VIV-Z
Legal

Privacy Policy

Last updated: May 2026

1. Introduction

VIV-Z ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains what personal data we collect when you enquire about or use our website design and hosting service, how we use it, and your rights regarding that data.

2. Data We Collect

2a. Enquiry and onboarding data

When you submit a website enquiry or sign up, we collect:

  • Full name and email address
  • Phone number (optional)
  • Business name and business type
  • Website style preferences and any brief or notes you provide
  • Existing website URL (if applicable)

2b. Subscription and billing data

  • Billing email address
  • Payment records (processed by Stripe — VIV-Z does not store card details)
  • Subscription status and billing history

2c. Website content data

  • Text, images, logos, and other content you supply for your website
  • Domain name and any domain connection details

2d. Usage data

  • Log data (IP address, browser type, pages visited on viv-z.com)
  • Cookies used for session management and authentication

3. How We Use Your Data

  • Delivering the Service: Designing and building your website, connecting your domain, and keeping your site hosted and online.
  • Billing: Processing your monthly hosting subscription via Stripe and managing your account.
  • Communications: Sending design previews, revision updates, subscription receipts, and support responses. We do not send marketing emails without your explicit consent.
  • Security: Detecting and preventing fraud and unauthorised access.
  • Service improvements: Analysing aggregated, anonymised usage data to improve our offering.

4. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract: Processing necessary to deliver the Service you have requested.
  • Legitimate interests: Fraud prevention, service security, and improving our offering.
  • Legal obligation: Retaining financial records as required by law.

5. Data Sharing

We do not sell your personal data. We share data only with trusted third-party processors required to deliver the Service:

  • Stripe: Payment processing for your hosting subscription, under their Privacy Policy.
  • Vercel: Cloud infrastructure provider that hosts your website and our platform.
  • Resend: Email delivery service for notifications and communications.
  • Neon: Database infrastructure provider (data processed under a Data Processing Agreement).
  • Clerk: Authentication provider for account sign-in and management.

All third-party processors are contractually required to handle your data securely and only for the purposes of providing their service to us.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you cancel, we will delete your personal data within 90 days, except where we are required to retain it by law (e.g. financial records, which are kept for 7 years under UK tax law).

Enquiry data from visitors who do not proceed to a subscription is retained for up to 12 months, after which it is deleted.

7. Your Rights

Under UK GDPR, you have the following rights:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete personal data
  • Request deletion of your personal data ("right to be forgotten")
  • Object to or restrict our processing of your data
  • Data portability — receive your data in a machine-readable format
  • Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at hello@viv-z.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. Cookies

We use cookies strictly for authentication (session tokens) and security on viv-z.com. We do not use tracking, analytics, or advertising cookies. Disabling cookies in your browser will prevent you from staying signed in to your account.

9. Security

We implement industry-standard security measures including encrypted data transmission (TLS), encrypted database storage, and strict access controls. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Service is intended for businesses and is not directed at individuals under 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes acceptance.

12. Contact Us

For privacy-related questions or to exercise your rights, contact us at hello@viv-z.com.