What is GDPR?

The General Data Protection Regulation (GDPR) - which came into force on May 25th, 2018 - aims to protect the fundamental right to privacy and the protection of the personal data of European Union (EU) citizens. 

This regulation affects any entity (including websites) that processes EU citizens' personal data. Whether or not it is located in the EU; if we have EU site visitors or, if our marketing campaigns target EU citizens, this affects us. 

Transparency and communication with our site-visitors are key elements of the GDPR. As part of the regulation, we let our site-visitors know how we collect, store and use their data - in a clear and transparent way. In addition, we comply with site-visitors' requests to receive a copy of their data that is processed on our site.

A privacy policy is a statement that discloses the ways in which our website gathers, uses, discloses and manages our site-visitors' data. We maintain a clear and comprehensive privacy policy for our website, in accordance with both GDPR and local privacy regulations.

 

About Data Storage and Data Transfers
This site is produced through Wix, which can store our site-visitors' data in a number of locations. Personal information may be stored in data centers located in the United States of America, Ireland, South Korea, Taiwan and Israel. Wix may use other jurisdictions as necessary for the proper delivery of their services and/or as may be required by law. Wix is a global company that respects the laws of the jurisdictions it operates within. The processing of the User Customer Data may take place within the territory of the European Union, Israel or a third country, territory, or one or more specified sectors within that third country, of which, the European Commission has decided that it ensures an adequate level of protection (transfer on the basis of an adequacy decision). 

Important:
Any transfer to a third country, outside the European Union, that does not ensure an adequate level of protection according to the European Commission, will be undertaken in accordance with the Standard Contractual Clauses (2010/87/EU) set out in Appendix 1 of the Wix Data Processing Agreement (DPA) 
The security of sensitive data is of extreme importance to Wix and they are 100% committed to data protection. 

About Cookies and Cookie Banners
GDPR requires that we get affirmative consent from site visitors before placing non-essential cookies (and similar technologies) on their device.
In general, the cookies which are initially placed on our Wix website may be categorized as essential cookies: security, anti-fraud, and other purposes related to the specific functionality of our service. 
However, the platform gives ability to add multiple components, codes, third-party applications...and so on. These apps and integrations make it possible that our website will include other types of cookies which might require affirmative GDPR consent. 

With a cookie banner, our visitors can give their consent to non-essential cookies to be placed on their device.

 

Request Consent to Process Your Site Visitors’ Data
GDPR establishes ways in which we can lawfully process our site-visitors’ data. Requesting site-visitors’ consent is just one of the ways to lawfully process data. 

 

Marketing Campaigns
Email marketing campaigns require consent from our site-visitors. Consent to receive marketing campaigns can be interpreted and applied in different ways on our site. For example, we add a disclaimer next to our 'Subscribe' button informing our site-visitors that clicking the button will subscribe them to our marketing campaigns. This is called 'implied consent'. 

While it is not obligatory under GDPR when sending marketing emails to our existing customers, we may request 'explicit consent' from our site-visitors before sending them any marketing material. In many cases, this can be accomplished by ticking the checkbox next to your 'Subscribe' button, obliging our site-visitors to check-the-box to confirm consent before subscribing. 

 

Third Party Apps
As part of the GDPR, we are responsible for any third-party apps or services implemented on our site. These services can include data analytics tools (e.g. Google Analytics, Facebook pixel...et cetera). 
While reviewing our Wix site for GDPR compliance, we make sure that these apps and services are also GDPR compliant. 

 

​