zendesk	Customer service and support platform	USA, Europe, Asia-Pacific
Clarity	Analytics alternative to Google Analytics	USA
Piwik PRO	Analytics alternative to Google Analytics	Europe (Poland HQ)
YouTube	Posting and sharing video content	USA
Facebook	Social media marketing	USA, Europe, and Asia
Instagram	Social media marketing	USA
LinkedIn	Professional networking and advertising	USA
Google Ads	Creation of targeted advertisements	USA
ChartMogul	Financial reporting and analytics	Germany
ChurnBuster.io	Cart recovery and abandoned checkout management	USA
Ahrefs	SEO tool	Singapore
BunnyCDN	Content delivery network (CDN)	Slovenia
DocuSign	Digital signing of documents	USA
Namecheap	SSL certificates and domain registration	USA
Sentry	Error tracking and analytics	USA
Sucuri.net	Website security and Web Application Firewall (WAF)	USA
Typeform	Online forms and surveys	Spain
UptimeRobot	Service monitoring	USA and Europe
Wise	Payments and international transfers	Europe, Asia-Pacific, and the USA