Privacy Policy
Last updated: March 1, 2026
1. Introduction
Widgets PRO B.V. ("Widgets PRO", "we", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you use the Widgets PRO platform and related services ("Service"). This policy applies to all users of our web, mobile, TV, automotive, and VR applications.
2. Data Controller
Widgets PRO B.V., registered at Keizersgracht 520, 1017 EK Amsterdam, Netherlands, is the data controller for personal data processed through the Service. For data protection inquiries, contact our Data Protection Officer at [email protected].
3. Data We Collect
We collect data you provide directly: name, email address, billing information, and profile details when you create an account. We collect usage data automatically: IP address, browser type, device information, pages visited, features used, dashboard interactions, and performance metrics. We collect data from integrations: when you connect third-party data sources via MCP or other integrations, we process connection metadata but do not access the underlying data beyond what is necessary to render your dashboards.
4. How We Use Your Data
We use your data to: (a) provide, maintain, and improve the Service; (b) process payments and manage subscriptions; © send transactional communications (account confirmations, security alerts, billing receipts); (d) provide customer support; (e) analyze usage patterns to improve performance and user experience; (f) detect and prevent fraud, abuse, and security incidents; (g) comply with legal obligations. We do not sell your personal data to third parties. We do not use your dashboard content or data for advertising purposes.
5. Legal Basis for Processing (GDPR)
We process your data under the following legal bases: (a) Contract performance — to provide the Service you signed up for; (b) Legitimate interest — to improve the Service, ensure security, and prevent fraud; © Legal obligation — to comply with tax, accounting, and regulatory requirements; (d) Consent — for optional marketing communications, which you can withdraw at any time.
6. Data Sharing
We share data with: (a) Payment processors (Stripe) to handle billing; (b) Cloud infrastructure providers (for hosting and data storage); © Analytics services (anonymized usage data only); (d) Law enforcement when required by law or valid legal process. All third-party processors are bound by data processing agreements. We do not share your data with advertisers or data brokers.
7. Data Storage and Security
Your data is stored in EU-based data centers. We implement industry-standard security measures including: encryption at rest (AES-256) and in transit (TLS 1.3), regular security audits, access controls based on the principle of least privilege, automated threat detection, and incident response procedures. Despite our efforts, no method of transmission or storage is 100% secure.
8. Data Retention
We retain your account data for the duration of your account plus 30 days after deletion. Billing records are retained for 7 years as required by tax law. Usage analytics are anonymized after 24 months. Backups are retained for 90 days. You may request earlier deletion subject to legal retention requirements.
9. Your Rights
Under GDPR and applicable privacy laws, you have the right to: (a) Access your personal data; (b) Rectify inaccurate data; (c) Erase your data ("right to be forgotten"); (d) Restrict processing; (e) Data portability — receive your data in a structured, machine-readable format; (f) Object to processing based on legitimate interest; (g) Withdraw consent at any time; (h) Lodge a complaint with a supervisory authority. To exercise these rights, contact [email protected]. We will respond within 30 days.
11. International Transfers
Your data is primarily processed within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.
12. Children's Privacy
The Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us at [email protected] and we will delete it promptly.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service at least 30 days before they take effect. The "Last updated" date at the top of this policy indicates when it was last revised.
14. Contact
For privacy-related questions or requests, contact us at [email protected] or write to Widgets PRO B.V., Attn: Data Protection Officer, Keizersgracht 520, 1017 EK Amsterdam, Netherlands. You may also contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at https://autoriteitpersoonsgegevens.nl.