Legal

Privacy Policy

Last updated: 1 April 2026

WEDC ("we," "us," "our") is committed to protecting your personal information. This Privacy Policy explains what data we collect, why we collect it, how we use and share it, and what rights you have in relation to your data. It applies to all interactions with the WEDC platform at wedc.app and associated services.

If you have questions about this policy or wish to exercise your rights, contact our Data Protection Officer at privacy@wedc.app.

1. Information We Collect

Account information. When you create a WEDC account, we collect your email address and a username of your choice. We do not require a legal name or postal address.

Payment information. WEDC does not directly collect or store payment card details. All payment processing is handled by Paddle.com Inc., our Merchant of Record. Paddle provides us with limited transactional metadata — subscription tier, billing country, and transaction status — sufficient to manage your membership. We never have access to your full card number, CVV, or bank account details.

Usage data. We collect pseudonymised usage analytics: pages visited within the Platform, content items accessed, download events (utility application name and version, not file contents), and error reports. This data is collected without third-party tracking scripts; we operate our own first-party analytics.

Support communications. If you contact us by email, we retain the content of that correspondence to assist with your query and to improve our support quality.

Technical data. Our hosting infrastructure (Cloudflare Workers) may log standard HTTP request metadata — IP address, user agent, request path, and response status — for security and performance monitoring. These logs are retained for up to 30 days.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service delivery: To provision your membership, authenticate your account, and deliver access to member content and utility downloads.
  • Billing management: To verify subscription status with Paddle, apply the correct access tier, and notify you of subscription events (renewal, expiry, payment issues).
  • Product improvement: To understand which content areas are most valuable to members and to prioritise the development roadmap.
  • Communications: To send essential service notifications (subscription confirmations, changes to Terms, security alerts) and, if you opt in, a weekly digest of new content additions. You can unsubscribe from digest emails at any time.
  • Security and fraud prevention: To detect and respond to abuse, unauthorized access, or suspicious activity on the Platform.
  • Legal compliance: To fulfil our obligations under applicable law, including responding to lawful data requests from public authorities.

We do not use your data to make automated decisions that produce legal or similarly significant effects on you.

3. How We Share Your Information

We do not sell your personal data. We share information only in the following limited circumstances:

  • Paddle.com Inc.: As our Merchant of Record, Paddle receives your email address and payment information when you subscribe. Paddle's use of your data is governed by its own Privacy Policy.
  • Infrastructure providers: WEDC is hosted on Cloudflare's edge network. HTTP request metadata may pass through Cloudflare's infrastructure in the course of routing and security filtering. Cloudflare's privacy practices are described in its Privacy Policy.
  • Legal requirements: We may disclose data where required by law, court order, or legitimate governmental authority, and where we are legally permitted to notify you of such disclosure, we will do so.
  • Business transfers: In the event of a merger, acquisition, or sale of WEDC's assets, member data may be transferred to the acquiring entity, subject to the same privacy protections described herein. We will notify you of any such transfer.

4. Data Retention

Active members. We retain your account data (email, usage history, support history) for the duration of your active subscription.

After cancellation. Following subscription cancellation, we retain your account data for thirty (30) days to allow for account reactivation or refund processing. After this period, account data is deleted from our active systems. Pseudonymised usage analytics may be retained in aggregated form indefinitely.

Support correspondence. Email correspondence is retained for up to twelve (12) months after the issue is resolved, unless a longer retention period is required by law.

Infrastructure logs. HTTP access logs are retained for a maximum of thirty (30) days.

5. Cookies & Analytics

WEDC uses a minimal, first-party analytics approach. We do not use Google Analytics, Meta Pixel, or any other third-party advertising or tracking service.

Essential cookies. We set a session cookie to maintain your authenticated state. This cookie is strictly necessary for the Platform to function and cannot be disabled for logged-in members.

Analytics. We operate lightweight, privacy-preserving analytics that count page views and navigation paths without tracking individuals across sessions or across other websites. No persistent identifiers are used for analytics purposes.

You can disable cookies in your browser; however, doing so will prevent you from accessing authenticated member content.

6. International Data Transfers

WEDC's infrastructure operates on Cloudflare's global edge network, which means your data may be processed in data centres outside your country of residence — including the United States and the European Economic Area (EEA).

Where personal data of EEA residents is transferred to countries that the European Commission has not deemed to provide an adequate level of protection, we rely on appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission. A copy of the applicable SCCs is available upon request at privacy@wedc.app.

7. Your Rights

Depending on your location, you may have the following rights in relation to your personal data:

  • Right of access: To obtain a copy of the personal data we hold about you.
  • Right of rectification: To have inaccurate personal data corrected.
  • Right to erasure ("right to be forgotten"): To request deletion of your personal data, subject to our legal retention obligations.
  • Right to data portability: To receive your personal data in a structured, machine-readable format.
  • Right to restrict processing: To request that we limit the use of your personal data in certain circumstances.
  • Right to object: To object to processing of your personal data where we rely on legitimate interests as our legal basis.
  • Right to withdraw consent: Where processing is based on your consent, to withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.

California residents may also exercise rights under the California Consumer Privacy Act (CCPA), including the right to know, the right to delete, and the right to opt out of "sale" of personal information. WEDC does not sell personal information.

To exercise any of these rights, contact privacy@wedc.app. We will respond within thirty (30) days. We may need to verify your identity before processing your request.

8. Children's Privacy

The WEDC Platform is not directed at individuals under the age of 18. We do not knowingly collect personal information from anyone under 18. If we become aware that we have collected personal information from a minor without verifiable parental consent, we will delete that information promptly. If you believe we have inadvertently collected data from a minor, contact privacy@wedc.app.

9. Security

We implement reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These measures include:

  • TLS encryption for all data in transit.
  • Secure credential hashing using modern algorithms (bcrypt or Argon2).
  • Access controls limiting data access to authorised personnel on a need-to-know basis.
  • Regular review of our security practices.

No system is completely secure. While we work hard to protect your data, we cannot guarantee absolute security against all threats. In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by applicable law.

10. Updates to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated to registered members by email at least fourteen (14) days before taking effect. The "Last updated" date at the top of this page reflects the most recent revision. We encourage you to review this Policy periodically.

11. Contact

For privacy-related enquiries, data subject requests, or to reach our Data Protection Officer:

WEDC Data Protection Officer
Email: privacy@wedc.app

For general support: support@wedc.app